Zend_Acl (Access Control List) advance usage with example.

22 Dec

Since few days I am playing with Zend Framework Access control list(Zend_Acl).

The way Zend has implemented it is fabulous. You cannot even imagine how easy, efficient and flexible it is to implement roles in your application.

Zend_Acl doesn’t require any backend technology such as database, xml etc. You can store data were ever you like. Storing Acl data is totally left on developers.

If you truly like to see the power of Zend_Acl, see the following scenarios.

Suppose you want to develop an application for office, forget about web application for now, and you have employees who can access your contents only at the office timings e.g 9:00 to 5:00.

Or you have a web application for a specific country- user in that specified country can access your application. You want to block all other users from the globe.

Zend Framework acl provide very easy and convenient way of handling such type of situations.

Although this situation would be difficult to handle in simple php, however Zend Framework provides very simple and easy way to handle these situations.

To implement the first scenario, create My/Controller/Helper/TimeAssertion.php and add the following code.

One thing I would like to say is that please read my first article about Zend Acl before implementing what I have explained here.


Class My_Controller_Helper_TimeAssertion implements Zend_Acl_Assert_Interface


public function  assert(Zend_Acl $acl,Zend_Acl_Role_Interface $role=null, Zend_Acl_Resource_Interface $resource=null,$privilages=null)


return this->_isTime($date);


protected function _isTime($date)


$timeFrom = new Zend_Date();


$timeTo = new Zend_Date();


if($date > $timeFrom && $dateTo < $timeTo){

return true;

} else {

return false;





In the code above, we first define our class implementing Zend_Acl_Assert_Interface. This interface provides method “assert” function which is compulsory to be implemented when Zend_Acl_Assert_Interface is implemented.

In “asset” we simply call our protected method that return either true or false. The only parameter we are passing is the current date.

In our protected function _isTime, we first define two times. And then check if current date is between those two date. If condition is true, we return true, otherwise false.

Once you define your own class, the only change you will need to do is

$acl->allow(’employee’,null,’view’,new My_Controller_Helper_TimeAssertion());

That’s it, you don’t need to worry about the other things, because zend will do the magic for you.

Important: Read my first post on Zend_Acl.


3 Responses to “Zend_Acl (Access Control List) advance usage with example.”

  1. Norman July 18, 2009 at 11:10 am #

    Nice blog! Keep up the good work.

  2. Jeboy December 18, 2009 at 3:09 am #

    Just one question, where is the $date variable came from in the assert() method?

  3. megido_kz September 30, 2010 at 2:29 pm #

    Everything is clear, but…

    >> return this->_isTime($date);

    where do you get from variable $date?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: