ACL issue

Here is my code: http://pastebin.com/mwCQiWn3

Now the issue I'm facing is: Anyone was able to access phones/new though I allowed index action only to guests. I need your advice to fix the issue.

Thanks



31.2k

Hi,

in line 84, change:


$acl->allow($role->getName(), $resource, '*');
// to
$acl->allow($role->getName(), $resource, $action);