The Zend Developer Zone has posted a new tutorial (from Aldemar Bernal) about some of the basic use of the Zend_Acl component of the Zend Framework.

So, what is wrong with Zend_Acl and the current MVC implementation in the Zend Framework? there is nothing wrong, it is just that it gets not too obvious for developers how to achieve an optimal integration between these two important parts of the framework.

He talks about the proposal that's out for a potential update to the component, the two key points being the front controller plugin and a new action helper. He includes some sample code showing how to set it all up including a "denied" controller to handle the failures.

Padraic Brady is up to part seven of his blog creation (with the Zend Framework) series, tracking his development paths and though processes along the way. This new part of the seres looks at using Zend_Acl for user management and changing up some of the style of the site.

We previously covered how to authenticate an author to the blog, but we still have nothing ensuring only authenticated authors can access the new Administration Module. This is the domain of Zend_Acl, an implementation of an Access Control List system which limits access to resources by the roles assigned to a user.

He starts by helping you understand access control lists including roles and privileges. He plans out the different roles that he wants the application to have first (always a good first step) and then implements them in a class extending the Zend_Acl component. He wraps this all in a front controller to make it easy to use.

He also tosses in a bit there at the end about CSS and styling to handle the forms for login and the administration piece of the blog he created earlier.