ZF-11868: Zend_Acl Resource to Privilege problem


I have this ACL situation bellow.

        $acl = new Zend_Acl();
        $acl->addRole(new Zend_Acl_Role('john'));
        $acl->addResource(new Zend_Acl_Resource('car'));
        $acl->allow('john', 'car');
        $acl->allow('john', 'car', 'clean');
        $this->assertTrue($acl->isAllowed('john', 'car')); // resolves: true
        // john cannot drive
        $acl->deny('john', 'car', 'drive');
        // why is this resolving to FALSE?
        // expects to be TRUE because we only denied to DRIVE permission and not the whole resource
        $this->assertTrue($acl->isAllowed('john', 'car')); // resolves: false

My expectation is since we are only denying the specific "drive" permission to user john's resource car why is the acl returning false we I do a check on isAllowed('john', 'car'). I am expecting since i targeted the privilege "drive" that the top level resource will still be true.


any comments at all? been here for awhile


I comment from line 975 to line 979 and it's work correctly. Why browse byPrivilegeId in allMethodPrivilege?