In this tutorial you will learn how to setup zend framework 2 acl and check if user has access for current route.
If you don`t have testing project , download one from here.
Add file module.acl.roles in application/config/
Tip: In fact role resources may be zend framework 2 routes.
return array( 'guest'=> array( 'home', 'login', 'register' ), 'admin'=> array( 'admin', 'add-user', 'delete-user' ), );
Code in application/module.php
public function onBootstrap(MvcEvent $e) { $this -> initAcl($e); $e -> getApplication() -> getEventManager() -> attach('route', array($this, 'checkAcl')); } public function initAcl(MvcEvent $e) { $acl = new \Zend\Permissions\Acl\Acl(); $roles = include __DIR__ . '/config/module.acl.roles.php'; $allResources = array(); foreach ($roles as $role => $resources) { $role = new \Zend\Permissions\Acl\Role\GenericRole($role); $acl -> addRole($role); $allResources = array_merge($resources, $allResources); //adding resources foreach ($resources as $resource) { // Edit 4 if(!$acl ->hasResource($resource)) $acl -> addResource(new \Zend\Permissions\Acl\Resource\GenericResource($resource)); } //adding restrictions foreach ($allResources as $resource) { $acl -> allow($role, $resource); } } //testing //var_dump($acl->isAllowed('admin','home')); //true //setting to view $e -> getViewModel() -> acl = $acl; } public function checkAcl(MvcEvent $e) { $route = $e -> getRouteMatch() -> getMatchedRouteName(); //you set your role $userRole = 'guest'; if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) { $response = $e -> getResponse(); //location to page or what ever $response -> getHeaders() -> addHeaderLine('Location', $e -> getRequest() -> getBaseUrl() . '/404'); $response -> setStatusCode(404); } }
Edit 1
I am assuming that all the routes that are accessed in the app are already added to the acl config file.
If not replace :
if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
to
if ($e -> getViewModel() -> acl ->hasResource($route) && !$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
Edit 2
If access inheritance is not needed just replace this :
//$allResources = array_merge($resources, $allResources); foreach ($allResources as $resource) { // with foreach ($resources as $resource) {
Edit 3
But what about acl from the database someone will say ?
In the zend framework 2 startup tutorial they say – “Don`t go heavy in onBootstrap”
With that said , I think that an array file will work for most of the cases.
Add this method where acl check is
public function getDbRoles(MvcEvent $e){ // I take it that your adapter is already configured $dbAdapter = $e->getApplication()->getServiceManager()->get('Zend\Db\Adapter\Adapter'); $results = $dbAdapter->query('SELECT * FROM acl'); // making the roles array $roles = array(); foreach($results as $result){ $roles[$result['user_role']][] = $result['resource']; } return $roles; }
Then replace in initAcl
// this $roles = include __DIR__ . '/config/module.acl.roles.php'; // with $roles = $this->getDbRoles($e);
Simple as that.
Suggestions or problems ? Write a comment.
user1 wrote:
Hi, great tutorial!
Everything works fine, but when i go to route, that guest role does not have, i get an exception:
Fatal error: Uncaught exception ‘Zend\Permissions\Acl\Exception\InvalidArgumentException’ with message ‘Resource ‘success’ not found’ in
Acl\Acl->isAllowed(‘guest’, ‘success’) #2 [internal function]: Application\Module->checkAcl(Object(Zend\Mvc\MvcEvent))
Something is not good about this line:
if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
Link | March 20th, 2013 at 21:51
user1 wrote:
Oh, i just found solution π
Replace line
if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
to
if (!$e -> getViewModel() -> acl ->hasResource($route) || !$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
Link | March 20th, 2013 at 22:01
Ivan Gospodinow wrote:
Hello and thank you user1 ,
yes you are right.The code from tutorial assumes that you have all the routes inserted in the acl (which is a good thing).That means you are controlling all the routes with roles.
Link | March 21st, 2013 at 12:51
Andrey wrote:
Hello.
Thank you for great tutorial, but what about roles with different permissions?
Looks like in your code each role is allowed also for resource listed in all previous roles in array.
Link | May 6th, 2013 at 10:01
Ivan Gospodinow wrote:
Hello Andrey ,
thank you for your question.
I created an Edit 2 for your case.
