Not sure if anyone else would find this useful, but I wrote a quick and dirty set of functions to help me build Zend_Acl from a configuration file. Feel free to use it however and whenever and such.
PHP Code:<?php
class Core_Acl extends Zend_Acl
{
protected static $_cache = null;
public function __construct( $options = null )
{
if (is_array($options)){
$this->setOptions($options);
} elseif ($options instanceof Zend_Config){
$this->setConfig($options);
}
}
public static function cache()
{
if( is_null(self::$_cache) ){
$cacheDir = APPLICATION_CACHE_DIR;
$frontend = array(
'lifetime' => 7200,
'automatic_serialization' => true
);
$backend = array(
'cache_dir' => $cacheDir
);
self::$_cache = Zend_Cache::factory('Core', 'File', $frontend, $backend);
}
return self::$_cache;
}
public static function cacheClean()
{
$cache = self::cache();
$cache->clean(Zend_Cache::CLEANING_MODE_ALL);
}
public static function cacheSave($name, Zend_Acl $acl)
{
$cache = self::cache();
$cache->save($acl, $name);
}
public static function cacheLoad($name)
{
$cache = self::cache();
return $cache->load($name);
}
public function setConfig( Zend_Config $config )
{
$this->setOptions($config->toArray());
}
public function setOptions( array $options )
{
if ( isset($options['resources']) ){
$this->addResources( $options['resources'] );
unset( $options['resources'] );
}
if( isset($options['roles']) ){
$this->addRoles( $options['roles'] );
unset( $options['roles'] );
}
$allowed = array(
'Allow', 'Deny'
);
foreach ( $options as $key => $value ){
$normalized = ucfirst($key);
if ( !in_array( $normalized, $allowed ) ){
continue;
}
$method = 'set' . $normalized;
if (method_exists($this, $method)){
$this->$method($value);
}
}
}
public function addResources( array $resources )
{
foreach( $resources as $source ){
$resource = $source['resource'];
$parent = isset($source['parent']) ? $source['parent'] : null;
$this->addResource( new Zend_Acl_Resource($resource), $parent );
}
}
public function addResource(Zend_Acl_Resource_Interface $resource, $parent = null)
{
return $this->add($resource, $parent);
}
public function addRoles( array $roles )
{
foreach( $roles as $source){
$role = $source['role'];
$inherit = isset($source['inherit']) ? $source['inherit'] : null;
$this->addRole(new Zend_Acl_Role($role), $inherit);
}
}
public function setAllow( array $allow )
{
foreach( $allow as $source ){
$role = (array) $source['role'];
$resource = $source['resource'];
$privileges = array_key_exists('privileges', $source) ? (array) $source['privileges'] : null;
$class = null;
if( array_key_exists('assert', $source) ){
if( $class = $source['assert'] ){
if( !class_exists( $assert ) ){
throw new Zend_Acl_Exception(sprintf('Class %s does not exist', $class));
}
}
}
$assert = $class ? new $class : $class;
$this->allow($role, $resource, $privileges, $assert);
}
}
public function setDeny( array $deny )
{
foreach( $deny as $source ){
$role = (array) $source['role'];
$resource = $source['resource'] ? (array) $source['resource'] : null;
$privileges = array_key_exists('privileges', $source) ? (array) $source['privileges'] : null;
$class = null;
if( array_key_exists('assert', $source) ){
if( $class = $source['assert'] ){
if( !class_exists( $assert ) ){
throw new Zend_Acl_Exception(sprintf('Class %s does not exist', $class));
}
}
}
$assert = $class ? new $class : $class;
$this->deny($role, $resource, $privileges, $assert);
}
}
}Example usage.Code:<?xml version="1.0"?> <acl> <resources> <r0001 resource="default" /> <r0002 resource="default-index" parent="default"/> <r0003 resource="default-index-login" parent="default-index"/> <r0004 resource="default-error" /> <r0005 resource="default-error-error" /> <r0006 resource="default-member" /> <r0007 resource="default-member-create" /> <r0008 resource="default-member-remove" /> <r0009 resource="default-member-update" /> <r0010 resource="default-member-display" /> <r0011 resource="default-member-list" /> <r0012 resource="default-member-account" /> <r0013 resource="default-admin" /> </resources> <roles> <r0001 role="guest" /> <r0002 role="member" inherit="guest" /> <r0003 role="admin" inherit="guest" /> </roles> <allow> <a0001 role="guest" resource="default-index" /> <a0002 role="guest" resource="default-error" /> <a0003 role="member" resource="default-member" /> <a0004 role="admin" resource="default-admin" /> </allow> <deny> <d0001 role="guest" resource="default-member" /> <d0002 role="guest" resource="default-admin" /> <d0003 role="admin" resource="default-member" /> </deny> </acl>
Make sure to define APPLICATION_CACHE_DIR and set the permissions on that directory so it can be written to.PHP Code:if( !($acl = Core_Acl::cacheLoad('Core_Acl')) ){
$config = new Zend_Config_Xml(APPLICATION_PATH . '/configs/acl.xml');
$acl = new Core_Acl($config);
Core_Acl::cacheSave('Core_Acl', $acl);
$acl = Core_Acl::cacheLoad('Core_Acl');
}
PHP Code:// Define application cahce directory
defined('APPLICATION_CACHE_DIR')
|| define('APPLICATION_CACHE_DIR', APPLICATION_PATH . '/cache');
Bookmarks