[Flow] Abstract Classes and Policy

Adrian Föder adrian at foeder.de
Wed Mar 12 15:02:47 CET 2014 

Christian, hi,

in order to avoid the error on "initializeAction", you should generally 
care about making your initializeActions private! They can be, and they 
should be.
In your resource method definitions, make sure you limit the scope to 
public methods, like

Your_Package_WhaeverController_Secured: 'method(public 
Your\Package\Controller\WhateverController->.+Action())'

(note the ``public`` after the method(...


At least in Neos I'm aware that Neos protects *every* controller, 
including the WidgetControllers. Did you maybe install a Neos onto your 
project?

(see 
https://git.typo3.org/Packages/TYPO3.Neos.git/blob/master:/Configuration/Policy.yaml 
lines 7 and 8).

Best,
Adrian

Am 12.03.2014 14:00, schrieb Christian Loock:
> Oh I'm sorry, I just checked. We actually updated from Version 2.0 to 2.1.
> My bad. But still, before the update those errors did not happen.
>
>
> 2014-03-12 13:59 GMT+01:00 Christian Loock <brainshack at gmail.com>:
>
>> I have a Widget Controller that inherits from TYPO3\Fluid\Core\Widget\
>> AbstractWidgetController.
>>
>> The first excepttion is thrown, when it tries to call my Controller, since
>> it is not in the policy. I am pretty sure that you didn't have to create
>> ACLs for ViewHelper Controllers before the update to 2.2.
>>
>> When i add my Controller to the ACL, it will throw an exception because
>> TYPO3\Fluid\Core\Widget\AbstractWidgetController::initializeAction is
>> being called, since I do not overwrite it in my Controller. This is wha i
>> have to add TYPO3\Fluid\Core\Widget\AbstractWidgetController to my ACL
>> aswell in order for everything to run. But this doesn't feel right to me
>> tbh. At least that was not the case in 2.1
>>
>>
>> 2014-03-12 13:54 GMT+01:00 Adrian Föder <adrian at foeder.de>:
>>
>> Hi  Christian, I probably didn't fully understand your problem; where
>>> exactly is your security exception triggered meanwhile? On What
>>> controller/action?
>>>
>>> Thanks!
>>>
>>> Best,
>>> Adrian
>>>
>>> Am 12.03.2014 11:13, schrieb Christian Loock:
>>>
>>>   Hi,
>>>>
>>>> we recently updated to Flow 2.2 and since then, we are getting security
>>>> exceptions, that are triggerd because the Security Framework checks
>>>> Classes
>>>> you inherit from. Example:
>>>>
>>>> You write a Widget that has a controller that that extends from
>>>> TYPO3\Fluid\Core\Widget\AbstractWidgetController
>>>>
>>>> In Flow 2.1 this caused no issues, since it seems like it didnt check for
>>>> this kind of inheritance.
>>>>
>>>> Now I know I can fix this, by adding these Controllers to my Policy, but
>>>> shouldnt it be at least part of Flows Policy.yaml ?
>>>>
>>>> Does it even make sense to check for ViewHelpers? Or is this behaviour
>>>> intended?
>>>>
>>>>
>>> _______________________________________________
>>> Flow mailing list
>>> Flow at lists.typo3.org
>>> http://lists.typo3.org/cgi-bin/mailman/listinfo/flow
>>>
>>
>>

More information about the Flow mailing list