In short: why does the Zend ACL support multiple inheritance between roles rather than resources?
I have a large resource tree that I would like to grant permissions. In the past, I did this to create two different trees. The first has a common resource of each type in the tree. The second has all instances of these types arranged in the same way. This would mean that if you super imposed trees, you would find objects of the same type on the same level. Then, each instance of the object is installed as having a common object from the first tree as an additional parent. This allows me to set default permissions for each type of object, so each instance inherits them instead of defining them for me, but at the same time gives me refined specific access to each instance.
Example:
The site has 3 modules: users, where user profiles are not yet saved. forums where lively discussions about current gallery issues take place, where users can upload photos of their pets
So, the generic tree mentioned above will look like this:
module
/ | \
user forum gallery
/ | \
profile topic photo
|
post
And the instance tree will look like this:
module_1
/// | \ \
user1 user2 user3 forum gallery1 gallery2
| | | / \ / \ / \
profile profile profile sub1 sub2 photo photo photo photo photo
| / \
post1 post2 post3
ACL . , . , . , , , . , NSFW, . , . . , .
- , ? , . - , Zend_Acl, !
.