Generally, you will need two text files for your access control setup. One is for your access control rules and the other is for defining your roles and who belongs to each role.
These files don't need to be in the config folder, but this is a logical choice.
In the acl.txt file, add the following lines:
allow handle juser * * allow handle jdoe Vendor_App_Example add allow handle + Vendor_App_News browse deny role banned * * allow role admin * *
The file format is: 0:flag 1:type 2:name 3:class 4:action 5:process Although I don't believe that process is currently used.
So…
allow handle juser * *
means allow user identified by handle juser access to all classes and all actions.
allow handle jdoe Vendor_App_Example add
means allow user identified by handle jdoe to the add action (method) in Vendor_App_Example class
Wildcards * and + can be used too. For example, a + symbol in the name field means any logged in user.
Now add the following line to your roles.txt
banned:gijoe admin:sguy,jsmith,gijane
The format is role:userone,usertwo,userthree
Now add a few lines to your config, assuming you already have the Solar_Auth config previously set up.
$config['Solar_Role']['adapter'] = 'Solar_Role_Adapter_File'; $config['Solar_Role_Adapter_File']['file'] = "$system/config/roles.txt"; $config['Solar_Access']['adapter'] = 'Solar_Access_Adapter_File'; $config['Solar_Access_Adapter_File']['file'] = "$system/config/acl.txt"
Assuming you have the Solar_Auth setup correctly, you should have the following code in your application controller _setup() method, or in the _setup() method of a controller you are extending, such as Solar_Base:
// register a Solar_User object if not already. // this will trigger the authentication process. if (! Solar_Registry::exists('user')) { Solar_Registry::set('user', Solar::factory('Solar_User')); }