[Flow] Deny access by policy not working
Mario Beiser
mariobeiser at googlemail.com
Sat Jun 22 18:05:13 CEST 2013
I don't get it. There is no AccessDeniedException raised.
Do I have to check the loggedIn user's role and raise an exception by
myself?
Don't think so. I wouldn't need that whole policy stuff that way.
Here is again my policy:
----------------------------------------------------
resources:
methods:
RestrictedArea: 'method(My\Package\Controller\CalculateController->*())'
roles:
Admin: []
User: []
acls:
Admin:
methods:
RestrictedArea: GRANT
User:
methods:
RestrictedArea: DENY
------------------------------------------------------
The AuthenticationNeededException is raised, if I am not logged in. That
works fine.
So any further advices to me? Thanks for helping me out.
Mario
2013/6/22 Mario Beiser <mariobeiser at googlemail.com>
> Hi John,
>
> sorry, that's just a typo in the mail.
> Code is without a point. Just '*Action()'.
>
> I don't get it, why security isn't intercepting...
>
> Any further ideas?
>
>
> Am 22.06.2013 um 13:19 schrieb John Small <flow3.tiny69 at net-con.net>:
>
> > Am 22.06.2013 11:54, schrieb Mario Beiser:
> >> Hi there,
> >>
> >> my policy.yaml:
> >>
> >> resources:
> >> methods:
> >> RestrictedArea:
> >> 'method(Test\Package\Controller\ItemController->*.Action())'
> > Is there really a . at that particular position ?
> >
> >
> >
> >
> >
> > --
> > kind regards
> >
> >
> > John
> >
> > _______________________________________________
> > Flow mailing list
> > Flow at lists.typo3.org
> > http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
> _______________________________________________
> Flow mailing list
> Flow at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
>
--
----------------
Mario Beiser
5, Allèe Francois Mitterand
F-67400 Illkirch-Graffenstaden
email: mariobeiser at googlemail.com
mobile: 0049 170 2469488
More information about the Flow
mailing list