xfra35 / f3-access Goto Github PK

Hi there,

When adding an access rule to an ajax method for multiple role types like below

allow DELETE @course_delete [ajax] = admin,moderator,presenter

We get the following error

PHP Warning: Illegal offset type in access.php line:29

https://github.com/xfra35/f3-access/blob/master/lib/access.php#L29

Trying to use this on AWS - Elastic Beanstalk, on deployment, none of the folders in f3-access exist on the server. I think it may be due to the inclusion of the .git folder in composer which may be breaking EB deployment.

Looks fine on local machine:
/vendor/xfra35/f3-access/lib/access.php
-vendor
--xfra35
---f3-access
----.git
----lib
-----access.php
----tests

but on checking server after deployment, /lib does not exist, nor any other file in /f3-access.
/vendor/xfra35/f3-access is there, but empty.

Hello,

Great job. Can you please add this package to http://packagist.org as I couldn't find it?

if i have a named route like this

@account.signin

f3-access ignores the route or cant find it

Internal Server Error
session_start(): Failed to decode session object. Session has been destroyed

[vendor/bcosca/fatfree-core/base.php:2190] Base->error()
[vendor/bcosca/fatfree-core/base.php:274] session_start()
[vendor/bcosca/fatfree-core/base.php:415] Base->ref()
[src/bootstrap.php:20] Base->get()
[www/index.php:3] require_once('src\bootstrap.php')


[src/bootstrap.php:20] Base->get()
	19	$access = \Access::instance();
	20	$id = $app->get('SESSION.account.id');

the moment i stop using f3-access everything works, and if i load it at any time or place, i get that error the moment i set or get from SESSION.

Any ideas on whats going on?

It seems like its not possible to remove rules once added using rule method. And rules field is protected. Can we have removeRule method please?

It would be awesome to receive some love for this plugin. It is fantastic. PHP version upgrade at least.

Hi,

My custom api requests are working without CORS failure when I don't use this plugin but when I add this plugin to framework, api requests are not working with the error "CORS Missing Allow Origin".

Also, if I set global policy as "allow" then CORS failure doesn't exists but I have to set policy as "deny" globally.