ZF-11789: Zend_Acl removeAllow doesn't work correctly!

Issue Type: Bug Created: 2011-10-02T11:19:29.000+0000 Last Updated: 2012-05-09T16:08:33.000+0000 Status: Open Fix version(s): Reporter: Mohammad Emami (emamirazavi) Assignee: Ralph Schindler (ralph) Tags: - Zend_Acl

Related issues: - ZF-11868



When you define some resources and a role and grant all privilege to one role then removeAllow doesn't work correctly!

    $this->addResource(new Zend_Acl_Resource('default'))
         ->addResource(new Zend_Acl_Resource('default_user'), 'default')
         ->addResource(new Zend_Acl_Resource('default_login'), 'default');

    $this->addRole(new Zend_Acl_Role('superAdmin'));

    $this->removeAllow('superAdmin', 'default_user', array('deleteSuperAdmin','editSuperAdmin'));

when you call $this->isAllowed('superAdmin', 'default_user', 'editSuperAdmin') it returns true!


Posted by Mohammad Emami (emamirazavi) on 2011-10-17T07:55:32.000+0000

It seems you should initially call allow with particular resource and it's privilege for one top level role and then deny the resource and it's privilege in bottom level of roles. I test it and it works correctly. But this issue is not wrong! Because when you see my sample code you hope it work correctly!

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.