0

I am building a CMS kind of site, There will be lot of admin users. ACL was in place for business layer. But now we want to apply custom ACL logic to models based on city in which admin user belongs.

For eg: Admin user is from New York. He can view the content related to New York City.

I have lot of queries built with Zend_Db_Select in the models. Now I have change the queries everywhere. Is there a way, I can add the logic ->where('u.city_id = ?', $admin_user_city_id) for each and every query.

Thanks in advance.

Thanks Venu

Charles
  • 50,943
  • 13
  • 104
  • 142
Venu
  • 7,243
  • 4
  • 39
  • 54

1 Answers1

2

I think that you might not need to extend Zend_Db_Table_Select. You can do what you're looking for by only extending Zend_Db_Table_Abstract with a My_Db_Table_Abstract that all your models will extend too. In that abstract class, you'll extend the default select() that returns a Zend_Db_Table_Select and, before returning it, you just add your where clause to it.

Thus, everytime you'll call a select with $myModel -> select() it will already contain your where clause.

abstract class My_Db_Table_Abstract extends Zend_Db_Table_Abstract
{
    public function select($withFromPart = self::SELECT_WITHOUT_FROM_PART)
    {
        $select = parent::select($withFromPart);
        # Retreive $admin_user_city_id
        $select -> where('u.city_id = ?', $admin_user_city_id);
        return $select;
    }
}

Of course that also implies that you have made the correct join to your u table somewhere depending on the model you're on.

jhuet
  • 396
  • 2
  • 11
  • What if I want to call select object on db adapter? I think it won't work for that. So I wanted to extend Zend_Db_Select.. – Venu Sep 19 '11 at 10:12
  • To me, a db adapter is not really the place for business code. Anyway if it's how you want to go, you can still make your own adapter that extends `Zend_Db_Adapter_Abstract` or `Zend_Db_Adapter_Mysqli` depending on the adapter you're using right now. Then you do the same as i explained in my answer by extending the `select()` method. – jhuet Sep 19 '11 at 10:26
  • Extending `Zend_Db_Select` would be a bit of work as `Zend_Db_Table_Select` extends it too and you would not have your modifications in that class. That's why i'd prefere to modify accessors to it. – jhuet Sep 19 '11 at 10:32
  • Sorry I didn't get what you mean by "db adapter is not really the place for business code". I am calling select method on db adapter like this in the models $this->getAdapter()->select() which uses Zend_Db_Select class. Yes I agree, Zend_Db_Select is extended by zend_db_table_select. – Venu Sep 19 '11 at 11:07
  • What i meant is that adapters only have code regarding access to the database. Here you want to add code that is business logic inside it, wich isn't good practice. If you always access `Zend_Db_Select` via the adapter (and never user `Zend_Db_Table_Select`) you could effectively create your `My_Db_Select` with the code of my answer in the constructor. Then in your `My_Db_Adapter_Mysqli` you extend the `select()` method by creating and returning `My_Db_Select`. I could create another answer if it's not clear enough. – jhuet Sep 19 '11 at 11:56
  • Thanks for you time. got it now. Yes I agree, writing business logic in adapter is not good. I will try thanks once again :) – Venu Sep 19 '11 at 13:12