Last teaser before the next release, which should hopefully come out next weekend…

One of the bigger additions to ZenMagick in 0.8.3 is what I, in lack of a better name, called SACS (Simple Access Control System). Not overly original, but it gets the intention across, I think.

So, what does it do? Basically it enforced the use of SSL (if configured) and ensures that controller are accessibly only with the correct credentials.

The new class ZMSacsMapper looks and works similar to ZMUrlMapper. An initial setup is loaded from core/settings/sacs_mapping.php and themes, plugins and other code are welcome to build on that.

The two functions are implemented in two corresponding class methods:

• ensureAuthorization($controller)
  This method is called in ZMController::process(), so all controller inherit this feature. The method validates the current account type (anonymous, guest, registered) against the configured required authentication level. If nothing is configured, the lowest level (anonymous) is assumed. If the current account has no sufficient level of authentication, a redirect to the login page is returned. The original URL is saved and the user is redirected back after a successful login.
• ensureAccessMethod($controller)
  This method will, if configured via the setting ‘isEnforceSSL‘, ensure that resources (ie. pages) that are marked as secure will only be accessed using SSL. If a page marked as secure is accessed using plain HTTP, a redirect to the same URL using HTTPS will be send. (Note: This also requires ‘isEnableSSL‘ to be true).
  In contrast to ensureAuthorization($controller), this method is already called during the init process, so cached pages are covered as well.