Issue Type: Improvement Created: 2009-03-06T10:24:06.000+0000 Last Updated: 2009-04-14T12:43:52.000+0000 Status: Resolved Fix version(s): - 1.8.0 (30/Apr/09)
Reporter: Kevin McArthur (kevin) Assignee: Ralph Schindler (ralph) Tags: - Zend_Auth
Related issues: Attachments:
Currently the underling DB Select object used for db-table auth is not exposed through a getter method.
Suggest changing:
$dbSelect = $this->_zendDb->select();
To $dbSelect = $this->getSelect();
and adding a getSelect public method.
Purpose: to add additional clauses/predicates to the authentication -- eg an enabled true/false.
Posted by Ralph Schindler (ralph) on 2009-03-06T10:44:31.000+0000
Can you add the proposed use case code?
Posted by Kevin McArthur (kevin) on 2009-03-06T10:59:26.000+0000
<pre class="highlight">
$adapter = new Zend_Auth_Adapter_DbTable(
$db,
'users',
'username',
'password',
'md5(?)'
);
$adapter->setIdentity($params->username)
->setCredential($params->password);
$adapter->getSelect()->where('enabled = ?', true);
Posted by Ralph Schindler (ralph) on 2009-04-14T09:15:55.000+0000
Added in r14892 to trunk
Posted by Ralph Schindler (ralph) on 2009-04-14T12:33:11.000+0000
The added method name is getPreauthenticationDbSelect(), its been asked to shorten it to getDbSelect(), ... there are a couple of reasons for the length and conciseness of name: * this method name spells out that the select object is provided pre-authentication time and will not contain any of the identity and credential information * on subsequent retrieval of this object (Even after an authenticate() call), the object will retain the same state that it had prior to any of the previous authenticate() calls * this method is considered advanced usage, and developers should fully understand it before using it. the longevity of the name is an attempt at discouraging "drive-by" usage.
Posted by Matthew Weier O'Phinney (matthew) on 2009-04-14T12:43:47.000+0000
Why not "getDbAuthSelect()"?