Comments (11)
Ocramius
commented on May 18, 2024
@darkmatus please expose relevant configuration.
from bjyauthorize.
darkmatus
commented on May 18, 2024
/* some Code */
'router' => array(
'routes' => array(
'profile' => array(
'type' => 'Segment',
'options' => array(
'route' => '/profile/[:action/[:id]]',
'defaults' => array(
'controller' => 'profile',
'action' => 'index',
),
),
),
/* more routes here */The route above solves every time in an 403.
All Iteral routes from other modules working fine.
For Example
'router' => array(
'routes' => array(
'home' => array(
'type' => 'Literal',
'options' => array(
'route' => '/',
'defaults' => array(
'controller' => 'news',
'action' => 'index',
)
)from bjyauthorize.
Ocramius
commented on May 18, 2024
And what is the bjy-authorize config associated to those? Are you eventually able to get the detailed exception (if any is thrown)?
from bjyauthorize.
darkmatus
commented on May 18, 2024
I get no Exception only the 403 Forbidden
You are not authorized to access Forum\Controller\Forum ::indexAction() .
The module.bjyauthorize.global.php looks (partial) like this:
'guards' => array(
'BjyAuthorize\Guard\Controller' => array(
array('controller' => 'zfcuser', 'roles' => array()),
array('controller' => 'profile', 'roles' => array('user')),
array('controller' => 'news', 'roles' => array()),
array('controller' => 'news_admin', 'roles' => array('admin')),
array('controller' => 'admin', 'roles' => array('admin')),
array('controller' => 'forum', 'roles' => array('user', 'admin')),
array('controller' => 'Application\Controller\Index', 'roles' => array('guest', 'user')),
),
'BjyAuthorize\Guard\Route' => array(
array('route' => 'zfcuser', 'roles' => array('user')),
array('route' => 'zfcuser/logout', 'roles' => array('user')),
array('route' => 'zfcuser/changepassword', 'roles' => array('user')),
array('route' => 'zfcuser/changeemail', 'roles' => array('user')),
array('route' => 'zfcuser/login', 'roles' => array('guest')),
array('route' => 'zfcuser/register', 'roles' => array('guest')),
array('route' => 'profile', 'roles' => array('user')),
array('route' => 'news', 'roles' => array()),
array('route' => 'home/admin', 'roles' => array('admin')),
array('route' => 'admin/', 'roles' => array('admin')),
array('route' => 'show', 'roles' => array('user')),
array('route' => 'forum', 'roles' => array('user', 'admin')),
array('route' => 'home', 'roles' => array('guest', 'user')),from bjyauthorize.
Ocramius
commented on May 18, 2024
Looks like you have configured the controller guard incorrectly then. This has nothing to do with routing
from bjyauthorize.
darkmatus
commented on May 18, 2024
But when I rewrite my routings from Segment into Iteral all works fine.
from bjyauthorize.
Ocramius
commented on May 18, 2024
@darkmatus that's probably because the matched controller changes. Disable bjy for some time and provide a dump of the RouteMatch object in both cases.
from bjyauthorize.
Ocramius
commented on May 18, 2024
Sidenote: firewalling both routes and controllers is useless.. Consider firewalling only your controllers.
from bjyauthorize.
darkmatus
commented on May 18, 2024
Ok, diabling the controller guard works fine. But disablingthe route guard solves in an 403. Haven't testet the RouteMatching yet.
from bjyauthorize.
Ocramius
commented on May 18, 2024
I simply suggest not to use the route guard ;)
On 22 Feb 2013 08:02, "darkmatus" [email protected] wrote:
Ok, diabling the controller guard works fine. But disablingthe route guard
solves in an 403. Haven't testet the RouteMatching yet.—
Reply to this email directly or view it on GitHubhttps://github.com//issues/87#issuecomment-13931271.
from bjyauthorize.
Ocramius
commented on May 18, 2024
Closing as non-issue (more like a help request)
from bjyauthorize.
Related Issues (20)
- Controller Guard action name HOT 1
- Super role full access HOT 3
- [Question] Why is the User table named "users" and not "user"? HOT 20
- Guards should conform the other onRoute/onDispatch listeners
- Can't use flashMessenger on RedirectionStrategy HOT 1
- Assign diferent roles to one user HOT 1
- Exception UnAuthorizedException thrown instead of error/403 template HOT 7
- Problem when not defined guard to access
- Action get have no permissions HOT 1
- Fatal error: unable to fetch or create an instance for BjyAuthorize\Config' HOT 1
- Strange behaviour in role assigning HOT 1
- Get current user role
- Unauthorized is a word and should not be CamelCased as if it were two words HOT 1
- isAllowed only works after reload HOT 1
- Not working with zendframework/zend-eventmanager (2.6.2) HOT 1
- RedirectionStrategy doesnt work on latest zf2 HOT 1
- Question: How can I load roles from database withouth using doctrine?
- Is this module discontinued? HOT 14
- getting an error during phpunit testing.
- Use BjyAuthorize with ZF3 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bjyauthorize.