I want to allow resource to role using ACL in Zend framework
I have modules privileges and account.
privileges module has users and privilege controllers. each controller has index, view and edit actions.
How can I grant action aresource to role? The problem I face that I can grant access to whole module but I can't give access to specific action in controller..
$this->addRole(new Zend_Acl_Role('admin'));
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privileges-privilege'))
->add(new Zend_Acl_Resource('privileges-users'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('default'));
$this->deny('admin'); //deny every thing
$this->allow('admin', 'account');
$this->allow('admin', 'privileges-privilege' , array('index','view','edit'));
and also I make another way
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privilege'), 'privileges')
->add(new Zend_Acl_Resource('Privilege'),array('index','view','edit'))
->add(new Zend_Acl_Resource('users', 'privileges'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('account:account'), 'account')
->add(new Zend_Acl_Resource('default'));
$this->deny('admin'); //deny every thing
$this->allow('admin', 'account');
$this->allow('admin', 'Privilege', array('index','view','edit'));
but it doesn't work, making both ways cause the same problem, which not granting any access to privilege module! and just allow account module..
I make it, I make concatenation between module and controller, I make like this
moduleName-ControllerName .
I pass role and the concatenated module and controller as resources and action is the privilege.
if (!$this->_acl->isAllowed($role, $request->getModuleName() . '-' . $request->getControllerName(), $request->getActionName())) {
$request->setModuleName('account')
->setControllerName('account')
->setActionName('error');
return false;
}
and here how I add the resources
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privileges-privilege'))
->add(new Zend_Acl_Resource('privileges-users'))
->add(new Zend_Acl_Resource('privileges-index'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('account-account'))
->add(new Zend_Acl_Resource('default'))
->add(new Zend_Acl_Resource('error'))
->add(new Zend_Acl_Resource('default-index'));
// $this->allow('admin'); //allow every thing
$this->allow('admin', 'account-account');
$this->allow('admin', 'default');
$this->allow('admin', 'default-index');
$this->allow('admin', 'privileges-users', array('index','add-User','get-Group-Users'));
$this->allow('admin', 'privileges-index', 'index');
$this->allow('admin', 'privileges-privilege', array('index', 'get-privileges', 'update-privileges','get-User-Privileges','get-Group-Privileges'));