Friends,
I found this write up interesting on the subject. There are multiple ways we can create users in ZF but this one is quite useful.
=====
I frequently use a ‘users’ table that has (at least) the following fields:
CREATE TABLE `users` (
`id` int AUTO_INCREMENT NOT NULL,
`username` varchar(255) NOT NULL,
`password` varchar(32) NOT NULL,
`first_name` varchar(255) NOT NULL,
`last_name` varchar(255) NOT NULL,
`active` varchar(45) NOT NULL,
`role` varchar(45) NOT NULL,
`password_last_change` date NOT NULL,
/* Keys */
PRIMARY KEY (`id`)
) ENGINE = MyISAM;
———————————————-
Add an access controller list module that you load on startup (use the code line: require once ‘path_to_aclmodule/your_acl_module.php’; in your index.php ) that has some of these entries:
<?php
require_once ‘Zend/Acl.php’;
$acl = new Zend_Acl();
require_once ‘Zend/Acl/Role.php’;
// Define ROLES for the system
$acl->addRole(new Zend_Acl_Role(‘Developer’)); // Can access all feature
$acl->addRole(new Zend_Acl_Role(‘Admin’)); // Can access Admin funtions
$acl->addRole(new Zend_Acl_Role(‘User’)); // Can access only USER but not Admin
.
.
// Define RESOURCES that need permission to be used/manipulated
require_once ‘Zend/Acl/Resource.php’;
$acl->add(new Zend_Acl_Resource(‘user_admin’));
$acl->add(new Zend_Acl_Resource(‘someimportantfeature’)); // A functiion in a controller that requires access control
//Configure regular User
$acl->deny(‘User’);
$acl->allow(‘User’, ‘a_user_function’);
$acl->deny(‘User’, ‘someimportantfeature’);
//Configure an Administrator
$acl->allow(‘Admin’); // all rules
.
.
.
Zend_Registry::set(‘acl’, $acl);
——————————————-
… and, after loading your db ‘users’ table with user data + the ‘role’ value for each like: Admin, User, whatever.. reference and check the ‘role’ in a controller with:
class ViewController extends Zend_Controller_Action
{
public $user_role;
function preDispatch() {
$auth = Zend_Auth::getInstance();
if (!$auth->hasIdentity()) {
$this->_redirect(‘/’);
} else {
$userdata = $auth->getIdentity();
$this->user_role = $userdata->role;
$this->view->user_role = $userdata->role; // to pass around in the ‘forms’ and ‘menus’
$this->username = $userdata->username; // for use by called functions in this controller (below)
}
}
.
.
———
And actually test the role at the beginning of a function in the controller similar to this:
function someimportantfeatureAction() {
//***************ACCESS CHECK*************************//
$acl = Zend_Registry::get(‘acl’);
if(!$acl->isAllowed($this->user_role, ‘someimportantfeature’, ‘view’)){ // user_role(s) is NOT ALLOWED to access this function unless specifically allowed in access control list.
print_r($this->user_role);
$this->_redirect(‘/static/noaccess’);
}
//***************END ACCESS CHECK*************************//
….. if the above access test is passed (Admin = yes, User = No), then your controller function gets to run.
The above snippets are NOT in any way the only way, but just part of an existing site that uses access control via a users table with roles and other values that can be checked.
CREATE TABLE `users` (
`id` int AUTO_INCREMENT NOT NULL,
`username` varchar(255) NOT NULL,
`password` varchar(32) NOT NULL,
`first_name` varchar(255) NOT NULL,
`last_name` varchar(255) NOT NULL,
`active` varchar(45) NOT NULL,
`role` varchar(45) NOT NULL,
`password_last_change` date NOT NULL,
/* Keys */
PRIMARY KEY (`id`)
) ENGINE = MyISAM;
———————————————-
Add an access controller list module that you load on startup (use the code line: require once ‘path_to_aclmodule/your_acl_module.php’; in your index.php ) that has some of these entries:
<?php
require_once ‘Zend/Acl.php’;
$acl = new Zend_Acl();
require_once ‘Zend/Acl/Role.php’;
// Define ROLES for the system
$acl->addRole(new Zend_Acl_Role(‘Developer’)); // Can access all feature
$acl->addRole(new Zend_Acl_Role(‘Admin’)); // Can access Admin funtions
$acl->addRole(new Zend_Acl_Role(‘User’)); // Can access only USER but not Admin
.
.
// Define RESOURCES that need permission to be used/manipulated
require_once ‘Zend/Acl/Resource.php’;
$acl->add(new Zend_Acl_Resource(‘user_admin’));
$acl->add(new Zend_Acl_Resource(‘someimportantfeature’)); // A functiion in a controller that requires access control
//Configure regular User
$acl->deny(‘User’);
$acl->allow(‘User’, ‘a_user_function’);
$acl->deny(‘User’, ‘someimportantfeature’);
//Configure an Administrator
$acl->allow(‘Admin’); // all rules
.
.
.
Zend_Registry::set(‘acl’, $acl);
——————————————-
… and, after loading your db ‘users’ table with user data + the ‘role’ value for each like: Admin, User, whatever.. reference and check the ‘role’ in a controller with:
class ViewController extends Zend_Controller_Action
{
public $user_role;
function preDispatch() {
$auth = Zend_Auth::getInstance();
if (!$auth->hasIdentity()) {
$this->_redirect(‘/’);
} else {
$userdata = $auth->getIdentity();
$this->user_role = $userdata->role;
$this->view->user_role = $userdata->role; // to pass around in the ‘forms’ and ‘menus’
$this->username = $userdata->username; // for use by called functions in this controller (below)
}
}
.
.
———
And actually test the role at the beginning of a function in the controller similar to this:
function someimportantfeatureAction() {
//***************ACCESS CHECK*************************//
$acl = Zend_Registry::get(‘acl’);
if(!$acl->isAllowed($this->user_role, ‘someimportantfeature’, ‘view’)){ // user_role(s) is NOT ALLOWED to access this function unless specifically allowed in access control list.
print_r($this->user_role);
$this->_redirect(‘/static/noaccess’);
}
//***************END ACCESS CHECK*************************//
….. if the above access test is passed (Admin = yes, User = No), then your controller function gets to run.
The above snippets are NOT in any way the only way, but just part of an existing site that uses access control via a users table with roles and other values that can be checked.
—
For all your Web applications development projects keep coming to us !!
Raghav
# 990.203.5965
Ravina Technologies
No.24 Pattamal Plaza
3rd Cross Kamanahalli
BANGALORE 560084
Get the Best from US !!
No comments:
Post a Comment