Monday, November 30, 2009

Authorization with assertions

In this example, we implement an authorization with rules and assertions.

Components used in this example
Implementation of the assertion
  • The site status is stored in a global variable for the purpose of this example.
  • People excluding the administrator are allowed to only view content when the site is under maintenance.

class MyAssert implements Zend_Acl_Assert_Interface
    public function 
Zend_Acl $acl,
Zend_Acl_Role_Interface $role null,
Zend_Acl_Resource_Interface $resource null,
$privilege null)
// The site status is stored in a global variable for the purpose of this example.
global $maintenance;

// People excluding the administrator are allowed to only view content
        // when the site is under maintenance.
return !(
$maintenance and
$role->getRoleId() != 'administrator' and
$privilege != 'view');


No comments:

Post a Comment