StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POHow to organize and manage an ACL?
primarykey
Id
5872867
data
AcceptedAnswerId
0
AnswerCount
1
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-05-03T16:49:24.380
FavoriteCount
1
LastActivityDate
2011-05-04T09:35:36.423
LastEditDate
LastEditorUserId
0
OwnerUserId
99923
ParentId
0
PostTypeId
1
Score
2
ViewCount
984
LastEditorDisplayName
text
Body
Taking the <a href="http://framework.zend.com/manual/en/zend.acl.html" rel="nofollow">Zend_ACL</a> as my example, I'm wondering how this should be organized for a project. Sure the example is all nice and neat, but a real site is much more complex. <pre><code>$acl = new Zend_Acl(); $acl->addRole(new Zend_Acl_Role('guest')); $acl->addRole(new Zend_Acl_Role('member')); $acl->addRole(new Zend_Acl_Role('admin')); $parents = array('guest', 'member', 'admin'); $acl->addRole(new Zend_Acl_Role('someUser'), $parents); $acl->add(new Zend_Acl_Resource('someResource')); $acl->deny('guest', 'someResource'); $acl->allow('member', 'someResource'); echo ($acl->isAllowed('guest', 'someResource') ? 'allowed' : 'denied'); </code></pre> Given that each controller/page on my site will have some kind of access checking I need the rules to be globally available. Does this mean that I need to create a massive config file or class to setup all the rules on load? Wouldn't that waste a lot of memory? Yet if I only setup the rules needed for each controller that would defeat the purpose of the ACL right? The main reason for using a ACL is to avoid having permissions spread throughout the codebase like this: <pre><code>Admin_Controller { public function action() { if($user->role !== 'admin') { die('not allowed'); } } } </code></pre> What about changes? What if the ACL rules are stored in a database where an administrator can easily change permissions. Should they all be downloaded each page request? Wouldn't that put a large burden on the system? In short, how does an ACL work on a large site? What problems occur? How are cascading permissions handled?
Tags
<php><permissions><acl>
Title
How to organize and manage an ACL?
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USXeoncross
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POHow to organize and manage an ACL?
 UserUserId
 USelslooo
 VoteTypeVoteTypeId
 VTFavorite
2. VO
 singulars
 PostPostId
 POHow to organize and manage an ACL?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POHow to organize and manage an ACL?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.