Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>In a project I was working on, I had trouble with various users experiencing timeouts from their browsers. This meant the Zend_Auth no longer existed in the registry and users lost access to required pages/functions.</p> <p>In order to stop this from occuring, I setup a Plugin (as you suggest) and have this plugin perform checks in the preDispatch(). An example is below:</p> <pre><code>class Bootstrap extends Zend_Application_Bootstrap_Bootstrap { public function run() { $front = Zend_Controller_Front::getInstance(); $front-&gt;registerPlugin(new App_Controller_Plugin_Timeout()); parent::run(); } } </code></pre> <p>with the timeout class implementing any Zend_Auth or Zend_Acl requirements, using a check via the function below.</p> <pre><code>class App_Controller_Plugin_Timeout extends Zend_Controller_Plugin_Abstract { /** * Validate that the user session has not timed out. * @param Zend_Controller_Request_Abstract $request * @return void * @todo Validate the user has access to the requested page using Zend_Acl */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $frontController = Zend_Controller_Front::getInstance(); $controllerName = $frontController-&gt;getRequest()-&gt;getControllerName(); $actionName = $frontController-&gt;getRequest()-&gt;getActionName(); $authInstance = Zend_Auth::getInstance(); /** If the controller is not the Auth or Error controller, then check for * a valid authorized user and redirect to the login page if none found */ if (($controllerName !== 'auth') &amp;&amp; ($controllerName !== 'index') &amp;&amp; ($controllerName !== 'error')) { if (!$authInstance-&gt;hasIdentity()) { $this-&gt;_response-&gt;setRedirect('/index/timeout')-&gt;sendResponse(); exit; } } else if (($controllerName == 'index') || (($controllerName == 'auth') &amp;&amp; ($actionName !== 'logout'))) { /** If running the Auth or Index (default) controller (and not the logout * action), check if user already signed in and redirect to the welcome page */ if ($authInstance-&gt;hasIdentity()) { $this-&gt;_response-&gt;setRedirect('/general/welcome')-&gt;sendResponse(); exit; } } } } </code></pre> <p>....</p> <pre><code>/** * Test that the input user belongs to a role based on the user input and * the values loaded into the Acl registry object setup when the site first * loads * * @param mixed|Zend_Auth $userData * @param string $userRole * @return boolean * @throws Zend_Exception When invalid input is provided */ public function isUserMemberOfRole($userData, $userRole) { if (empty($userData)) { $auth = Zend_Auth::getInstance(); if($auth-&gt;hasIdentity()) { $userData = $auth-&gt;getIdentity(); } else { return FALSE; } } if (!is_string($userRole)){ throw new Zend_Exception('Invalid input provided to ' . __METHOD__); } // Setup the required variables and access the registry for the Acl values $rolesTable = new App_Model_Internal_UsersToRoles(); $registry = Zend_Registry::getInstance(); $acl = $registry-&gt;get('acl'); $roles = $rolesTable-&gt;getUserRoles($userData); // returns an array of values foreach ($roles as $value) { if ($value['Name'] == $userRole) { return $acl-&gt;isAllowed($value['Name'], null, $userRole); } } } </code></pre> <p>I had the user access implemented in a database table and then initialized as an "_init" function at Bootstrap->run() as follows:</p> <pre><code>protected function _initAclObjectForUserRoles() { $userTable = new App_Model_Internal_Roles(); $acl = new Zend_Acl(); $userRoles = $userTable-&gt;fetchAll(); $roles = $userRoles-&gt;toArray(); // Cycle through each Role and set the allow status for each foreach($roles as $value) { $department = $value['Name']; $acl-&gt;addRole(new Zend_Acl_Role($department)); $acl-&gt;allow($department, null, $department); } // Add the new Acl to the registry $registry = Zend_Registry::getInstance(); $registry-&gt;set('acl', $acl); } </code></pre> <p>So, using this method you could put access restrictions via the roles loaded via from a database into an Zend_Acl object, or you could load the controller class attribute via the Timeout plugin and check it's value. Although, I've found it's easier to maintain access policies in a database than spread them throughout your code base... :-)</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload