2

I am trying to implement my access control using sentry, but I found the documentation not clear enough. A couple of things I need help with:

I created a group "tester" with this:

$group = Sentry::createGroup(
        array(
            'name'        => Input::get('txtGroupName'),
            'description' => Input::get('description'),
            'permissions' => Input::get('permissions'),
            'tenant_id'   => Sentry::getUser()->tenant_id,  
        ));

Input::get('permissions') in the above is in the following format:

Array
(
    [members.create] => 1
    [members.read] => 1
    [members.update] => 1
    [members.delete] => 1    
    [roles.create] => 0
    [roles.read] => 0
    [roles.update] => 0
    [roles.delete] => 0
)

Now, when i have a look at my database group table, I have only got this:

{"members.create":1,"members.read":1,"members.update":1,"members.delete":1}

As a result, when I come to check a user's permission who has the role of a tester with the following, i get true, the user has access.

$user = Sentry::getUser();                               
$hasAccess = $user->hasAccess('roles.create');           
var_dump($hasAccess);

Would appreciate help, if I am doing it wrong, or something needs to be changed.

aiiwa
  • 591
  • 7
  • 27

1 Answers1

0

That's the way it should work, afaik. The only thing I would suggest, is applying the Sentry permitions as filters, something like:

Route::filter('role.create', function(){
  $user = Sentry::getUser();
  if ( !$user || !Sentry::getUser()->hasAccess('roles.create') ) {
    return Redirect::route('whatever')->with('warning', 'yout cant create roles');
    //or something more relevant to your app
  }
});

and most likely use that filter in routing

  Route::any('user/create',  array('before' => 'role.create', 'as' => 'named.route',
    //return stuff  
  ));
alou
  • 1,432
  • 13
  • 16