问题
i want to build an ACL system for my application which have the following requirement.
- Users will be assigned single or multiple role. (Admin, Staff) etc.
- Role will have permissions.(Send_Invoices, Send_mail, Delete_Invoices, Send_Estimate) etc.
- User will be assigned custom permission apart from the role it inherits.
my database structure for ACL is as follows
role:
+----------+-------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| roleName | varchar(50) | NO | UNI | NULL | |
+----------+-------------+------+-----+---------+----------------+
permission:
+----------------+-------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+----------------+-------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| permissionName | varchar(50) | NO | | NULL | |
| permissionKey | varchar(50) | NO | UNI | NULL | |
+----------------+-------------+------+-----+---------+----------------+
role_permission
+---------------+---------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------------+---------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| role_id | int(11) | NO | MUL | NULL | |
| permission_id | int(11) | NO | | NULL | |
+---------------+---------+------+-----+---------+----------------+
user_role
+---------------+---------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------------+---------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| user_id | int(11) | NO | MUL | NULL | |
| role_id | int(11) | NO | | NULL | |
+---------------+---------+------+-----+---------+----------------+
user_permission
+---------------+---------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+---------------+---------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| user_id | int(11) | NO | MUL | NULL | |
| permission_id | int(11) | NO | | NULL | |
+---------------+---------+------+-----+---------+----------------+
i have migrated to Zend Framework, and having problem deciding wether Zend_Acl allows me to implement the current structure. my question is.
- is it possible for me to implement the ACL with current database structure to do the needful in Zend Framework?
- is there any better implementation that could allow me to achieve what i want in zend framework?
i will be grateful if someone could provide me a way to get started with what i need to do. any resources, links that could help me?
thank you.
回答1:
Well I think this structure is really good , to get this working you had to do 2 steps
1-Setup all the databases and requirements
2- create an ACL plugin that determine the user's role and his permissions
some example with doctrine support :
Developing a Doctrine-backed ACL helper TDD-style, part 1
Developing a Doctrine-backed ACL helper TDD-style, part 2
another simple ACL :
Dynamic custom ACL in zend framework?
来源:https://stackoverflow.com/questions/10293007/zend-acl-with-roles-and-permissions-stored-in-database