We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Using ACL in Phalcon 1.1.0

Hi I tried to replicate the ACL in sample application invo steps 1.) I copied the Security.php as an app plugin in my new phalcon project 2.) load the necessary plugins in loader.php code below

    array(
        $config->application->controllersDir,
        $config->application->modelsDir,
        $config->application->pluginsDir,
        $config->application->libraryDir,
        $config->application->viewsDir
    )

3.) Add event manager for adding the Security plug in and add a session in public/index.php

 /**
     * We register the events manager
     */

    $di->set('dispatcher', function() use ($di) {

        $eventsManager = $di->getShared('eventsManager');

        $security = new Security($di);

        /**
         * We listen for events in the dispatcher using the Security plugin
         */
        $eventsManager->attach('dispatch', $security);

        $dispatcher = new Phalcon\Mvc\Dispatcher();
        $dispatcher->setEventsManager($eventsManager);

        return $dispatcher;
    });

        /**
     * Start the session the first time some component request the session service
     */
    $di->set('session', function(){
        $session = new Phalcon\Session\Adapter\Files();
        $session->start();
        return $session;
    });

4.) modify the Security plugin to add hello controller in publicResources variable for Hello Controller to enable the guest view

//Public area resources
            $publicResources = array(
                'index' => array('index'),
                'hello' => array('index', 'login')
            );

5.) Create a Hello Controller


class HelloController extends \Phalcon\Mvc\Controller
{

     protected function initialize()
    {
        $this->view->disable();
        echo "CALL HELLO";

    }

    public function indexAction()
    {
        $this->view->disable();
        echo "INDEX";
    }

    public function loginAction()
    {
        $this->view->disable();
        echo "MOO";
    }

}

6.) test the application url "https://localhost/appname/hello/login" output is "You don't have access to this module"

What seems to be the problem? Am I missing something?



404

You need to disable caching before you finish Acl configuration.

Look at app/plugins/Security.php and find method getAcl. It starts with:

  if (!isset($this->persistent->acl)) {
    ...
  }

Just remove that check for now (only the check, not the method). And don't forget to return it back before project deployment.

About what it is read: https://docs.phalcon.io/en/latest/reference/session.html#persistent-data-in-components



10.8k

@Andrey it works that's weird... okay I'll check the docs why it happened

Thanks!

@Andrey thanks! Worked.

I tried to restart the server and nothing worked.