[Flow] policy.yaml: acl's are not correct configured?
Steffen Wickham
steffen at gaming-inc.de
Mon Apr 27 14:09:54 CEST 2015
Hello again, ;)
you have to add the full namespace, otherwise the pointcut expression
will fail. This is one of my Policy.yaml declarations:
AFSVN_Schaf_API:
'method(AFSVN\Schaf\Controller\API\.*Controller->.*Action())'
Just a hint (but I think it is just related to the email formatting),
but keep an eye on the indents of the settings. In your example it looks
like "indexMethods" is on the same level as "methods" but have to be
indent one level.
All the best,
Steffen
Am 27.04.15 um 13:59 schrieb Andre Hohmann:
>
>
> Hallo,
>
> my Policy.yaml looks like that:
>
> resources:
> methods:
> indexMethods: 'method(ITOOPAtc.*->index.*())'
> updateMethods: 'method(ITOOPAtc.*->update.*())'
> deleteMethods: 'method(ITOOPAtc.*->delete.*(force == TRUE))'
>
> roles:
> Administrator: []
> User: []
>
> acls:
> Administrator:
> methods:
> listMethods: GRANT
> updateMethods: GRANT
> deleteMethods: GRANT
> User:
> methods:
> listMethods: DENY
> updateMethods: DENY
>
> If I log in as User I'm able to index and update a "Mitglied" although I
> defined updateMethods: DENY in the policy. In the MitgliedController the
> action is defined as update-Action:
>
> ...
>
> public function updateAction(Mitglied $mitglied) {
>
> ...
>
> Does anybody know, why access to the actions is not denied? Thank you.
>
More information about the Flow
mailing list