View Source

<ac:macro ac:name="unmigrated-inline-wiki-markup"><ac:plain-text-body><![CDATA[{zone-template-instance:ZFPROP:Proposal Zone Template}

{zone-data:component-name}
Zend_Application_Resource_Acl
{zone-data}

{zone-data:proposer-list}
[Benoît Durand|mailto:noreply@zend.com]
{zone-data}

{zone-data:liaison}
TBD
{zone-data}

{zone-data:revision}
1.0 - 1 May 2010: Initial Draft.
{zone-data}

{zone-data:overview}
Zend_Application_Resource_Acl is a resource plugin.
{zone-data}

{zone-data:references}
* [#ZF-8501|http://framework.zend.com/issues/browse/ZF-8501]
* [Zend_Acl|http://framework.zend.com/wiki/display/ZFDEV/Zend_Acl]
{zone-data}

{zone-data:requirements}
* This component *will* allow to define roles, resources, and rules from configuration file.
* This component *will* allow to define a custom class for ACL.
{zone-data}

{zone-data:dependencies}
* Zend_Application_Resource_ResourceAbstract
* Zend_Application_Resource_Exception
* Zend_Acl
{zone-data}

{zone-data:operation}
The component will work like other resource plugins.
{zone-data}

{zone-data:milestones}
* Milestone 1: [design notes will be published here|http://framework.zend.com/wiki/x/sg]
* Milestone 2: Working prototype checked into the incubator supporting use cases #1, #2, ...
* Milestone 3: Working prototype checked into the incubator supporting use cases #3 and #4.
* Milestone 4: Unit tests exist, work, and are checked into SVN.
* Milestone 5: Initial documentation exists.
{zone-data}

{zone-data:class-list}
* Zend_Application_Resource_Acl
{zone-data}

{zone-data:use-cases}

||UC-01||
*Define roles, resources, and rules in the application configuration*
 
resources.acl.storage.registry.enabled = true

resources.acl.roles.guest.id = "guest"
resources.acl.roles.member.id = "member"
resources.acl.roles.member.parents[] = "guest"

resources.acl.resources.post.id = "post"
resources.acl.resources.subject.id = "subject"
resources.acl.resources.subject.parent = "post"
resources.acl.resources.foo.id = "mvc:index.index"

resources.acl.resources.post.allow.read.roles = "guest"
resources.acl.resources.post.allow.create.roles = "member"
resources.acl.resources.post.allow.edit.roles = "member"
resources.acl.resources.subject.denied.delete.roles = "member"

 
||UC-02||
*Use your own class to define ACL*

 
resources.acl.storage.registry.enabled = true
resources.acl.class = "MyCustomAcl"
{zone-data}

{zone-data:skeletons}
{code}
class Zend_Application_Resource_Acl extends Zend_Application_Resource_ResourceAbstract
{
    /**
     * Defined by Zend_Application_Resource_Resource
     *
     * @return Zend_Acl
     */
    public function init() {}

    /**
     * Returns acl object
     *
     * @return Zend_Acl
     * @throws Zend_Application_Resource_Exception
     */
    public function getAcl() {}

    /**
     * Stores acl in registry or acl controller plugin
     *
     * @return Zend_Application_Resource_Acl
     */
    public function store() {}

    /**
     * Stores acl in the acl controller plugin
     *
     * @return void
     */
    protected function _storePlugin() {}

    /**
     * Stores acl in the registry
     *
     * @return void
     */
    protected function _storeRegistry() {}

    /**
     * Imports data acl (roles, resources, and rules)
     *
     * @return void
     */
    protected function _importDataAcl() {}

    /**
     * @param array $roles
     * @return void
     */
    protected function _setRoles($roles) {}

    /**
     * @param array $resources
     * @return void
     */
    protected function _setResources($resources) {}
}
{code}
{zone-data}

{zone-template-instance}]]></ac:plain-text-body></ac:macro>