I'm using Zend_Navigation and am trying to integrate it with Zend_Acl. Each page in the navigation has a privilege attribute. What I can't determine is how to define multiple privileges for a single page.
Use case: A page that is for managing users. I want to display that page (in navigation) if the current signed in user's role has add, edit, or delete privileges on the Users resource.
Example entry in the navigation XML:
<admin_users>
<label>Users</label>
<route>default</route>
<controller>admin</controller>
<action>users</action>
<resource>Users</resource>
<privilege>add,edit,delete</privilege>
</admin_users>
Using a comma-separated list as above doesn't lend the desired behavior.
UPDATE
After digging through the code, I found that Zend_Navigation_Page only allows a single string value. Has anyone extended this class or found another way around this limitation?
/**
* Sets ACL privilege associated with this page
*
* @param string|null $privilege [optional] ACL privilege to associate
* with this page. Default is null, which
* sets no privilege.
* @return Zend_Navigation_Page fluent interface, returns self
*/
public function setPrivilege($privilege = null)
{
$this->_privilege = is_string($privilege) ? $privilege : null;
return $this;
}
I realized that my problem was my lack of a 'view' type permission. When I'm loading the resource privileges, I now grant an 'admin' privilege on the resource if the user has any privileges for that resource. I then use the 'admin' privilege on the page.
<admin_users>
<label>Users</label>
<route>default</route>
<controller>admin</controller>
<action>users</action>
<resource>Users</resource>
<privilege>admin</privilege>
</admin_users>