Problem with ACL

I created a SecurityPlugin following the invo on github, but despite apparently correct the code, it is leaving no private area as it should out, what is wrong?

services.php

  $di->set('dispatcher', function() use ($di) {
      $eventsManager = new EventsManager;
      $eventsManager->attach('dispatch:beforeDispatch', new SecurityPlugin);
      $dispatcher = new Dispatcher();
      $dispatcher->setEventsManager($eventsManager);
      return $dispatcher;
  });

SecurityPlugin.php

 use Phalcon\Acl;
 use Phalcon\Acl\Role;
 use Phalcon\Acl\Resource;
 use Phalcon\Events\Event;
 use Phalcon\Mvc\User\Plugin;
 use Phalcon\Mvc\Dispatcher;
 use Phalcon\Acl\Adapter\Memory as AclList;

 class SecurityPlugin extends Plugin {

  public function getAcl(){

      if (!isset($this->persistent->acl)) {

          $acl = new AclList();

          $acl->setDefaultAction(Acl::DENY);

          //Register Roles
          $roles = array(
              'admin'     =>   new Role('Admin'),
              'guests'    =>   new Role('Guests')
          );
          //Add Roles
          foreach ($roles as $role){
              $acl->addRole($role);
          }


          //Private area resources
          $privateResources = array(
              'teste'     =>   array('acl', 'phql')
          );
          //Add Resources
          foreach ($privateResources as $resource => $actions){
              $acl->addResource(new Resource($resource), $actions);
          }

          //Public area resources
          $publicResources = array(
                  'teste'      => array('builder'),

          );
          foreach ($publicResources as $resource => $actions) {
              $acl->addResource(new Resource($resource), $actions);
          }
          //Grant access to public areas to both users and guests
          foreach ($roles as $role) {
              foreach ($publicResources as $resource => $actions) {
                  foreach ($actions as $action){
                      $acl->allow($role->getName(), $resource, $action);
                  }
              }
          }

          //Grant Acess private areas
          foreach ($privateResources as $resource => $actions){
              foreach ($actions as $action){
                  $acl->allow('Admin', $resource, $action);
              }
          }

          $this->persistent->acl = $acl;
      }

      return $this->persistent->acl;
  }



  public function beforeDispatch(Event $event, Dispatcher $dispatcher){

      $auth = $this->session->get('auth');
      if (!$auth) {
          $role = 'Guests';
      }
      else {
          $role = 'Admin';
      }

      $controller = $dispatcher->getControllerName();
      $action       = $dispatcher->getActionName();

      $acl = $this->getAcl();

      $allowed = $acl->isAllowed($role, $controller, $action);
      if ($allowed != Acl::ALLOW) {
          $dispatcher->forward(array(
              'controller'    =>   'teste',
              'action'        =>   'erro'
          ));
          return false;
      }
  }
}

Plugins dir was added loader.php

No error appears. When access http://localhost/myapp/test/acl for example, the page is displayed normally as if it were public.

what is wrong?



18.6k

I would try replacing $acl->allow("Admin", $resource, $action); with $acl->allow($roles["admin"], $resource, $action);.

Hi, i followed your suggestion but not working...

I would try replacing $acl->allow("Admin", $resource, $action); with $acl->allow($roles["admin"], $resource, $action);.