Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

ACL not working in Phalcon

I am trying to write a REST API Micro program, and write acl based on the V3.2 documentation and the INVO example.

if it goes well, should not receive data from getUserList. or throw Exception.

But no matter how I change it, I receive the data as if the ACL never worked. and Exception not throw out.

Does not seem to work,

Please tell me where there is a error?

<?php

namespace App;

use Phalcon\Acl;
use Phalcon\Acl\Role;
use Phalcon\Acl\Resource;
use Phalcon\Events\Event;
use Phalcon\Mvc\User\Plugin;
use Phalcon\Mvc\Dispatcher;
use Phalcon\Acl\Adapter\Memory;

use App\Controllers\HttpExceptions;
use App\Controllers\HttpExceptions\Http422Exception;

class Security extends Plugin
{
    public function getAcl()
    {
        $acl = new \Phalcon\Acl\Adapter\Memory();
        $acl->setDefaultAction(Acl::DENY);

        $roleAdmins = new Role('admin');
        $acl->addRole( $roleAdmins);
        //  \App\Model\Users
        $usersResource = new Resource('Users');
        // getUserListAction
        $acl->addResource($usersResource,['getUserList',]);
        $acl->allow($roleAdmins, 'Users', 'getUserList');

        return $acl;

    }

    public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher){
        $role = 'guest';
        $controller = $dispatcher->getControllerClass();
        $action =$dispatcher->getActionName();
        $acl= $this->getAcl();

        if (!$controller) {
            throw new Http422Exception(_('Err a'));
            return false;
        }

        if (!$action) {
            throw new Http422Exception(_('Err b'));
            return false;
        }

        if (!$acl->isResource($controller)) {
            throw new Http422Exception(_('Err c'));
            return false;
        }

        $allowed = $acl->isAllowed($role, $controller, $action);
        if (!$allowed) {
            throw new Http422Exception(_('Err d'));
            return false;
        }
    }
<?php
// di.php
$di->set('dispatcher',
    function() {
        $eventManager = new Phalcon\Events\Manager();
        $eventManager->attach('dispatch:beforeExecuteRoute', new \App\Security);

        $dispatcher = new \Phalcon\Mvc\Dispatcher();
        $dispatcher->setEventsManager($eventManager);
        return $dispatcher;
    });


114.4k
Accepted
answer
edited 11d ago

There is no dispatcher in micro app.

https://docs.phalconphp.com/hu/3.2/application-micro#events

You can use $router->getMatchedRoute() and named routes for acl.