I am trying to write a REST API Micro program, and write acl based on the V3.2 documentation and the INVO example.
if it goes well, should not receive data from getUserList. or throw Exception.
But no matter how I change it, I receive the data as if the ACL never worked. and Exception not throw out.
Does not seem to work,
Please tell me where there is a error?
<?php
namespace App;
use Phalcon\Acl;
use Phalcon\Acl\Role;
use Phalcon\Acl\Resource;
use Phalcon\Events\Event;
use Phalcon\Mvc\User\Plugin;
use Phalcon\Mvc\Dispatcher;
use Phalcon\Acl\Adapter\Memory;
use App\Controllers\HttpExceptions;
use App\Controllers\HttpExceptions\Http422Exception;
class Security extends Plugin
{
public function getAcl()
{
$acl = new \Phalcon\Acl\Adapter\Memory();
$acl->setDefaultAction(Acl::DENY);
$roleAdmins = new Role('admin');
$acl->addRole( $roleAdmins);
// \App\Model\Users
$usersResource = new Resource('Users');
// getUserListAction
$acl->addResource($usersResource,['getUserList',]);
$acl->allow($roleAdmins, 'Users', 'getUserList');
return $acl;
}
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher){
$role = 'guest';
$controller = $dispatcher->getControllerClass();
$action =$dispatcher->getActionName();
$acl= $this->getAcl();
if (!$controller) {
throw new Http422Exception(_('Err a'));
return false;
}
if (!$action) {
throw new Http422Exception(_('Err b'));
return false;
}
if (!$acl->isResource($controller)) {
throw new Http422Exception(_('Err c'));
return false;
}
$allowed = $acl->isAllowed($role, $controller, $action);
if (!$allowed) {
throw new Http422Exception(_('Err d'));
return false;
}
}<?php
// di.php
$di->set('dispatcher',
function() {
$eventManager = new Phalcon\Events\Manager();
$eventManager->attach('dispatch:beforeExecuteRoute', new \App\Security);
$dispatcher = new \Phalcon\Mvc\Dispatcher();
$dispatcher->setEventsManager($eventManager);
return $dispatcher;
});