how to have user without any restrictions ACL

Notice: This thread is very old.
alnux
Member | 139
+
0
-

Hi there,my ask is if i can give to an user role without any restriction. i find next but i dont understand at all only that it is for a role. the thing is that i want the user (superadminsitrator) does not have restrictions. really thanks

$acl->addRole('supervisor');
$acl->allow('supervisor');
Vojtěch Dobeš
Gold Partner | 1316
+
+1
-

On $acl (instance of Nette\Security\Permission), you define relation between roles and “permissions” to do certain actions. So you can define role supervisor:

$acl->addRole('supervisor');

And then allow it do anything:

$acl->allow('supervisor');

And how to bind that to specific user? Simply assign him some role – that means, use his role (wherever it's saved, for example in database) where necessary.

$user = $this->usersRepository->getById($id); // returns some entity, or representation of row from database etc.
if ($acl->isAllowed($user->role, 'article', 'create')) { // TRUE
	// ...
}
if ($acl->isAllowed($user->role, 'foo', 'bar')) { // TRUE
	// ...
}

Last edited by Vojtěch Dobeš (2015-03-16 20:35)

Šaman
Member | 2666
+
+1
-

I think you find this constant Nette\Security\IAuthorizator::ALL.
eg:

use Nette\Security\IAuthorizator;
$acl->allow('supervisor, IAuthorizator::ALL, IAuthorizator::ALL'); // allow all actions on all resources

P.S. Value of that constant is NULL, so if you use just $acl->allow('supervisor'); you grand him all rights.

Vojtěch Dobeš
Gold Partner | 1316
+
0
-

I think that more precise is to point out that in that method's declaration default values are set to Permission::ALL explicitly.