Resource paths sharing the same base. #4

kkthxbye · 2012-09-26T08:05:48Z

// Allow and Deny can be each set
$deputy->set_role('user', array
(
    'allow' => array
    (
        'forum',
        'forum/thread'
    ),
    'deny'  => array
    (
        'forum/thread/edit'
    )
));

var_export($deputy->allowed('forum')); // returns 'false'.

Is it supposed to be that way?

The problem is 'forum/thread/edit' breaks down as 'forum' => 'thread' => 'edit' and due to weird parse algorithm as soon as we get down to 'forum' while looking into 'deny' rules _get() function does return TRUE, which means it is in 'deny' list even thou it isn't.

a child would also deny any parents in the URI. Now explicitly looking for URI definition before checking for wildcard.

morgan · 2012-09-30T02:51:22Z

Hello @kkthxbye,

Great find! When denying a child, Deputy_Role was taking into account the parent as well. I refactored this logic to explicitly look for the URI before checking for a wildcard.

This issue is resolved in current release 0.3.2.

Thank you,

Micheal Morgan

morgan pushed a commit that referenced this issue Sep 30, 2012

Resolved issue #4. In Deputy_Role, denying

5a515a8

a child would also deny any parents in the URI. Now explicitly looking for URI definition before checking for wildcard.

ghost assigned morgan Sep 30, 2012

morgan closed this as completed Sep 30, 2012

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Resource paths sharing the same base. #4

Resource paths sharing the same base. #4

kkthxbye commented Sep 26, 2012

morgan commented Sep 30, 2012

Resource paths sharing the same base. #4

Resource paths sharing the same base. #4

Comments

kkthxbye commented Sep 26, 2012

morgan commented Sep 30, 2012