Hi all,

Im kinda stuck with a problem. I'm workin on a project, and i decided to implement the login with ACL authentification. The problem is that i followed the documentation and I'm having trouble with normal users.

I have 2 types of users, Admin and Regular. Admin user works fine but regular gives me the 404 page not found error. I tried using die() to see what is happening with the roles and i can see that they are properly assigned to users.

Now i really don't understand why does it not load my registered users only page for normal users when it works for admins, and ACL is properly settup?

can you guys help out, it's pretty important. Would appreciate for any help.

The project is quite simple, here are the implementations i used:

*SecurityPlugin.php *

use Phalcon\Acl; use Phalcon\Acl\Role; use Phalcon\Acl\Resource; use Phalcon\Events\Event; use Phalcon\Mvc\User\Plugin; use Phalcon\Mvc\Dispatcher; use Phalcon\Acl\Adapter\Memory as AclList;

public function getAcl() { if (!isset($this->persistent->acl)) {

       $acl = new AclList();

     $acl->setDefaultAction(Acl::DENY);


     // Register roles
     $roles = [
         'users'  => new Role(
             'Users',
             'Member privileges, granted after sign in.'
         ),

         'admin'  => new Role(
             'Admin',
             'Admin privileges, granted after sign in.'
         ),

         'guests' => new Role(
             'Guests',
             'Anyone browsing the site who is not signed in is considered to be a "Guest".'
         )
     ];

     foreach ($roles as $role) {
         $acl->addRole($role);
     }

     //Private area resources
     $privateResources = array(
         'restricted'        => array('index')
     );
     foreach ($privateResources as $resource => $actions) {
         $acl->addResource(new Resource($resource), $actions);
     }

     //Admin area resources
     $adminResources = array(
         'restricted'     => array('index', 'profile')

     );
     foreach ($adminResources as $resource => $actions) {
         $acl->addResource(new Resource($resource), $actions);
     }

     //Public area resources
     $publicResources = array(
         'index'      => array('index'),
         'register'   => array('index'),
         'errors'     => array('show401', 'show403', 'show404', 'show500'),
         'session'    => array('index', 'register', 'start', 'end')
     );
     foreach ($publicResources as $resource => $actions) {
         $acl->addResource(new Resource($resource), $actions);
     }

     //Grant access to public areas to both users and guests
     foreach ($roles as $role) {
         foreach ($publicResources as $resource => $actions) {
             foreach ($actions as $action){
                 $acl->allow($role->getName(), $resource, $action);
             }
         }
     }

     //Grant access to private area to role Users
     foreach ($privateResources as $resource => $actions) {
         foreach ($actions as $action){
             $acl->allow('Users', $resource, $action);
         }
     }

     //Grant access to private area to role Admin
     foreach ($adminResources as $resource => $actions) {
         foreach ($actions as $action){
             $acl->allow('Admin', $resource, $action);
         }
     }

     //The acl is stored in session
     $this->persistent->acl = $acl;
 }

 return $this->persistent->acl;

}

public function beforeDispatch(Event $event, Dispatcher $dispatcher) {

   $auth = $this->session->get('auth');
 if (!$auth){
     $role = 'Guests';
     die(print_r($role));


 } else {
     $role = 'Users';
 } 

 if ($auth['type'] == 'A') {
      return;
  }

 $controller = $dispatcher->getControllerName();
 $action = $dispatcher->getActionName();

 $acl = $this->getAcl();

 if (!$acl->isResource($controller)) {
     $dispatcher->forward([
         'controller' => 'errors',
         'action'     => 'show404'
     ]);

     return false;
 }

 $allowed = $acl->isAllowed($role, $controller, $action);

 if ($allowed != Acl::ALLOW) {
     if ($role == 'Guests') {
         $dispatcher->forward(array(
         'controller' => 'errors',
         'action'     => 'show401'
         ));
         return false;
     } else {
         $dispatcher->forward(array(
         'controller' => 'errors',
         'action'     => 'show403'
         ));
         return false;
         }   
 }

} }

SessionController.php

class SessionController extends ControllerBase { public function initialize() { $this->tag->setTitle('Log in'); parent::initialize(); }

public function indexAction()
{
  if (!$this->request->isPost()) {
      $this->tag->setDefault('name', 'user');
      $this->tag->setDefault('password', '12345678');
  }
}


private function _registerSession(Users $user)
{
  $this->session->set('auth', array(
      'id' => $user->id,
      'name' => $user->name,
      'type'=>$user->type
  ));
}

public function startAction()
{
  if ($this->request->isPost()) {

      $name = $this->request->getPost('name');
      $password = $this->request->getPost('password');

      $user = Users::findFirst(array(
          "(name = :name:) AND password = :password: AND active = 'Y'",
          'bind' => array('name' => $name, 'password' => sha1($password))
      )); 
      if ($user != false) {
          $this->_registerSession($user);
          $this->flash->success('Welcome back ' . $user->name);
          return $this->forward('locked/index');
      }

      $this->flash->error('Wrong name/password');
  }

  return $this->forward('session/index');
}

public function endAction()
{
  $this->session->remove('auth');
  $this->flash->success('You have been logged out succesfully!');
  return $this->forward('index/index');
}

}

So for admin both locked/index.php and locked/profile.php work normally, yet for Users(regular user) it gives me the 404 file not found.

Anyone got any idea what it might be?