By replacing those 2 lines of code , the roles will not inherit resources from one another.
Link | May 6th, 2013 at 10:42
Dominic Watson wrote:
Ctrl + F
“-> ”
Replace
“->”
” ->”
Replace
“->”
NO! Naughty! Bad Ivan! π
Nice and easy tutorial though π makes me feel silly for thinking anything is difficult. I guess it’s getting used to the EventManager
Link | May 29th, 2013 at 11:10
sandeep wrote:
Hello,
It,s working fine.
but the function form controller is accessable by ajax , this only prents the view rendering.
Link | June 5th, 2013 at 16:32
Ivan Gospodinow wrote:
Hello sandeep,
it dont matter if the request is ajax.
You should specify resouce(route) and user to access it in the acl.
Module.php is executed every time.
Link | July 9th, 2013 at 10:46
Tahmina Khatoon wrote:
Thanks for nice tutorial, It is working fine everywhere except pagination with search. Would you please help me to set permission for following route.
‘people’ => array(
‘type’ => ‘segment’,
‘options’ => array(
‘route’ => ‘/people[/:action][/:id][/page/:page][/order_by/:order_by][/:order][/search_by/:search_by]’,
‘constraints’ => array(
‘action’ => ‘(?!\bpage\b)(?!\border_by\b)(?!\bsearch_by\b)[a-zA-Z][a-zA-Z0-9_-]*’,
‘id’ => ‘[0-9]+’,
‘page’ => ‘[0-9]+’,
‘order_by’ => ‘[a-zA-Z][a-zA-Z0-9_-]*’,
‘order’ => ‘ASC|DESC’,
),
‘defaults’ => array(
‘controller’ => ‘WebApp\Controller\People’,
‘action’ => ‘index’,
),
),
),
I have allowed ‘people’ for guest but it is not working with order_by and search_by parameters.
Please help me.
Thanks in advance
Link | June 25th, 2013 at 07:08
Ivan Gospodinow wrote:
Hello Tahmina ,
in my example I am using route name as an acl resource.
In your case you can do the following :
$routeName = $e->getRouteMatch()->getMatchedRouteName();
$routeParams = $e->getRouteMatch()-getParams();
where route params are you root constraints – for example :
$customResource = $routeName . $routeParams[‘controller’] . $routeParams[‘action’];
Than you check like this :
$acl -> isAllowed($userRole, $customResource);
Simple as that.
Link | June 25th, 2013 at 19:43
mhor wrote:
(Noob question here) Just want to ask, how do you pass the role (line 39)?
Tried it already but it always gives me a 404. But when I specify the //, it works normally
Link | July 9th, 2013 at 09:46
Ivan Gospodinow wrote:
Hello mhor ,
two reasons to give you 404
1. Resource is not added to the acl
2. User is not allowed to access the resource.
To your other question, you can easy access the session at that point and get the user credentials.If session does not exist you can assume that user is guest.
Link | July 9th, 2013 at 10:36
Prakash wrote:
Hi,
Thanks for this great tutorial.
What in case, if i have to implement Zend2 ACL using Database define roles and access.
Can you please help to implement acl using database. i search many links on google but no success on it.
Thanks…
Link | July 18th, 2013 at 07:35
Ivan Gospodinow wrote:
Hello Prakash ,
thank you for your question. I added edit3 to the article to give some idea of how to do it with a database.
Link | July 18th, 2013 at 08:05
S.G. wrote:
Hi Ivan,
thanks for your sharing.
I am confused about the “function checkAcl()” above.
I had try to set myself file “module.acl.roles.php”, but my ACL seems not work.
Would you explain the function checkAcl() more detail, and the purpose of line 39, “$userRole = ‘guest’;” ?
Appriciate
Link | July 23rd, 2013 at 18:24
Ivan Gospodinow wrote:
Hello S.G. ,
basically checkAcl is called when route is initialised. We need this because acl roles are based on routes/resources (in other word – links).Then what we do is : get the current route name (you can add up action , controller and/or parameters) as a string and ask the acl class if user with role (exp. guest) can access this string (exp. login).
Simple enought for you?
