-
Notifications
You must be signed in to change notification settings - Fork 5
acl
David Spreekmeester edited this page Dec 2, 2014
·
1 revision
In /application/configs/acl.ini you can control access to models and controllers. Four roles are already present after the project build: visitor, user, admin and developer. Add a controller resource like this:
acl.resources.my-controller.id = "events"
And control access to its actions like this:
acl.resources.my-controller.allow.all.roles = "visitor"
In this case all means "all actions".
Models follow largely the same pattern. Note that the Spawn command configures some basic ACL for you:
acl.resources.Model_Sponsor.id = Model_Sponsor
acl.resources.Model_Sponsor.allow.all.roles = "admin"
The following methods can be specified for models:
- create
- update
- destroy
- fetch
- fetch_own
- count
- update_own
- delete_own
- relate