Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Adam Jensen's Blog:
Using Zend_Acl with Doctrine record listeners
Nov 25, 2009 @ 11:53:29

Adam Jensen has written up a quick tutorial about using Doctrine record listeners to link a Zend_Acl component with your database.

In previous Zend Framework apps I've written, I often handled access control at the level of the controller action. Each action was represented in the ACL as a resource, and the ACL logic was applied by a custom plugin just prior to any action dispatch. [...] As a result of these concerns, I decided on a lower-level, model-centric approach for this blog: my models are my resources. Each model class implements Zend_Acl_Resource_Interface, and the ACL specifies "create," "read," "update" and "destroy" privileges for each class (more or less).

Checking for the permissions with a setup like this can be time consuming, though, so he found an ally in the record listeners Doctrine allows you to set. He combines a Doctrine_Record_Listener object with a Zend_Acl one in a preInsert method with a getCurrentRole to add the user handling all in one place.

tagged: record listener doctrine zendacl zendframework