Zend Framework: Can you do ACL without the plugins directory?

Question

I am having trouble understanding the rules to ACL in ZF and the docs aren't clear. I am using a common Zend library for all websites. So far no problem but now every demo or example says that you should place the ACL class (acl.php) in the libraries directory as a plugin. Zend/Library/My/Controller/Plugin/.

I don't want to do this because it defeats the purpose for sharing a common framework directory.

Has anyone done or have any ideas about how to accomplish ACL using individual acl.php class files for each website/web application?

Thanks

Answer 1

You don't have to place the acl.php in the libraries directory as a plugin. The autoloader will load the class just fine, the trick to Zend_Acl is just priming an instance of the class with your roles and resources.

It's been a little while since I touched Zend Framwork but I'll try to steer you in the right direction.

1. In your bootstrap, create the Zend_Acl object

   $acl = new Zend_Acl(); //see documentation on how to add roles and resources

2. Now create a Plugin folder inside your Controller directory, this will allow you authenticate with your acl.

3. Inside there create new class that extends Zend_Controller_Plugin_Abstract give it the correct class name to be picked up by the autoloader.

4. Store the acl you create in the registry and in your plugin override the preDispatch method, from here you have access to the request and the acl (from the zend registry) you can validate as needed. (Some people have controller/action as resources others models. It's quite freeform.

5. Register your plugin with the front controller.

   $frontController->registerPlugin(new My_Controller_Plugin_Acl());

This is probably what the other tutorials are suggesting (or variants of this), it can just be a little confusing sometimes.

Answer 2

You should never add files to your Zend library directory - do you have any links to tutorials recommending this? The files should either go in the library directory under your application's namespace, giving you a structure like:

application/
library/
    Zend/
        (ZF files)
    Foo/
        Controller/
            Plugin/
                ...

or in application/plugins, application/controller/helpers or somewhere else depending on the approach you are taking.

Edit: it sounds like a controller plugin is what the tutorial is recommending, in which case you'll want a class like Yourapp_Plugin_Acl (replace 'Yourapp' with your app's namespace) which would live at application/plugins/Acl.php.