You are viewing an old version of this page. View the current version.
Compare with Current |
View Page History
<ac:macro ac:name="unmigrated-inline-wiki-markup"><ac:plain-text-body><![CDATA[
Zend_RBAC is a compunent used to determine if a user has access to a resource.Zend Framework: Zend_RBAC Component Proposal
Proposed Component Name
Zend_RBAC
Developer Notes
http://framework.zend.com/wiki/display/ZFDEV/Zend_RBAC
Proposers
Dolf Schimmel (Freeaqingme)
Zend Liaison
TBD
Revision
0.5 - 17 December 1909: Initial Draft. (wiki revision: 5)
Table of Contents
1. Overview
2. References
3. Component Requirements, Constraints, and Acceptance Criteria
- A user CAN be member of one or more roles
- A role CAN be the parent of one or more other roles
- An object CAN be assigned to one or more roles
- If a user is member of a role (or any of the role's childs) to which the
requested object was assigned, the user MUST be allowed access. Otherwise, MUST NOT.
4. Dependencies on Other Framework Components
Soft;
- Zend_Exception
Optional:
- Zend_Db
5. Theory of Operation
Zend_RBAC is a component that can be used to determine whether a subject (user) that has one or more roles, has access to a certain resource, after you have defined the available resources, roles and users. One does only allow (not disallow) roles access to resources, assign users to roles, and determine if any roles inherit from other roles.
Following example based on [1]:
Interns can do everything a healer can do
Doctors can do everything an intern can
Healers have access to object 1 & 2 only
Interns have access to object 1, 2, 3 & 4 only
Doctors have access to object 1, 2, 3, 4, 5 & 6 only
6. Milestones / Tasks
7. Class Index
- Zend_Rbac
- Zend_Rbac_Subject
- Zend_Rbac_Role
- Zend_Rbac_Resource
- Zend_Rbac_Adapter_DbTable
- Zend_Rbac_Assert_?
- More_To_Come?
8. Use Cases
| UC-01 |
|---|
The following code implements the given scenario under 'operation'