[Flow] Roles and Groups in Flow if Roles are generated by the app

Christian Richter christian.richter at portachtzig.com
Wed May 20 12:14:35 CEST 2015 

Hi all...

I allready posted the following question on Slack, but since I don't 
like that very much and I don't know what your preferred communication 
channel is, I repost here, sorry for that:

I'm in the process of internalizing "Roles" in Flow and now I am 
confused whether a specific setting, I'd like to archieve is possible:At 
the moment I have four roles defined "Administrator", "Organizer", 
"Editor" and "Viewer" as in the following Policy.yaml:

roles:
   Administrator: []
   Organizer: []
   Editor: []
   Viewer: []

resources:
   methods:
     Flow_LoginSignedInMethods: 
'method(Vendor\Application\Controller\LoginController->signedInAction())'

acls:
   Administrator:
     methods:
       Flow_LoginSignedInMethods: GRANT
   Organizer:
     methods:
       Flow_LoginSignedInMethods: GRANT
   Editor:
     methods:
       Flow_LoginSignedInMethods: GRANT
   Viewer:
     methods:
       Flow_LoginSignedInMethods: GRANT


Since that does not make possible what I'd like to achieve: Here is what 
I'd like to achieve

I have Groups defined and need those 4 Roles not on Application-level, 
but on Group level!
(e.G. groupA_organizer, groupB_editor, etc.)
Whenever a group is created, the three respective groups should be 
created too...BUT, as you can see in my Policy.html it would not be 
possible to differentiate groupA_organizer and groupB_organizer...

As I understand the role and account management, I respectively an 
Administrator would have to add new roles that should be generated upon 
my "Group"-creation manulally to the Policy.html, is that correct?Robert 
Lemke spoke about some "Groups" ages ago, 
(https://forge.typo3.org/issues/37451#note-4) but I think we are still 
at a point where there are only Roles ('system' and 'policy')...

How do you handle the situation where you do not need roles on 
application-level, but on group/context-level a little deeper in the logic?

I would really appreciate any feedback considering this topic, because 
frankly... I'm lost!

Best regards and thanks in advance,
Christian

More information about the Flow mailing list