How to implement Zend Framework service layer and acl?
Posted on 2010-08-16
I've been struggling with the best way to implement a service layer in Zend Framework as well as integrating this service layer with a dynamic ACL. I realize that implementation depends on the business logic at hand, but I'm looking for some general recommendations. I'm building a sales application with the following components:
- Purchase Orders (Salesperson creates and manages purchase orders)
- Sales (Salesperson generates sales)
- Warehouse (Receive equipment from purchase orders)
- Audit (Audit equipment from purchase orders, returned sales, etc.)
- etc, etc.
Below is my current structure:
- Models directory under /application to store Doctrine 2.0 entity and repository classes
- Each module stored under /application/modules with its own forms, services, controllers, views. Note that the models are only stored on the top level, as I'm not sure how to configure Doctrine 2.0 Entities to reside in different folders.
My questions are as follows:
1. I'm not sure using modules is the best approach. Certain groups of people will have access to certain modules in the application, so this is correct from a permissions standpoint. However, I find that having services in each module is confusing, as most of these services are used across all modules. What is a good approach to structuring this application?
2. In using a service layer pattern, should I have a service for each model? How about services which do not correspond to a given model?
3. Would it be better to organize all forms, services at a global level along with the models?
4. Finally, what is the best structure for permissions in this case? Should I put the acl down into the service classes? Or should I control access at the controller level?
Thank you for any suggestions.