[FLOW3-general] How to secure a controller?

David Sporer david.sporer at gmail.com
Tue Jan 15 15:08:04 CET 2013 

Hey Axel,

the whole Picture is that you first define which rules are available means
like this
resources:
  entities: []
  methods:
    SecuredArea: 'method(Your\Package\**Controller\(Foo|Bar)**
Controller->(?<!initialize).***Action())'


In this case the SecuredArea (which is the name of your rule/resource)
applies to all actions of either FooController or BarController of Package
Your\Package.
This is a regular expression (Foo|Bar) means that either Foo or Bar has to
be in the controller name.

Afterwards you define which security roles are available.

# The security policy roles configuration
roles:
  Administrator: []
  NormalUser: []

And then you specify which roles are granted certain security
rules/resources.


# The security policy acls configuration connects the resources with the
roles by assigning
# privileges. Here is an example configuration array:
acls:
  Administrator:
    methods:
      SecuredArea: GRANT
  NormalUser:
    methods:
      SecuredArea: DENY


In this case only Administrator can access any action of FooController and
of BarController. Access for all other users is blocked.

Regards
David



2013/1/15 Qbus | Axel Wüstemann <awu at qbus.de>

> Am 15.01.2013 14:01, schrieb Bastian Waidelich:
>
>  Qbus | Axel Wüstemann wrote:
>>
>> Hey,
>>
>>  'method(Your\Package\**Controller\(Foo|Bar)**
>>>> Controller->(?<!initialize).***Action())'
>>>>
>>>>
>>  What is "Foo|Bar" in this case? Is that a additional rule? Sorry, but
>>> I'm a bit confused now ;=)
>>>
>>
>> This expands to:
>> All methods in \Your\Package\Controller\**FooController *or*
>> \Your\Package\Controller\**BarController that end on *Action* and don't
>> start with *initialize*.
>>
>>
>>  This I understood... and I read the AOP Doc! ;=) But all this is compex
> stuff an I'm just starting with Flow.
>
> I could not get, what in my case the foo and the bar should be and how
> this rule fits together with the other rool, shortly: I don't see the whole
> picture (Ich seh' den Wald vor Bäumen nicht mehr) - Sorry for this! I will
> put all my new knowledge into a tutorial blog post afterwards, so the
> effort to help a novice would not be for nothing ;=)
>
> Bests
> Axel
>
>
> --
> Qbus Werbeagentur GmbH
>
> 18055 Rostock, Heiligengeisthof 5
> Tel:   0381 4 61 39 - 10 | Fax: - 22
> 21029 Hamburg, Chrysanderstraße 69A
> Tel:   040 60 94 59 75
> Mobil: 0179 46 455 46
>
> www.xing.com/profile/Axel_**Wuestemann<http://www.xing.com/profile/Axel_Wuestemann>
> www.issuu.com/QbusAgentur/**docs/qbus-referenzen?mode=**embed<http://www.issuu.com/QbusAgentur/docs/qbus-referenzen?mode=embed>
>
> Handelsregister: HRB 11218 beim Amtsgericht Rostock
> Sitz der Gesellschaft: Hansestadt Rostock
> Geschäftsführer: Dipl.-Ing. Axel Wüstemann
>
> www.qbus.de | www.qbus.de/qblog
> www.facebook.com/QbusAgentur
> ______________________________**_________________
> FLOW3-general mailing list
> FLOW3-general at lists.typo3.org
> http://lists.typo3.org/cgi-**bin/mailman/listinfo/flow3-**general<http://lists.typo3.org/cgi-bin/mailman/listinfo/flow3-general>
>

More information about the Flow mailing list