2.2. ¾×¼¼½º Á¦¾îÀÇ °³¼±Çϱâ

2.2.1. ÀûÈ®ÇÑ ¾×¼¼½º Á¦¾î

¹æ±ÝÀü½Ã¿¡ ±×¸®°í Á¤ÀÇÇÑ ±âº»ÀûÀÎ ACL ±×·³, ´Ù¾çÇÑ ±ÔÄ¢À» ACL Àüü ( ¸ðµç ÀÚ¿ø) ¿¡ ´ëÇØ¼­ Àû¿ëÇß½À´Ï´Ù. ±×·¯³ª ½ÇÁ¦·Î´Â, ¾×¼¼½º Á¦¾î¿¡´Â ´Ù¾çÇÑ ¿¹¿Ü°¡ ´ÙÇØ °ÍÀ̰í, ´õ º¹ÀâÇÑ °ÍÀÌ µÇ°ÚÁö¿ä. Zend_Acl ±×·³, ÀÌ·¯ÇÑ ¸ñÀûÀ» À§Çؼ­µµ Á÷°¨ÀûÀ¸·Î À¯¿¬ÇÑ ¹æ¹ýÀ¸·Î ´ëÀÀÇÒ ¼ö ÀÖ½À´Ï´Ù.

¿¹¿¡ ÁÖ¾ú´Ù CMS ±×·³ ´ëºÎºÐÀÇ À¯Àú¸¦ 'staff' ±×·ì¿¡¼­ Á¤¸®ÇØ °ü¸®Çϰí ÀÖ¾ú½À´Ï´Ù. ¿©±â¿¡¼­´Â »õ·Ó°í 'marketing' ±×·ìÀ» ÀÛ¼ºÇØ,CMS ÀÇ ´º½º·¹Åͳª ÃֽŠ´º½º¿¡ÀÇ ¾×¼¼½º¸¦ Çã°¡½Ãų Çʿ䰡 ÀÖ°ÚÁö¿ä. ÀÌ ±×·ì¿¡´Â, ´º½º·¹Åͳª ÃֽŠ´º½ºÀÇ °ø°³³ª º¸Á¸ ±ÇÇÑÀÌ ÀÖÀ¸¸é ÃæºÐÇϰÚÁö¿ä.

ÇÑÃþ ´õ 'staff' ±×·ì¿¡ ´ëÇØ¼­´Â, ´º½ºÀÇ ³»¿ëÀº ¿­¶÷ÇÒ ¼ö ÀÖ½À´Ï´Ù¸¸ ÃֽŠ´º½ºÀÇ °³º¯Àº ÇÒ ¼ö ¾ø°Ô ÇÕ´Ï´Ù. ¸¶Áö¸·À¸·Î,(administrators (À»)¸¦ Æ÷ÇÔÇÑ´Ù) Àü¿øÀº ' ¼Ò½Ä' (À»)¸¦ º¸Á¸ÇÒ ¼ö ¾ø°Ô ÇÕ´Ï´Ù.À̰ÍÀº,1 ÀϺÎÅÍ 2 ÀÏÁ¤µµÀÇ À¯È¿±â°£ ¹Û¿¡ °¡ÁöÁö ¾Ê´Â °ÍÀ̱⠶§¹®ÀÔ´Ï´Ù.

¿ì¼±, ·Ñ ·¹Áö½ºÆ®¸®¸¦ º¯°æÇØ ÀÌ·¯ÇÑ º¯°æÀ» ¹Ý¿µ½Ãŵ´Ï´Ù. 'marketing' ±×·ìÀ» ÀÛ¼ºÇØ 'staff' (¿Í)°ú °°Àº ±âº»±ÇÇÑÀ» °®°ÔÇϱâ·Î ÇßÀ¸¹Ç·Î, 'marketing' (À»)¸¦ ÀÛ¼ºÇØ,'staff' ÀÇ ±ÇÇÑÀ» °è½Â½Ãŵ´Ï´Ù.


<?php
//  »õ·Î¿î ±×·ì marketing  ÇÏ staff  ÀÇ ±ÇÇÑÀ» °è½ÂÇÕ´Ï´Ù
$acl->addRole(new Zend_Acl_Role('marketing'), 'staff');

´ÙÀ½¿¡, ÀÌ·¯ÇÑ ¾×¼¼½º Á¦¾î´Â ƯÁ¤ÀÇ ÀÚ¿ø ( ·Ê: "newsletter" ,"latest news" ,"announcement news") (À¸)·Î ÇÑÁ¤µÇ´Â °Í¿¡ ÁÖ¸ñÇսôÙ.¿©±â¼­, ÀÌ·¯ÇÑ ÀÚ¿øÀ» Ãß°¡ÇÕ´Ï´Ù.


