Shortcoming in the acl.

Hello everyone . Apologize in advance for any errors. In my opinion in the acl is a small drawback, namely the method isAllowed and its first attribute . Imagine the situation : the logic of the application , the user belongs to multiple groups , for which, respectively, some available resources. A resource may be available in two or more groups. In this case, have repeatedly call the isAllowed and peredovat as the first attribute name role to which user belongs to. It would be easier if acl kept the resulting array of available resources and would not have to peredovat title role. Maybe I'm not well mastered the techniques of acl, so once again I bring apologies . I would be happy to comment .


what "peredovat" does means?


I'm sorry I use a translator. peredovat === give

Hi @Farkhod! Can you show me some sample code to implement this?

// Можешь показать пример кода реализующего такого поведение?


I would like this behavior

There is a role "user" and resources available to her Posts::create. There is another role "admin", and the resources available to it Posts::edit, Users::create

In our example, the user will belong to these two roles.

In our case, the user will belong to these two roles, so it will be available to all resources (Posts::create, Posts::edit, Users::create).

In the end, I would like something like this:

echo $acl->isAllowed('posts', 'create'); // return 1
echo $acl->isAllowed('posts', 'edit'); // return 1
echo $acl->isAllowed('users', 'create'); // return 1
echo $acl->isAllowed('posts', 'delete'); // return 0