protected function _buildAcl() { $acl = new My_Acl(); //Add resources $aclResourceMapper = new Users_Model_AclResourceMapper(); foreach ($aclResourceMapper->fetchAll() as $resource) { $resourceName = My_Acl::buildResName($resource->getModule(), $resource->getController(), $resource->getAction()); $acl->addResource(new Zend_Acl_Resource($resourceName)); } //Add roles $usersRoleMapper = new Users_Model_UsersRoleMapper(); foreach ($usersRoleMapper->fetchAll() as $role) { $acl->addRole(new Zend_Acl_Role($role->getId())); } //Allow resources for roles $aclAllowMapper = new Users_Model_AclAllowMapper(); foreach ($aclAllowMapper->fetchAll() as $allow) { $resourceName = My_Acl::buildResName($allow->getACLRES_Module(), $allow->getACLRES_Controller(), $allow->getACLRES_Action()); $acl->allow($allow->getUSEROL_Id(), $resourceName); } //Admin can access everything $acl->allow(My_Acl::ADMIN_ROLE_Id, null, null, null); return $acl; }