<?php
//  ±ÔÄ¢À» Àû¿ëÇÏ´Â ÀÚ¿øÀ» ÀÛ¼ºÇÕ´Ï´Ù
require_once 'Zend/Acl/Resource.php';
$acl->add(new Zend_Acl_Resource('newsletter'));           //  ´º½º·¹ÅÍ
$acl->add(new Zend_Acl_Resource('news'));                 //  ´º½º
$acl->add(new Zend_Acl_Resource('latest'), 'news');       //  ÃֽŠ´º½º
$acl->add(new Zend_Acl_Resource('announcement'), 'news'); //  ¼Ò½Ä

±×¸®°í, ´ÙÀ½°ú °°Àº Ưº°ÇÑ ±ÔÄ¢À»,ACL ÀÇ ÇØ´ç ¹üÀ§¿¡ Àû¿ëÇÕ´Ï´Ù.


<?php
// Marketing  (Àº)´Â, ´º½º·¹ÅÍ ¹× ÃֽŠ´º½º¸¦ °ø°³, º¸Á¸ÇÒ ¼ö ¾øÀ¸¸é ¾ÈµË´Ï´Ù
$acl->allow('marketing', array('newsletter''latest'), array('publish''archive'));

// Staff ( ±×¸®°í °è½Â¿¡ ÀÇÇÑ´Ù marketing)  (Àº)´Â ÃֽŠ´º½ºÀÇ °³º¯À» ÇÒ ¼ö ¾ø½À´Ï´Ù
$acl->deny('staff''latest''revise');

//  Àü¿ø (administrators  (À»)¸¦ Æ÷ÇÔÇÑ´Ù)  (Àº)´Â ¼Ò½ÄÀ» º¸Á¸ÇÒ ¼ö ¾ø½À´Ï´Ù
$acl->deny(null'announcement''archive');

À̰ÍÀ¸·Î, ÃÖ½ÅÀÇ º¯°æ ³»¿ëÀ» ¹Ý¿µÇß´Ù ACL ¿¡ÀÇ ¹®ÀǸ¦ ½Ç½ÃÇÒ ¼ö ÀÖ°Ô µË´Ï´Ù.


<?php
echo $acl->isAllowed('staff''newsletter''publish') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

echo $acl->isAllowed('marketing''newsletter''publish') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

echo $acl->isAllowed('staff''latest''publish') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

echo $acl->isAllowed('marketing''latest''publish') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

echo $acl->isAllowed('marketing''latest''archive') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

echo $acl->isAllowed('marketing''latest''revise') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

echo $acl->isAllowed('editor''announcement''archive') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

echo $acl->isAllowed('administrator''announcement''archive') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

2.2.2. ¾×¼¼½º Á¦¾îÀÇ »èÁ¦

ACL (À¸)·ÎºÎÅÍ Çϳª ȤÀº º¹¼öÀÇ ¾×¼¼½º ±ÔÄ¢À» »èÁ¦ÇÏ·Á¸é , removeAllow() ¸Þ¼Òµå ȤÀº removeDeny() ¸Þ¼Òµå¸¦ »ç¿ëÇÕ´Ï´Ù.allow() ¹× deny() (¿Í)°ú °°ÀÌ,null °ªÀ» ÁöÁ¤ÇÏ¸é ¸ðµç ·ÑÀ̳ª ÀÚ¿ø, ±ÇÇÑÀ» ³ªÅ¸³»°Ô µË´Ï´Ù.


<?php
//  ÃֽŠ´º½ºÀÇ °³º¯ °ÅºÎ¸¦ staff ( ±×¸®°í °è½Â¿¡ ÀÇÇÑ´Ù marketing)  (À¸)·ÎºÎÅÍ »èÁ¦ÇÕ´Ï´Ù
$acl->removeDeny('staff''latest''revise');

echo 
$acl->isAllowed('marketing''latest''revise') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

//  ´º½º·¹ÅÍÀÇ °ø°³³ª º¸Á¸ÀÇ ±ÇÇÑÀ»,marketing  (À¸)·ÎºÎÅÍ ¾ø¾Û´Ï´Ù
$acl->removeAllow('marketing''newsletter', array('publish''archive'));

echo 
$acl->isAllowed('marketing''newsletter''publish') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

echo $acl->isAllowed('marketing''newsletter''archive') ?
     
"allowed" "denied"// denied  µË´Ï´Ù

À§¿¡¼­ ¼³¸íÇÑ °Íó·³, ¼­¼­È÷ ±ÇÇÑÀ» º¯°æÇØ ³ª°¥ ¼öµµ ÀÖ½À´Ï´Ù¸¸, ±ÇÇÑ¿¡ ´ëÇØ¼­ null °ªÀ» ¼³Á¤Çϸé, ÀÌ·¯ÇÑ º¯°æÀ» Àϰý·Î ½Ç½ÃÇÒ ¼ö ÀÖ½À´Ï´Ù.


<?php
// marketing  ¿¡ ´ëÇØ¼­, ÃÖ½ÅÀÇ ´º½º¿¡ÀÇ ¾×¼¼½º¸¦ Çã°¡ÇÕ´Ï´Ù
$acl->allow('marketing''latest');

echo 
$acl->isAllowed('marketing''latest''publish') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

echo $acl->isAllowed('marketing''latest''archive') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù

echo $acl->isAllowed('marketing''latest''anything') ?
     
"allowed" "denied"// allowed  µË´Ï´Ù