hi.
I'm using the security plugin like INVO demo project, so how can I access to the resources or acls lists in other controllers?
example, I'm in https://project.local/backend/products/index and i need to check is controller products is private or public.
regards
You need to register the plugin in the dispatcher related to that module in the same way as it was registered in invo
hi,
it's registered but which class/functions do I use to check acl's/resources ?
Sorry and thank you
The security plugin implements a method 'beforeDispatch', this is the same name as an event triggered by the dispatcher: https://github.com/phalcon/invo/blob/master/app/plugins/Security.php#L84
We need to get the current user or profile in session to validate the access against the Acl: https://github.com/phalcon/invo/blob/master/app/plugins/Security.php#L87
Here, we get the acl: https://github.com/phalcon/invo/blob/master/app/plugins/Security.php#L97
And perform the validation: https://github.com/phalcon/invo/blob/master/app/plugins/Security.php#L99
If the user does not have access, we forward him/her to the index page: https://github.com/phalcon/invo/blob/master/app/plugins/Security.php#L102
Thank you for the explanation.
Sorry Phalcon I'm not explaining myself well... I have that code well implemented. So now in other controllers for example products I need to check if products controller is private or not etc...
regards
Maybe you want to move the Acl to a different component so it can be used from the security plugin and by also other components.
Like in Vokuro: https://github.com/phalcon/vokuro/blob/master/app/library/Acl/Acl.php
https://github.com/phalcon/vokuro/blob/master/app/controllers/ControllerBase.php#L15 https://github.com/phalcon/vokuro/blob/master/app/controllers/ControllerBase.php#L39
Yes its like that ! :) thank you
