Hi, first of all many thanks for develop, support and share this excellent framework.
Before post this question, I tried to find answer to my problem but I could't be able to find it.
I'm using ACL to control the access to some functionallity of my code. Everything were ok until I made a typo error. In an isAllowed checking I got a true at checking a non defined access in a role.
I show you the code:
<?php
$acl = new AclList();
$acl->setDefaultAction(Acl::DENY); //by default deny for all defined permissions
$adminRole = new Role('Admin', 'Administrator');
$acl->addRole($adminRole);
$fooController = new Resource('FooController');
$acl->addResource(
$fooController,
[ 'fooAction', 'barAction']
);
$acl->allow($adminRole->getName(), $fooController->getName(), '*'); //using wildcard for the access
$checkFoo = $acl->isAllowed($adminRole->getName(),
$fooController->getName(),
"fooAction"); // return true (OK)
//next line return true (but the access 'baAction' is not defined as a part of the resource,
//the correct one would be 'barAction'.
$checkBar = $acl->isAllowed($adminRole->getName(),
$fooController->getName(),
"baAction");
?>I expected to get an error or at least a false.
I'm using Phalcon 3.2.4 .
Thank you so much for read this.
