Apigility and ZfcRbac

[chateaux]

Hi -

Quick question, I noticed I was getting some forbidden errors when using the Apigility admin gui and the Modules were not being created as anticipated: http://stackoverflow.com/questions/27365197/zf2-apigility-not-creating-new-api

Turns out the ZfcRbac was causing the problem.

I have included the following in my array:

            //API
            'status.rest.status'        => ['guest'],
            'zf-apigility/ui'              => ['guest'],
            'apigility/ui'                 => ['guest'],
            'zf-apigility/admin'         => ['guest'],

Is there a blanket method to give a third party module full access rights? Or do I need to find out every route that ApiGility uses and include them?

[bakura10]

Ha...

I suppose you are using a guard? I don't know how Apigility works, but isn't there a base root that you could authorize? (like "zf-apigility")?

Also, you could set the policy to "ALLOW" (see here: https://github.com/ZF-Commons/zfc-rbac/blob/master/config/zfc_rbac.global.php.dist#L63) during development, so that if no role is defined for a given route, then it fallback to the protection policy.

[chateaux]

You are 100% right.

What I did to resolve this was to create an autoload file: mydev.local.php and to include the following in it:

[ 'protection_policy' => \ZfcRbac\Guard\GuardInterface::POLICY_ALLOW ] Problem solved. thanks! ];