Link | July 24th, 2013 at 08:44
Kathiravan wrote:
Hello Ivan,
i have three types of users admin, guest and user, have a page like login and register. here the three users will access the above pages
return array(
‘guest’=> array(
‘add-user’,
‘login’
),
‘admin’=> array(
‘user-list’,
‘login’
),
‘user’=> array(
‘add-user’,
‘login’
),
);
but it shows the error Uncaught exception ‘Zend\Permissions\Acl\Exception\InvalidArgumentException’ with message ‘Resource id ‘login’ already exists in the ACL’ everything works fine except this plz help.
Link | July 24th, 2013 at 13:47
Ivan Gospodinow wrote:
Hello Kathiravan ,
please take a look at Edit 4. Made it for you.
Link | July 24th, 2013 at 15:25
Kathiravan wrote:
Hi Ivan,
There is no edit 4 displayed here.
Link | July 25th, 2013 at 07:00
Kathiravan wrote:
Hello Ivan,
Sorry by mistake i posted the above comment Thanks its working now.
Link | July 25th, 2013 at 08:07
Kumar wrote:
Hi Ivan,
Nice Tutorial.
As I am a Beginner,
Can You tell me the use of get Application() and get EventManager()?
Thank You
Link | August 23rd, 2013 at 11:53
Ivan Gospodinow wrote:
Hello Kumar ,
getApplication return the Zend Mvc Application object, which is instantiated in index.php. It is basically the whole application.
getEventManager is the object which can store and trigger events. See EventManager::attach() and EventManager::trigger();
Link | August 23rd, 2013 at 13:30
Kumar wrote:
Thanks Ivan
Link | August 23rd, 2013 at 14:58
Kumar wrote:
Can I know about get ServiceLocator(), viewhelpermanager ?
Link | August 23rd, 2013 at 15:01
Ivan Gospodinow wrote:
Hello Kumar,
you should not know about getServiceLocator in any view or view helper!
Link | August 23rd, 2013 at 15:32
Grisou wrote:
To handle also allow and deny permissions I change this:
Configs acl:
// true to allow, false to deny
return array(
‘guest’=> array(
‘home’ => true,
‘login’ => true,
‘register’ => true
),
‘admin’=> array(
‘admin’ => true,
‘add-user’ => true,
‘delete-user’ => true,
‘login’ => false,
‘register’ => false
),
);
And into Module.php:
public function initAcl(MvcEvent $e)
{
$acl = new Acl();
$acl->deny();
$roles = include __DIR__ . ‘/config/module.acl.roles.php’;
$allResources = array();
foreach ($roles as $role => $resources) {
$role = new \Zend\Permissions\Acl\Role\GenericRole($role);
$acl->addRole($role);
$allResources = array_merge($allResources, $resources);
//adding resources
foreach ($resources as $resourceName => $resourceAllowed ) {
if(!$acl->hasResource($resourceName)) {
$acl->addResource(new \Zend\Permissions\Acl\Resource\GenericResource($resourceName));
}
}
//adding restrictions
foreach ($allResources as $resourceName => $isResourceAllowed ) {
if ( $isResourceAllowed ) {
$acl->allow($role, $resourceName);
} else {
$acl->deny($role, $resourceName);
}
}
}
//setting to view
$e->getViewModel()->acl = $acl;
}
Link | August 28th, 2013 at 11:22
bartek wrote:
Hi, can it be done without redirection? I am developing restful application, and there are no restrictions available.
Regards
Link | September 15th, 2013 at 23:57
Ivan Gospodinow wrote:
Hello Bartek ,
you can change the layout with one that dispatches json/xml to tell the page that user do not have permissions to access it.
Link | September 18th, 2013 at 07:40
Pragnesh Karia wrote:
Hey ,
Thanks for sharing a wonderful script.
Can you please explain more in terms of ,
“SELECT * FROM acl ORDER BY role_privileges DESC”
what will be ACL table schema?
what is the use of setstatuscode = 303 ?
i want to redirect the to 403 access forbidden page (403.phtml)
$response -> getHeaders() -> addHeaderLine(‘Location’, $e -> getRequest() -> getBaseUrl() . ‘/404’);
$response -> setStatusCode(303);
Any help would be appreciated.
Link | October 17th, 2013 at 13:34
Ivan Gospodinow wrote:
Hello Pragnesh Karia,
you are right , we do not need role_privileges.I will fix that.
