[TYPO3-50-general] Problem with setting proper methods-based policies
François Suter
fsu-lists at cobweb.ch
Wed Oct 10 16:31:29 CEST 2012
Hi all,
I have trouble setting a proper policy for the following scenario:
Consider a controller with a lot methods. All are reserved for users
with the "Administrator" role and is may be accessed by users with a
"Client" role.
I have tried the following policy:
resources:
methods:
Cobweb_Monitoring_EventManagement:
'method(Cobweb\Monitoring\Controller\EventController->(.*)Action())'
Cobweb_Monitoring_Timeline:
'method(Cobweb\Monitoring\Controller\EventController->timelineAction())'
roles:
Administrator: []
Client: []
acls:
Administrator:
methods:
Cobweb_Monitoring_EventManagement: GRANT
Client:
methods:
Cobweb_Monitoring_Timeline: GRANT
My hope was that the more specific "timeline" action would be considered
and allowed for "Client" roles, but that does not work. How should I
handle this?
Cheers
--
Francois Suter
Cobweb Development Sarl - http://www.cobweb.ch
More information about the TYPO3-project-5_0-general
mailing list