1
votes

This is my navigation XML format, there are 2 user levels in the system, Admin and Super Admin,

When login as Admin all the menu items should be displayed and it works fine, for Super Admin only the Dashboard and statistics should be displayed.

My issue is, for Super admin, along with the dashboard and statistics, labels of the other menu items (those should be displayed only for admin) are showing , Is there any work around to hide the labels. in my case , there are no actions for the top level menu items, except dashboard.

Menu is connected with Zend ACL

<configdata>

<nav>

    <dashboard>
        <label>Dashboard</label>
        <class>nav-top-item no-submenu</class>
        <controller>index</controller>
        <action>index</action>
        <resource>index</resource>
        <privilege>index</privilege>
    </dashboard>

    <app>
        <label>Apps</label>  
        <class>nav-top-item no-submenu</class>
        <uri>#</uri>

        <pages>
            <managefeaturedapps>
                <label>Manage Apps</label>                    
                <controller>app</controller>
                <action>index</action>
                <resource>app</resource>
                <privilege>index</privilege>
            </managefeaturedapps>             
            <managepage>
                <label>Filter Apps</label>                    
                <controller>app</controller>
                <action>filter-apps</action>
                <resource>app</resource>
                <privilege>filter-apps</privilege>
            </managepage>
         </pages> 
    </app>

    <user>
        <label>Users</label>  
        <class>nav-top-item no-submenu</class>
        <uri>#</uri>

        <pages>
            <allusers>
                <label>Registered Users / Developers</label>                    
                <controller>user</controller>
                <action>index</action>
                <resource>user</resource>
                <privilege>index</privilege>
            </allusers>
         </pages>
    </user>        

    <page>
        <label>Pages</label> 
        <class>nav-top-item no-submenu</class>
        <uri>#</uri>

        <pages>
            <addpage>
                <label>Add New Page</label>                    
                <controller>page</controller>
                <action>add-page</action>
                <resource>page</resource>
                <privilege>add-page</privilege>
            </addpage>         

         </pages> 
    </page>


    <statistics>
        <label>Statistics</label> 
        <class>nav-top-item no-submenu</class>
        <uri>#</uri>

        <pages>
            <viewstats>
                <label>Statistics</label>                    
                <controller>statistic</controller>
                <action>index</action>
                <resource>statistic</resource>
                <privilege>index</privilege>
            </viewstats>
         </pages>              
    </statistics>

</nav>

ACL Code

class XXX_Controller_Action_Helper_AclPbo {

public $acl;

//Instatntiate Zend ACL
public function __construct() 
{
    $this->acl = new Zend_Acl();
}

//Set User Rolse
public function setRoles() 
{
    $this->acl->addRole(new Zend_Acl_Role('superAdmin'));       
    $this->acl->addRole(new Zend_Acl_Role('admin'));
}

//Set Resources - controller, models, etc...
public function setResources() 
{
    $this->acl->add(new Zend_Acl_Resource('app'));
    $this->acl->add(new Zend_Acl_Resource('index'));
    $this->acl->add(new Zend_Acl_Resource('user'));     
    $this->acl->add(new Zend_Acl_Resource('page'));
    $this->acl->add(new Zend_Acl_Resource('statistic'));
}

//Set privileges
public function setPrivilages() 
{
    $this->acl->allow('superAdmin', 'user', array('login','logout'));
    $this->acl->allow('superAdmin', 'index', 'index');
    $this->acl->allow('superAdmin', 'app', 'index');   
    $this->acl->allow('superAdmin', 'statistic', array('index'));

    $this->acl->allow('admin', 'user', array('index','login','logout'));      
    $this->acl->allow('admin', 'index', 'index');
    $this->acl->allow('admin', 'app', array('index'));
    $this->acl->allow('admin', 'page', array('index', 'add-page', 'edit-page'));
    $this->acl->allow('admin', 'statistic', array('index'));
}

//Set ACL to registry - store ACL object in the registry
public function setAcl() 
{
    Zend_Registry::set('acl', $this->acl);
}

}

1
You will need to show the ACL-code as wellPatrikAkerstrand
Is it ok that admin and superAdmin have almost identical ACL rules?akond

1 Answers

1
votes

The reason why you are experiencing this behavior lies here

<statistics>
    <label>Statistics</label>
    <class>nav-top-item no-submenu</class>
            <uri>#</uri>

while you should be having

<statistics>
    <label>Statistics</label>
    <class>nav-top-item no-submenu</class>
    <controller>statistic</controller>
    <action>index</action>
    <resource>statistic</resource>
    <privilege>index</privilege>

As long as you do not define resource's access parameters it is available to anyone.