php - php - ZF2 REST API + ACL doesn't return the action name in predispatch - answerstu - answerstu.com answerstu

php - ZF2 REST API + ACL doesn't return the action name in predispatch

Ok, i have a problem, but i think it is not so complicated, so it would be great if someone helped me. 1) I have UserController that extends AbstractRestfulController and it works fine. 2) Then i needed to check the permission to access actions of this controller. If I use "checkPermission" method in every controller it works pretty good, but I want to make this method done in a preDispatch event. And here are some problems: I do like this: Module.php

public function onBootstrap(MvcEvent $e)
{
    $em = $e->getApplication()->getEventManager();
    $em->attach('dispatch', array($this, 'preDispatch'), +100);
}

My method "checkPermission" checks like this (nothing special I think):

if (!$this->isAllowed($role, $this->routeMatch->getParam('controller'), $this->routeMatch->getParam('action'))) {

So the problem: getParam('action') returns null (It means, that in a preDispatch event application doesn't know what action it needs to execute). How can I make it work like I want? Or here is the main question: When does getParam('action') can return value? Only in onDispatch event?

1 Answer

  1. Ben- Reply

    2019-11-14

    since its a restful api, it will never return action name. in added with applying ACL to the Rest API is not a good practice. Use Rest API Authentication HEADERS instead of ACL.
    refer this link
    --SJ

Leave a Reply

Your email address will not be published. Required fields are marked *

You can use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>