For your database schema , you need at least user_role and resource. See the config array in the post.
I will update the code to 404. I agree that its the right way!
Thank you for you appinion.
Link | October 18th, 2013 at 11:34
Pragnesh Karia wrote:
Hello Ivan,
Any more updates on the above , your help is highly appreciated.
Link | October 24th, 2013 at 19:08
Dennis wrote:
The “redirect on error” logic is missing the following part:
$response->sendHeaders();
$e->stopPropagation();
Otherwise, the restricted controller/action is still called.
Link | December 31st, 2013 at 10:24
Matteo wrote:
I need to print some links in the view, according to the user’s permissions. How can I do it? I tried using $acl = $this->acl but in the view I get a null. How can I do it? There is another method of verifying user permissions in the view?
Link | July 4th, 2014 at 17:45
kourosh wrote:
Hello Ivan.
Thanks for nice article, i have a little problem, the application dont redirect to route after granted permission, it just stop and look at me π
Link | July 5th, 2014 at 14:45
Ivan Gospodinow wrote:
Hello Matteo,
the best way will be to create navigation for the links.
If you prefer the lazy way, you can add the links as resources in the acl and then check from the view (not a good way to do it) with $this->layout()->acl->isAllowed(‘user_role’, $linkl);
@BTW,
you can add an menu item in your current navigation and add sub pages. Then you can render only the sub pages of this item, and the acl will work by default.
Link | July 5th, 2014 at 14:47
Ivan Gospodinow wrote:
Hello kourosh,
can you paste some code? The acl tutorial, only redirects if person does not have permission to access the current page. The opposite, why to redirect if he can see the page? Right ?
Link | July 5th, 2014 at 15:38
Matteo wrote:
I thought about the navigation, but I need to add many links scattered around the page, and it seemed too complex. I think I’ll try the dirty way π
thank you very much
Link | July 7th, 2014 at 09:11
Matteo wrote:
another question:
If I wrote this:
echo $this->layout()->acl->isAllowed($user->role,$this->url(‘user’, array(‘action’=>’index’)));
I get an error: Resource ‘/user’ not found
where am I doing wrong?
Link | July 7th, 2014 at 11:06
Ivan Gospodinow wrote:
Hello Matteo,
quote from above ‘add the links as resources’.
So you should add the link as resource and add the user role permission.
Is it clear to you ?
Link | July 7th, 2014 at 11:13
Matteo wrote:
sorry, is not so clear.
We have just add a resource to use it with side menu. Is not enought? I need to add in some other way?
Link | July 7th, 2014 at 11:20
Ivan Gospodinow wrote:
Hello Matteo,
in your code you are asking the acl object, if the user with role(some role) have access to url (for example /user) but to this moment you never told the acl object, that resource ‘/user’ exists and that user role has access to it.
@TODO
$acl -> addResource(new \Zend\Permissions\Acl\Resource\GenericResource(‘/user’));
$acl -> allow(‘user_role’ , ‘/user’);
Is it now more clear?
Link | July 7th, 2014 at 11:26
Matteo wrote:
I’m sorry, but in module.acl.roles I’ve just added this role
$admin = array(‘/’,’homes’,’auth’,’success’,’user’);
return array(‘user’=>$user,’admin’=>$admin,’guest’=>$guest);
I need to repeat it?
Link | July 7th, 2014 at 11:38
Ivan Gospodinow wrote:
Hello Matteo,
you do not have to repeat it.
If you want user to have access to url ‘/user’, then from your example:
add to $user = [‘/user’];
Then check the in the view:
$this->layout()->acl ->hasResource($url) && $this->layout()->acl-> isAllowed(‘user’, $url)
Link | July 7th, 2014 at 12:05
Matteo wrote:
Dear Ivan,
thanks for your patience.
Sorry but, I haven’t shown all the file module.acl.roles.php.
This file contains:
$guest = array(‘homes’,’auth’);
$utente = array(‘homes’,’auth’,’success’,’DownloadFile’,’utente:show’,’utente:upload’);
$admin = array(‘homes’,’auth’,’success’,’compagnia’,’utente’,’DownloadFile’);
$superadmin = array(‘homes’,’auth’,’success’,’compagnia’,’utente’,’DownloadFile’);
return array(‘superadmin’=>$superadmin,’utente’=>$utente,’admin’=>$admin,’guest’=>$guest);
The menu display pages correctly according to the role.
