Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Kind of a fairly chatty answer here, loose discussion only, no code, at least for now. </p> <p>Your own model/data structure has to consider members, locations, and teams. I think you have described the relationships pretty clearly, so that should be straightforward. Thinking relationally: a table for team members, including managers; a table for locations; a table for teams with a foreign key into locations and a foreign key into members identifying the manager; a cross-ref table linking members to teams. I assume your member model will have methods for <code>isManagerOfTeam($team)</code>, <code>isMemberOfTeam($team)</code>, stuff like that. Pretty straightforward.</p> <p>But much of this is just modeling the relationships, arguably independent of access-control.</p> <p>For access-control, it appears that location is irrelevant; it's team <em>membership</em> and team <em>management</em> that are the key.</p> <p>It also sounds like the data you are trying to access-control (what will eventually be the 'resource') will be tagged with a member id, identifying the "owning" member. So, the model for that data might have a method <code>getMember()</code> or even just <code>getMemberId()</code>.</p> <p>So I see some Acl rules that use a <code>Zend_Acl_Assert_Interface</code> instance to make dynamic examinations on the relationships between the role ($member) and those resources:</p> <ol> <li>My_Acl_Assertion_BelongsToSelf</li> <li>My_Acl_Assertion_BelongToMemberUnderManagement</li> </ol> <p>Then the <code>assert()</code> methods could call the relevant model methods on the passed role and resource to check the team and management relationships.</p> <p>Like I said, kind of a loose answer, but hopes it helps with some ideas.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload