Zend_Acl part 2: different roles and resources, more on access

Tags:

Applications often have different resources: For example, you might have pages, some user generated content like comments, and an admin area. You might also have files, or even real-life objects like a coffee machine.

In the context of Zend_Acl, access to resources is given to roles: A role might be a user’s name, a group a user belongs to, or just roles, which have been assigned to a user from the admin panel.

Since Zend_Acl only defines an “abstract” role, resource and privilege, how do we deal with all of these using it?

Zend_Acl part 1: Misconceptions and simple ACLs

Tags:

I’m going to be writing a weekly series of posts on Zend_Acl. This first post will clear up some common misconceptions regarding Zend_Acl, introduce creating ACLs for simple applications, and give some examples on using the ACL in both non-Zend Framework and Zend Framework applications.

Another idea for using models with forms

Tags:

Matthew Weier O’Phinney wrote about using Zend_Form with models. His approach puts a form inside a model, which then uses the form to validate itself. While this idea is not bad, I find it being upside down – I think the form should use the model to validate itself, not the other way around. But how would you utilize a …

Reusable “generic” actions in Zend Framework

Tags:

Sometimes you will need nearly the same functionality in many actions. This can lead to unnecessary code duplication if you aren’t careful, and there’s been a couple of occasions on #zftalk, where people have been asking for a good practice to avoid this. There are several ways to deal with this, such as moving the code into a separate function, …

Packageizer is fixed

Tags:

The packageizer had some problems determining the dependencies for the newly added Zend Framework 1.7 packages, but the problem is now fixed. The packageizer source-code has also been updated with the patch.

Programming language guessing game

Tags:

Some of you asked me about the “quiz” thing that showed up in one of the screenshots in my NetBeans review… Well, here it is: During that weekend when I was trying out NetBeans, I wrote a small Zend Framework + Doctrine application which attempts to guess a programming language the user is thinking of, based on a set of …

Food for thought: utilizing models in MVC

Tags:

“What is a model” and “Is Zend_Db_Table a model” seem to be asked once in a while on #zftalk. Frameworks say they have a full model available, thus they are MVC frameworks ORM libraries say they generate models. It seems the ActiveRecord pattern has become somewhat synonymous with model. Pádraic Brady wrote an excellent post on how models are misunderstood, …

CSRF protection revisited

Tags:

Yesterday, I was talking on IRC with Tom Graham. He was looking for a way to protect GET requests against CSRF. I showed him my CSRF protection plugin, as it would be suitable for protecting GETs too with minor modifications. This got me thinking what would be the best way to allow you to easily protect certain URLs with it, …

Improved Zend Framework package maker

Tags:

Last month, I introduced the packageizer, which allowed you to choose a class from the Zend Framework and get it as a zip with its dependencies. Now, based on some feedback from users, I’ve improved the user interface of the tool: You can now select multiple items for inclusion in the package, and I’ve made it possible to get the …