When I try to call the link from view with this syntax:
if($this->layout()->acl->isAllowed($dato[“ruolo”],$this->url(‘utente’, array(‘action’=>’index’))))
I get the error:
Resource ‘/utente’ not found
If I duplicate “/utente” with the slash in the permits, it works. How so? Can I avoid duplicate all the permits? If I leave only “/utente” do not work the action
thank you very much
Link | July 7th, 2014 at 16:02
Ivan Gospodinow wrote:
Hello Matteo,
in this case I understand what you need to ask.
Then your check will be with the route name, not the whole url.
Just do:
if($this->layout()->acl->isAllowed($dato[“ruolo”], ‘utente’)) {
echo $this->url(βutenteβ); // assuming that index action is by default.
// or whatever here.
}
And dont forget to test if the resource is existing like I posted before:
$this->layout()->acl ->hasResource(‘utente’)
Link | July 7th, 2014 at 16:38
Matteo wrote:
thank you a lot! now it work! π
Link | July 7th, 2014 at 17:17
Andy wrote:
Hi,
This is a excellent, crisp and really good understandable tutorial, thank you for that !!
I am just on the search how to enhance this to be able to ask for certain privileges in a view without moving the whole part again into a View Helper or similar.
So, somehow centralize the functionality for checkACL and let this be accessible from other locations as well.
Any idea for that ?
Link | July 14th, 2014 at 23:28
Ivan Gospodinow wrote:
Hello Andy,
the way I am showing it in the post is: $e -> getViewModel() -> acl = $acl;
This means that you can access it in any view.
The right way to do this is: create ACL factory via the service manager and then use it to check wherever needed.
Link | July 18th, 2014 at 11:49
lodi wrote:
Hi I get the following error
Fatal error: Uncaught exception ‘Zend\Permissions\Acl\Exception\InvalidArgumentException’ with message ‘Resource ‘users’ not found’ in /home/lodi/git/reporting/vendor/zendframework/zendframework/library/Zend/Permissions/Acl/Acl.php on line 292
any pointers ?
Regards
Link | July 18th, 2014 at 11:45
Ivan Gospodinow wrote:
Dear lodi,
check Edit 1 from the post above.
Link | July 18th, 2014 at 11:47
lodi wrote:
Hi Ivan thanks for the reply.
I changed the code as per edit 1 and still get the same error.
For my clarity the module.acl.roles file do I put it in the module/Application folder or in the top level config folder ?
Also you mention the acl config file? not sure if I need to create the file or if it is the file that comes with the framework.
Really trying to get this to work.
Regards
L
Link | July 18th, 2014 at 14:00
Ivan Gospodinow wrote:
Hello lodi,
can you paste some code?
Link | July 18th, 2014 at 14:19
Alexander wrote:
This is the best tutorial on Zend Framework ACL ever. Put up a bitcoin address and I will literally pay you. Shame on the rest for not writing a tutorial that adequately explained it all out like this.
Link | July 31st, 2014 at 23:21
Jimmy wrote:
Hello,
First, thanks for this awesome tutorial! :).
My question is that if I use a db for the acl roles, do I still need to use the checkAcl method and attach it in the onBootstrap() method or would checkAcl be taken out in favor of dbRoles()?
Thanks
Link | August 11th, 2014 at 19:44
Ivan Gospodinow wrote:
Hello Jimmy and thank you,
to your question – yes, you should still follow the rest of the code π
the db only replaces the array of roles coming from the file.
Link | August 11th, 2014 at 19:45
Jimmy wrote:
So I wouldn’t need the module.acl.roles.php file anymore?
Link | August 11th, 2014 at 19:50
Ivan Gospodinow wrote:
Yes
Then replace in initAcl
// this
$roles = include __DIR__ . ‘/config/module.acl.roles.php’;
// with
$roles = $this->getDbRoles($e);
Link | August 11th, 2014 at 19:52
Jimmy wrote:
My main question is how would I not have to hard code a value into $user_role in favor of something that is dynamically generated. Does that make sense?
