Hello friends. Please tell me how to implement the ideas. There storekeeper, he has available controllers. Is the warehouse manager, he has the same controllers and a few more. And there are the director, who almost all controllers. It is possible to arrange the inheritance of roles? There is an example of this implementation?
help me please ... hard and so, so still and English with difficulty given ...
check phalcon 's document and try to test code in example application
https://docs.phalcon.io/en/latest/reference/acl.html
https://github.com/phalcon/vokuro
https://github.com/phalcon/invo/blob/master/app/plugins/SecurityPlugin.php
It's all good, I learn so. I asked one, and wanted to ask more. There is a role - the gardener. There is a role - the pool cleaner. And there is a role - a plumber. There are many roles in movies, but not the point. Can the role - the role of producer inherit all subordinate roles? Maybe it is not clear ... asked Google translator as translated into English ...)))
I understood. Can I pass an array of roles as an inheritance? How hard to understand these useful little things
https://docs.phalcon.io/uk/latest/reference/acl.html#roles-inheritance
I think this part of the document explains that you can use role inheritance as nth paramater the addRole function . You can then add resources later.
I believe that addRole docs are here:
https://docs.phalcon.io/en/3.0.1/api/Phalcon_Acl_Adapter.html#abstract-class-phalcon-acl-adapter
I personally cannot answer your question from experience.
Why don't you try it out and report back?
<?php
use Phalcon\Acl\Role;
// ...
// Create some roles for cinema
$roleGardener = new Role("Gardener", "Gardener role");
$rolePlumber = new Role("Plumber", "Plumber role");
$roleWhore = new Role("Whore", "Whore role");
$roleProducer = new Role("Producer", "Producer role");
// Add "Guests" role to ACL
$acl->addRole($roleGardener);
$acl->addRole($rolePlumber);
$acl->addRole($roleWhore);
$acl->addRole($roleProducer,array($roleGardener,$rolePlumber,$roleWhore));
This embodiment does not work inheritance. One role can inherit, but many can not. Maybe I somehow wrong it make out?
when you change any role you should destroy your session before test it because phalcon SecurityPlugin will work before access to any controller
The error occurs regardless of the session. If the inheritance - a string, then everything works fine. If the array, an error occurs. Although the documentation ...
/*
* Adds a role to the ACL list. Second parameter allows inheriting access data from other existing role
* Example:
* <code>
* $acl->addRole(new Phalcon\Acl\Role('administrator'), 'consultant');
* $acl->addRole('administrator', 'consultant');
* </code>
*
* @param RoleInterface|string $role
* @param array|string $accessInherits ---This line is very important. So you can send an array of roles?
* @return bool
*/
public function addRole($role, $accessInherits = null) {}This?:
$acl->addRole($rolePlumber, $roleGardener);
$acl->addRole($roleBadequivalentRole, $rolePlumber);
$acl->addRole($roleProducer, $roleBadequivalentRole);This?
$acl->addRole($roleProducer, $roleBadequivalentRole, $rolePlumber, $roleGardener);I think maybe this:
$acl->addRole($roleGardener);
$acl->addRole($rolePlumber);
$acl->addRole($roleBadequivalentRole);
$acl->addRole($roleProducer, [ 'roleGardener', 'rolePlumber', 'roleBadequivalentRole' ] );or this:
$acl->addRole($rolePlumber, $roleGardener);
$acl->addRole($roleBadequivalentRole, $rolePlumber);
$acl->addRole($roleProducer, $roleBadequivalentRole);
or
$acl->addRole($rolePlumber, 'roleGardener');
$acl->addRole($roleBadequivalentRole, 'rolePlumber');
$acl->addRole($roleProducer, 'roleBadequivalentRole');
$acl->addRole($roleProducer, [ 'roleGardener', 'rolePlumber', 'roleBadequivalentRole' ] );
$acl->addRole($rolePlumber, $roleGardener);
$acl->addRole($roleBadequivalentRole, $rolePlumber);
$acl->addRole($roleProducer, $roleBadequivalentRole);