security - Only the owner can delete his/her books? -

my problem other users not own book can delete book if know book id , it's easy book id.

look here (zf manual)

see "writing conditional acl rules assertions". need find way pass book id assert() method, on it's easy.