Zend Framework

Zend_Acl incorrect handling on non existent privilege when evaluating a role permission

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Minor Minor
  • Resolution: Not an Issue
  • Affects Version/s: 1.7.7
  • Fix Version/s: 1.9.5
  • Component/s: Zend_Acl
  • Labels:
    None
  • Fix Version Priority:
    Nice to Have

Description

Suppose the following code:

Zend Acl Code
$acl=new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('role'));
$acl->add(new Zend_Acl_Resource('resource'));
$acl->allow('role','resource');
$acl->isAllowed('role','resource',array('nonExistentPriv'));

Expected behavior:
'role' allowed to access the resource (because it was registered with null privileges in the allow rule) or an exception with a message similar to "resource privilege nonExistentPriv is not registered"

Actual behavior:
PHP Warning Illegal offset type in isset or empty File: Zend\Acl.php Line: 961

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Ralph Schindler added a comment -

Zend_Acl should not be emmiting any php warnings in any valid use of the API. Changing to bug, nice to have, next mini release.

Show
Ralph Schindler added a comment - Zend_Acl should not be emmiting any php warnings in any valid use of the API. Changing to bug, nice to have, next mini release.
Hide
Permalink
Dolf Schimmel (Freeaqingme) added a comment -

Please not that the third parameter of isAllowed should be a string (or null) and not an array. Therefore closing this issue as not-an-issue.

Show
Dolf Schimmel (Freeaqingme) added a comment - Please not that the third parameter of isAllowed should be a string (or null) and not an array. Therefore closing this issue as not-an-issue.

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Zend Framework. Try JIRA - bug tracking software for your team.