ZF2 BjyAuthorize access control from database?

1
votes

Hi i set up zend framework 2 + BjyAuthorize + ZfcUser running, now i need some help.

  1. Where to customize user register to chose roles?
  2. Make all controllers under / route public and /admin for authenticated users?
  3. How to configure access control for controller / action under /admin route on database?
1
zend-framework2doctrineaclzfcuserbjyauthorize

1 Answers

0
votes

  1. I don't understand what you want to do.

  2. Looking at the examples for the Route Guard at https://github.com/bjyoungblood/BjyAuthorize it does not seem like you can use wildcards. I'd use the Controller Guard and set permissions so that guests, users and admins can access everything apart from whatever controller(s) are used in the admin section.

    'guards' => array(
    'BjyAuthorize\Guard\Controller' => array(
    array('controller' => 'admin', 'roles' => array('admin')),
    array(
        'controller' => array('index', 'anothercontroller', 'yetanothercontroller', ...),
        'roles' => array('guest','user')),
)

  3. Instead of array('controller' => 'admin', 'roles' => array('admin')),, set rules for each action. For example, assuming "founder" and "moderator" are sub-roles of "admin":

    array(
    'controller' => 'admin', 
    'action' => array('addUser', 'deleteUser'),
    'roles' => array('founder')),

array(
    'controller' => 'admin', 
    'action' => array('deleteComment'),
    'roles' => array('moderator')),