[Flow] ACL Problems with initialize Action
Aske Ertmann
aske at moc.net
Wed Apr 2 11:42:34 CEST 2014
Hi Christian
IIRC this area has been tightened security wise. Check if the visibility of your initializeAction is protected because it should be. You can see a couple of commits from Andreas Förthner here regarding it https://review.typo3.org/#/q/owner:%22Andreas+F%25C3%25B6rthner%22+status:merged,p,00282e7e00005ecf
I can’t remember what it was related to, but I think it had something to do with CRSF handling and having to log in twice in some cases.
Greetings
Aske
On 02/04/2014, at 11.20, Christian <chl at vkf-renzel.de> wrote:
> Hi,
>
> there seems to be a problem with my ACL since I updated to Flow 2.1. It seems like, the initializeAction of my Controller are being "protected" now aswell. The funny thing about it is, that I actually define a resource, that should cover all .*Action mehods.
>
> Here the error:
>
> Access denied (0 denied, 0 granted, 1 abstained) to method Vendor\Package\Controller\StandardController::initializeAction().
>
> And here the ACL:
>
> resources:
> methods:
> Vendor.Package.StandardController: 'method(Vendor\Package\Controller\StandardController->.*Action())'
>
> acls:
> myRole:
> Vendor.Package.StandardController: GRANT
>
>
> Now, this works on normal actions of the controller, but not on initializeAction.
>
> How is that even possible?
>
> _______________________________________________
> Flow mailing list
> Flow at lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
More information about the Flow
mailing list