Link | August 11th, 2014 at 19:53
Ivan Gospodinow wrote:
Sure you can use Zend\Session or $_SESSION
For example
if (isset($_SESSION[‘logged_user_role’])) {
$user_role = $_SESSION[‘logged_user_role’];
} else {
$user_role = ‘guest’;
}
is it clear for you ?
Link | August 11th, 2014 at 19:56
Jimmy wrote:
yes, thanks π
Link | August 11th, 2014 at 20:02
Jimmy wrote:
One more question, although it may be outside the scope of this tutorial, but I’m using Zend\Authentication to determine if the identity is valid and if it isn’t, redirect but I cannot get it to redirect to the login page. Here is my code for it:
public function checkAcl(MvcEvent $e)
{
$route = $e->getRouteMatch()->getMatchedRouteName();
$auth = new AuthenticationService();
$user_role = $auth->hasIdentity() ? $auth->getIdentity() : null;
if (!$e->getViewModel()->acl- >isAllowed($user_role->username, $route)) {
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine(‘Location’, $e->getRequest()->getBaseUrl() . ‘/login/log’);
//$response->setStatusCode(404);
}
}
but it’s only giving me a 500 server error.. how would this be fixed so it would redirect in a right way?
Thanks again
Link | August 11th, 2014 at 20:58
Ivan Gospodinow wrote:
Try to add $e->stopPropagation();
I think you can have an error in the controller because it is still executed.
Link | August 11th, 2014 at 21:04
Jimmy wrote:
So like this?
$e->stopPropagation();
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine(‘Location’, $e->getRequest()->getBaseUrl() . ‘/login/log’);
Link | August 11th, 2014 at 21:07
Jimmy wrote:
public function indexAction()
{
if (!$user = $this->identity()) {
return $this->redirect()->toUrl(‘/login/log’);
}
$user = $this->identity();
$main_layout = $this->layout();
$main_layout->setVariable(‘user1’, $user->username);
return new ViewModel(array(‘user1’ => $user->username));
}
I am assuming that this in the application controller is causing the issue. Clueless though on how to make this work in both the module.php and the controller π
Link | August 11th, 2014 at 21:15
Ivan Gospodinow wrote:
So your mistake is: you put header to redirect in the module.php and then in the controller you again request to redirect which is not possible.
Link | August 11th, 2014 at 21:20
Jimmy wrote:
does addHeaderLine() handle redirecting?
Link | August 11th, 2014 at 21:24
Ivan Gospodinow wrote:
When you add Location : $url – Yes
Link | August 11th, 2014 at 21:33
King wrote:
What if I just want to control the root route for an entire module and have all the sub routes inherited? Can I just control access to one route and the rest is good?
Example: http://ipaddress/products
I give access to /products and then
http://ipaddress/products/view
http://ipaddress/products/edit
http://ipaddress/products/subproducts/view
http://ipaddress/products/page/2
are all allowed to access because I gave access to the root route.
Link | August 31st, 2014 at 16:47
Ivan Gospodinow wrote:
You add resource = ‘products’ in all menu items that are sub to products.
Then add in checkAcl
if (strpos($route, ‘/’) !== false) {
$route = explode(‘/’, $route)[0];
}
this way you will get only the main route.
Link | August 31st, 2014 at 17:00
King wrote:
Thank you for the help so far. I only have menu items for the main route. All the child routes dont have menu items. What do I do then?
Link | August 31st, 2014 at 19:04
Ivan Gospodinow wrote:
You have to have resource = ‘products’ on all items that you want to be accesable thrue products ACL rule
Link | August 31st, 2014 at 19:06
King wrote:
What file do you put resource=’products’ in? That is the part I am confused on. module.config.php? In the router?
Link | August 31st, 2014 at 19:20
Ivan Gospodinow wrote:
resource parameter is part of the navigation config.
if (strpos($route, β/β) !== false) {
$route = explode(β/β, $route)[0];
}
route patch is for the access control.
Link | August 31st, 2014 at 19:39
Jaouad wrote:
Hi ivan, thank you for your helpful tutorial.
I have 3 roles : guest, member, admin.
I have also a menu in the layout that is controlled by the acl.
My question is how could I display only the permitted links using the navigation.
