Welcome to Abdul Malik Ikhsan's Blog

Zend Framework : Zend_Acl ( Access Control Lists) Basic – Simple Authorization

Posted in Teknologi, Tutorial PHP, Zend Framework by samsonasik on May 29, 2011

Otorisasi adalah tindakan menentukan apakah seseorang memiliki izin untuk melakukan tindakan atas resource yang ada. Zend Framework mempunyai komponen Zend_Acl untuk mengatur hal tersebut. Zend_Acl dibagi menjadi 3 area, yaitu Resources, Roles, dan Rights. Resources adalah apa yang diakses, Roles adalah “yang mengakses” satu atau beberapa resource, dan Rights adalah hak akses Role terhadap Resource yang diakses. Secara default, Zend_Acl memberikan akses deny untuk semua resource, kita diharuskan memberikan whitelist terhadap akses roles terhadap resources yang kita inginkan.


Contoh pendefinsian ACL :

<?php
class Model_Acl extends Zend_Acl
{
    public function __construct()
    {
        //mendefinisikan roles
        $this->addRole('everyone')
                 //contributor menuruni role everyone,
                 //dipunyai everyone, pasti dipunyai contributor
                ->addRole('contributor','everyone')
                 //admin menuruni role contributor
                 //dipunyai everyone dan contributor, pasti dipunyai admin
                ->addRole('admin','contributor');

        //mendefinisikan resource id
        $this->add(new Zend_Acl_Resource('comment') );
        $this->add(new Zend_Acl_Resource('entry') );
        $this->add(new Zend_Acl_Resource('adduser') );
        $this->add(new Zend_Acl_Resource('deleteuser') );

        //mendefinisikan hak akses
        $this->allow('everyone','comment', array('write'))
               ->allow('contributor','entry', array('write','delete','update'))
               ->allow('admin', 'adduser', array('add'))
               ->allow('admin', 'deleteuser', array('delete'));
     }
}

Nah, testing deh :

// action body
$acl = new Model_Acl();

//check otorisasi admin untuk menambah user
if ($acl->isAllowed('admin', 'adduser','add')){
    echo "admin boleh add user ";
}else{
    echo "admin ga boleh add user";
}

echo "<br />";
//check otorisasi admin untuk menulis comment
if ($acl->isAllowed('admin', 'comment','write')){
    echo "karena admin turunan dari user, boleh donk nulis comment ";
}else{
    echo " admin ga boleh comment euy ";
}

//check otorisasi contributor menambah user
if ($acl->isAllowed('contributor', 'adduser','add')){
    echo "contributor boleh add user  ";
}else{
    echo "contributor ga boleh add user";
}
///end of action body

Semoga bermanfaat 🙂
Referensi :
http://weierophinney.net/matthew/archives/201-Applying-ACLs-to-Models.html
Zend Framework Workshop, 2010, Rob Allen and Matthew Weier O’Phinney
Zend Framework Workshop , Dutch PHP Conference, 2009,  by Matthew Weier O’Phinney

One Response

Subscribe to comments with RSS.

  1. Oleg Abrazhaev said, on January 16, 2014 at 4:04 pm

    Please, write same manual for Zend2 ACL.
    Thank you.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: