Bug #43236
f:security.ifHasRole role ="..." does not recognize the right role
| Status: | Resolved | Start date: | 2012-11-22 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assigned To: | - | % Done: | 100% |
|
| Category: | - | |||
| Target version: | - | |||
| Affected Flow version: | FLOW3 1.1.0 |
Description
Hey everyone!
I think there is a difference between the <f:security.ifHasRole role="...">-ViewHelper in TYPO3 Flow v 1.0.6 and 1.1.0 .
'Cause my problem is this: I tried to do the Registration and Login Guide on layh.com
([[http://www.layh.com/work/typo3-flow-typo3-fluid/tutorials/flow-registration-and-login.html]])
Everything works fine - except one thing: Inside the Index Template, there should be a decision
between two possibilities: On the one hand beeing logged in (role = "Visitor"), then show logout link or you
are not logged in, then show log in form.
This should be done by using:
...
<f:security.ifHasRole role="Visitor">
<f:then>
<!-- Logout Link -->
</f:then>
<f:else>
<!-- Log in form -->
</f:else>
</f:security.ifHasRole>
...
But this does not work. The log in form is always showed.
OK, i cheked the Database. Everything fine. User was created and has the right role.
e.g.:
# flow3_persistence_identifier party accountidentifier authenticationprovidername credentialssource creationdate expirationdate roles
1 '202b0f71-d36c-4900-b0b9-59569aff273d' NULL 'jan' 'DefaultProvider' 'bcrypt=>$2a$14$gzVFpOIPsClcLqM4ZrJA1.cn1umi8JONXVZ2v41xLwsiUvzYEQfQK' '2012-11-21 11:03:26' NULL 'a:1:{i:0;s:7:"Visitor";}'
Then i tried replacing the f:security.ifHasRole by f:security.ifAuthenticated -> that works fine.
So i added the following:
LoginController - indexAction:
$account = $this->securityContext->getAccount()->getRoles();
if($this->securityContext->hasRole('Visitor')){
$isset = 'Is set!';
}else{
$isset = 'Is not set!';
}
$this->view->assign('roles', $account);
$this->view->assign('isset', $isset);
Index.html:
<f:section name="Title">
<ul>
<f:for each="{roles}" as="role">
<li>Role: {role}</li>
</f:for>
</ul>
Is set? -> {isset}
</f:section>
I got the following output:
Role: Visitor
Is set? -> Is not set!
But I know it is set in the DB and as I see using the f:security.ifAuthenticated ViewHelper,
Logging in works also. All this happens when running the code on Flow 1.1.0.
When I copy the exact somae code onto a Flow 1.0.6 - it works! Both!
The f:security.ifAuthenticated and the f:security.ifHasRole !
But I want to use 1.1.0 - so what can there be wrong?
Here my complete code:
Settings.yaml: [[http://pastebin.com/b1H073fX]]
LoginController.php: [[http://pastebin.com/2Avz9ib7]]
Index.html: [[http://pastebin.com/MXF65WF7]]
Greetings,
Jan
History
#1 Updated by Rafael Kähm over 2 years ago
Please define your role in Policy.yaml
roles: Administrator: [] Customer: [] PrivilegedCustomer: [Customer] Visitor: []
see TYPO3\Flow\SecurityContext on row 312
1$roles = array_intersect($roles, $this->policyService->getRoles());
#2 Updated by Jan Greth over 2 years ago
- % Done changed from 0 to 100
Ok, solved it.
Had a really stupid misspelling in Policy.yaml...
Thanks for bringing me on track again. ;)
#3 Updated by Karsten Dambekalns over 2 years ago
- Status changed from New to Resolved
- Target version deleted (
1.1.1)