It would be very appreciated if you could give me a step by step tutorial.
Thanks
Link | October 15th, 2014 at 09:18
Ivan Gospodinow wrote:
Hello Jaiuad,
the tutorial already exists: http://ivangospodinow.com/zend-framework-2-navigation-with-acl/
cheers.
Link | October 15th, 2014 at 10:05
Vipul wrote:
Hi,
How to manage if I have session from two roles. How would I be able to set
//you set your role
$userRole = ‘guest’;
and if I have three modules, one users module, sponsors module and admin module. Then do I have to copy onbootstrap initalization of initAcl() for each module separately. Is it possible that I can specify $userRole statically inside each module’s onbootstrap. How will it work.
Thanks,
Vipul
Link | October 27th, 2014 at 15:04
Ivan Gospodinow wrote:
Hello Vipul,
this is bad idea. Just make another role that combines the two of them.
Link | October 27th, 2014 at 15:05
Vipul wrote:
Hi Ivan,
Yes I have defined three different roles, my concern is that if guest user will access sponsor module’s actions then it must redirect to sponsor’s login page otherwise if some one is accessing some other module like users module then it should redirect it to user’s login page. How would I be able to do that. Different redirection according to different modules and different roles?
Thanks,
Vipul
Link | October 28th, 2014 at 06:36
Vipul wrote:
I think I need to redirect it according to the sessions (like sponsor for sponosr module and users for users module) , session will contain the role and these functions (initAcl(), checkACL()) will be defined in one of the three modules only once and that will make it possible for other modules to work automatically.
Link | October 28th, 2014 at 06:40
Vipul wrote:
Hi Ivan,
Please check http://pastebin.com/xjdjZjGp
When I set $userRole = ‘guest’; and when I call route sponsor_login, I was able to see login page. But when I changed $userRole = ‘sponsor’ and called same sponsor_login page, page says The page isn’t redirecting properly. What’s wrong here. As per my requirement. It should be redirected to sponsor_home page if role is set to sponsor. Could you please suggest something.
Thanks,
Vipul
Link | October 28th, 2014 at 09:06
Bas wrote:
I am getting e 404 page?
What do i do wrong?
A 404 error occurred
Page not found.
The requested controller was unable to dispatch the request.
Controller:
Admin\Controller\Users
No Exception available
Link | July 15th, 2015 at 09:13
Ivan Gospodinow wrote:
First, dump this $e->getViewModel()->acl->isAllowed($userRole, $route) and see if your user role is allowed to the route.
If not check your routes to see if you have the correct one.
Link | July 15th, 2015 at 09:21
Jimmy wrote:
Awesome tutorial! Thanks for the writeup. Only made some minor changes using `use` instead of full path inline since my company has line length restrictions.
Kudos!
Link | November 24th, 2015 at 19:40
Jimmy wrote:
Sorry for the dupe, but thought might be useful. I also changed the hard coded role setting $userRole = ‘guest’; to values pulled from db:
`$userRole = $this->person->admin ? ‘admin’ : ‘guest’;`
At any rate, thanks for the tutorial.
Link | November 24th, 2015 at 19:41
Armando Guerra wrote:
Dear Friend,
I need your help , I need to create a ViewHelper where I am trying to call the method isAllowed () but I have this error.
if ( $ this-> acl- > isAllowed ( ‘ role’ , ‘ permission ‘)) {
Notice: Undefined variable: acl in puedo.php on line 13
Fatal error: Call to a member function isAllowed() on a non-object in puedo.php on line 13
Can you help me.
Armando .
Link | April 13th, 2016 at 03:03
Ivan Gospodinow wrote:
Hello Armando,
in view helper try: $this->getView()->layout()->acl
Link | April 13th, 2016 at 07:21
Indrasinh wrote:
Thanks man!!
You have done awesome job!!
Exactly what I am looking for..
Link | April 16th, 2016 at 07:02
malino wrote:
I dont understand for first step.
-> Add file module.acl.roles in application/config/
– what u mean for this step?
Anyone have tutorial for this for noob?
Link | September 7th, 2017 at 06:30
Ivan Gospodinow wrote:
You can skip this step, just add your roles in the main config and it will be just fine.
Link | September 7th, 2017 at 09:16