Almost every web site need some abstraction over the access control list 
(ACL) to grant access of its users. As usual Zend Framework has quite
 good mechanism to deal with this – Zend_Acl.
Out in the web there are a lot of resources about Zend_Acl’s usage,
 so I ain’t going to cover it one more time, but simply copy/paste a 
very small front controller plugin implementing the basic usage of 
Zend_Acl. Note that instead of defining the __construct()
 here is called preDispatch where the request is passed as a parameter.
However only by copy pasting not every answer will be given. 
That’s why I’m going to write more about Zend_Acl in my future 
posts, for now only the source code:
<?php
 
class AclInit extends Zend_Controller_Plugin_Abstract
{
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        // create new acl object
        $acl = new Zend_Acl();
         // define resources. typically there are
        // only four resources from the CRUD functionality
        // but there can be added more resources
        $acl->add(new Zend_Acl_Resource('index'))
            ->add(new Zend_Acl_Resource('create'))
            ->add(new Zend_Acl_Resource('read'))
            ->add(new Zend_Acl_Resource('update'))
            ->add(new Zend_Acl_Resource('delete'));
 
        // define roles
        $acl->addRole(new Zend_Acl_Role('guest'))
            ->addRole(new Zend_Acl_Role('admin'));
 
        // define privileges
        $acl->allow('guest', array('index', 'read'))
            ->allow('admin');
 
        // setup acl in the registry for more
        Zend_Registry::set('acl', $acl);
 
        // check permissions
        if (!$acl->isAllowed('guest', $request->getActionName())) {
            $request->setControllerName('error');
            $request->setActionName('error');
        }
    }
}
                    
                

Comment