Acl in Multi Module

Question

Acl in Multi Module

wormkk Mar '14

Created Mar '14	Last Reply Apr '15	Replies 2	Views 2286	Votes 0

wormkk 29.8k

Mar '14

I've got 2 modules - frontend and backend, this is what I'd like to do:

if ($session == ok) {
    backend - allow
    frontend - deny
}
else {
    backend - deny
    frontend - allow
}

What is best way to do this? Same "security plugin" to 'dispatcher' of each module.php ??
Is this possible to add model (frontend and backend) as resource? https://docs.phalcon.io/en/latest/reference/acl.html#adding-resources

wormkk
29.8k

Accepted
answer

Mar '14

Sorry for that question, I think there is no need for ACL

pangpond · Answer 1 · 2014-06-18T20:23:55-07:00

pangpond
3.4k

Jun '14

I face this issue too. how do you do? @wormkk

wormkk · Answer 2 · 2014-06-19T13:39:20-07:00

You can create plugin or component, and attach to 'dispatcher' in each module

class AccesControll extends \Phalcon\Mvc\User\Plugin
{

    public function beforeDispatch()
    {
        $session = $this->session->get('session_name');

        if ($session) {

            return $this->response->redirect('module1');

        }
        else {

            return $this->response->redirect('module2');

        }
    }
}

or just this in each 'ControllerBase':

class ControllerBase extends Controller
{

    public function beforeDispatch()
    {
        $session = $this->session->get('session_name');

        if ($session) {

            return $this->response->redirect('module1');

        }
        else {

            return $this->response->redirect('module2');

        }
    }
}

I think result will be the same.

More info: https://docs.phalcon.io/en/latest/reference/dispatching.html

code100 · Answer 3 · 2015-04-22T05:25:10-07:00

This is what I did, the basic idea is,

use a plugin to set modules, controller, and action.
then verify modules, controller and action to see if it is a private resources.

<?php

namespace Multiple\Plugins\Common;

use Phalcon\Events\Event;
use Phalcon\Mvc\User\Plugin;
use Phalcon\Mvc\Dispatcher;

class AclListener extends Plugin
{

    protected $_module;

    public function __construct($module)
    {
        $this->_module = $module;
    }

    public function beforeDispatch(Event $event, Dispatcher $dispatcher)
    {
        $moduleName = $this->_module;
        $controllerName = $dispatcher->getControllerName();
        $actionName = $dispatcher->getActionName();

        if ($this->acl->isPrivate($moduleName, $controllerName, $actionName)){
            var_dump('need verify');

        }
    }

}

Then in Acl class

<?php
namespace Multiple\Acl;
use Phalcon\Mvc\User\Component;

class Acl extends Component
{
    private $privateResources = array(
        'frontend'=>array(
                    'users'=>array(
                            'index',
                            ),
                    'products'=>array(
                        ),
                    ),
        'backend'=> array()
    );

    public function isPrivate($module, $controller, $action)
    {
        $pr = $this->privateResources;

        if(isset($pr[$module]) and empty($pr[$module]))
        {
            return true;
        }else if(isset($pr[$module][$controller]) and empty($pr[$module][$controller]))
        {
            return true;
        }else if(in_array($action, $pr[$module][$controller]))
        {
            return true;
        }

        return false;
    }
}