0

Consider that in a controller we have 10 actions in that 8 actions can be accessed by anyone but remaining two actions should be accessed by particular user roles.

This I tried using by setting Guard\Controller, but using this 10 actions are accessible to all users or 2 restricted actions are able to access particular user roles still I'm not getting how to configure as per my requirement.

Mahesh.D
  • 1,691
  • 2
  • 23
  • 49
  • What have you tried (specifically, with code)? Because you [could look at the docs](https://github.com/bjyoungblood/BjyAuthorize) and see an example. E.g. you could allow the use the Route Guard (last bit above "Helpers and Plugins" chapter) to set the roles that are allowed access to each of the routes (i.e. functions). For that you'd use `\BjyAuthorize\Guard\Route::class` in the config, see the link. – rkeet Jun 08 '17 at 11:22
  • As an example for the above comment: `\BjyAuthorize\Guard\Route::class => [ ['normal_route1', 'roles' => ['guest', 'user']], ['normal_route2', 'roles' => ['guest', 'user']], ['special_route1', 'roles' => ['user']],],`. Notice the abscence of "guest" with the 'special_route1'. Guest users may not access it. – rkeet Jun 08 '17 at 11:24

1 Answers1

0

In Zend Framework there are Event Listener and ACL. You should create ACL for each action and after it catch ROUTE event. Here is the documatation of ACL.

In this URL is step by step tutorial: Zend Framework 2 ACL setup in 5 minutes – tutorial

Hayk Manasyan
  • 508
  • 2
  • 20