[Flow] Deny access by policy not working

Frans Saris franssaris at gmail.com
Sat Jun 22 18:20:44 CEST 2013 

Here we have the same problem. Even when we deny all for anonymous users we
still can access resticted controllers directly.

We are on last 2.0 beta.

Someone any hints how to debug this?

Gr. Frans
Op 22 jun. 2013 18:05 schreef "Mario Beiser" <mariobeiser at googlemail.com>
het volgende:

> I don't get it. There is no AccessDeniedException raised.
>
> Do I have to check the loggedIn user's role and raise an exception by
> myself?
> Don't think so. I wouldn't need that whole policy stuff that way.
>
> Here is again my policy:
> ----------------------------------------------------
> resources:
>   methods:
>     RestrictedArea:
> 'method(My\Package\Controller\CalculateController->*())'
> roles:
>   Admin: []
>   User: []
> acls:
>   Admin:
>     methods:
>       RestrictedArea: GRANT
>   User:
>     methods:
>       RestrictedArea: DENY
> ------------------------------------------------------
> The AuthenticationNeededException is raised, if I am not logged in. That
> works fine.
>
> So any further advices to me? Thanks for helping me out.
> Mario
>
>
> 2013/6/22 Mario Beiser <mariobeiser at googlemail.com>
>
> > Hi John,
> >
> > sorry,  that's just a typo in the mail.
> > Code is without a point. Just '*Action()'.
> >
> > I don't get it, why security isn't intercepting...
> >
> > Any further ideas?
> >
> >
> > Am 22.06.2013 um 13:19 schrieb John Small <flow3.tiny69 at net-con.net>:
> >
> > > Am 22.06.2013 11:54, schrieb Mario Beiser:
> > >> Hi there,
> > >>
> > >> my policy.yaml:
> > >>
> > >> resources:
> > >>  methods:
> > >>    RestrictedArea:
> > >> 'method(Test\Package\Controller\ItemController->*.Action())'
> > > Is there really a . at that particular position ?
> > >
> > >
> > >
> > >
> > >
> > > --
> > > kind regards
> > >
> > >
> > > John
> > >
> > > _______________________________________________
> > > Flow mailing list
> > > Flow at lists.typo3.org
> > > http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
> > _______________________________________________
> > Flow mailing list
> > Flow at lists.typo3.org
> > http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
> >
>
>
>
> --
> ----------------
> Mario Beiser
> 5, Allèe Francois Mitterand
> F-67400 Illkirch-Graffenstaden
>
> email: mariobeiser at googlemail.com
> mobile: 0049 170 2469488
> _______________________________________________
> Flow mailing list
> Flow at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow

More information about the Flow mailing list