1. Vegas CMF
  2. Guide
  3. Access Control List
  4. CLI reference

CLI reference

Usage

This is a quick guide how to use ACL command line interface. It assumes you understand the idea of tasks (see CLI Task for more information).
To display the list of available actions, just enter from the Vegas-built project root: 

php cli/cli.php vegas:security_acl:role

Actions

add

php cli/cli.php vegas:security_acl:role add [options]

[options]
  --name           -n      Name of role
  --description    -d      Description of role

Creates new role.
Example usage:
vegas:security_acl:role add -n Manager -d "Manages regular users"


remove

php cli/cli.php vegas:security_acl:role remove [options]

[options]
  --name           -n      Name of role

Removes existing role.
Example usage:
vegas:security_acl:role remove -n Manager


allow

php cli/cli.php vegas:security_acl:role allow [options]

[options]
  --name           -n      Name of role
  --resource       -r      Resource to allow
  --access_list    -al     List of accesses in resource to allow

Grants access to a resource for specified role. Multiple access lists can be specified.
Both role and resource must exist before running this command.
Example usage:
vegas:security_acl:role allow -n Editor -r mvc:wiki:Frontend-Handbook -al index


deny

php cli/cli.php vegas:security_acl:role deny [options]

[options]
  --name           -n      Name of role
  --resource       -r      Resource to deny
  --access_list    -al     List of accesses in resource to deny

Removes access to a resource for specified role. Multiple access lists can be specified.
Both role and resource must exist before running this command.
Example usage:
vegas:security_acl:role deny -n Editor -r mvc:wiki:Frontend-Handbook -al delete


setup

php cli/cli.php vegas:security_acl:role setup

Populates application database with predefined roles: Guest and SuperAdmin.
Sets up all privileges to SuperAdmin user as well. Resource list must be generated first.


build

php cli/cli.php vegas:security_acl:role build

Clears stored list of resources with their accesses and recreates it based on @ACL annotations in controllers.
By default it adds one resource & resource access combination used as catch-all for all possible actions. SuperAdmin role relies on it.

For more flexible deployments, just add them into app/config/config.php DI configuration using following convention:
return [
    // ...
    'acl' => [
        \Vegas\Security\Acl\Resource::WILDCARD   =>  [
            'description'   =>  'All privileges (for super admin)',
            'accessList'    =>  [
                [
                    'name'  => \Vegas\Security\Acl\Resource::ACCESS_WILDCARD,
                    'description' => 'All',
                    'inherit' => ''
                ]
            ]
        ],
        // more resources...
    ],
];

© 2014 Amsterdam Standard