I'm trying to create dynamic accession rights to roles in forum. My problem is that I don't seem to find any help for how to use Zend Framework 2 ACL except Zend's own APi.
In my project, user's are able to create new subforum in forum and in other subforums.
e.g Forum -> some_subforum->also_has_subForum. Each subforum should have it's own accession rights
e.g forum has two subforums and we have two roles, admin and user, one subforum is visible for both roles but the other one is visible only to users with admin rights.
And the best part comes here: When admin is creating new subforum he/she can give specified rights to each role (admin can also create new roles, so I cant hard-code that either) like read, read and write, modify or no access rights to this subforum. And this is my source of problems. I know that I can use AcL's Assertions for this(?) but I don't understand how to call it while I'm also using BjyAuthorize and it tells me to define assertions using service manager, but no tips of how.
When using assertions I imagine that I can (somehow) tell this assertion class who is needing accession to subforum, what roles do he/she have and then assertion combares those to db values and return true if user has those rights. In db table I have stored values subdomain_id, role_id and forum_permission (e.g read).
So in short:
You need to set up an assertion class ("implements Zend_Acl_Assert_Interface"), a resource class ("implements Zend_Acl_Resource_Interface"), and a role class ("implements Zend_Acl_Role_Interface").
example:
$acl->allow('user', 'resource', 'read', new Forum_Assertion());
Then when you call isAllowed with your user and your resource, your assertion code will know who the user is, what the resource (forum) is, and what they permission the user is asking for.
example:
if ($this->acl->isAllowed($this->theUser, $this->theForum, 'read'))...