[FLOW3-general] Simple access restricted FLOW3 app
Henrik Møller Rasmussen
info at hmrdesign.dk
Sun Apr 1 20:31:26 CEST 2012
Fixed it by creating a new package Sb.Login, and move the login
controller there.
My new policy file is now:
roles:
Administrator: []
resources:
methods:
adminMethods: 'method(Sb\Admin\.*->.*())'
acls:
Administrator:
methods:
adminMethods: GRANT
That solved my problem - but I would still like to hear from an
experienced FLOW3 developer if this is the way to implement the access
restriction.
Best regards
Henrik
Den 01/04/12 17.32, Henrik Møller Rasmussen skrev:
> Hi,
>
> I am trying to create a simple access restricted FLOW3 app with only one
> role - Administrator.
>
> I'm having some problem though.
>
> I have a LoginController and some other controllers in the same
> namespace. How would you normally allow everyone access to the login
> controller, and permit logged in administrators to access everything?
>
> I've triede with the following policies without luck.
>
> I am also not 100% sure this is the right approach? Some guidance would
> be wonderful.
>
> Thanks in advance.
>
> Best regards
>
> Henrik Rasmussen
>
>
>
> ----------------
> roles:
> Administrator: []
>
> resources:
> methods:
> allMethods: 'method(Sb\Admin\Controller\[^Login]Controller->.*())'
>
> acls:
> Administrator:
> methods:
> allMethods: GRANT
> ----------------
>
> and
>
> ----------------
> roles:
> Administrator: []
>
> resources:
> methods:
> allMethods: 'method(Sb\Admin\Controller\(?!Login)Controller->.*())'
>
> acls:
> Administrator:
> methods:
> allMethods: GRANT
> ----------------
>
More information about the FLOW3-general
mailing list