New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change Acl default action to DENY #13758

Closed
niden opened this Issue Jan 10, 2019 · 1 comment

Comments

Projects
1 participant
@niden
Copy link
Member

niden commented Jan 10, 2019

The default access level for Acl is Acl::ALLOW.

It needs to be changed to Acl::DENY to ensure that only the developer/app allow subjects and operations vs the component itself

@niden niden self-assigned this Jan 10, 2019

@niden niden added this to To do in 4.0 Release via automation Jan 10, 2019

niden added a commit to niden/cphalcon that referenced this issue Jan 10, 2019

niden added a commit to niden/cphalcon that referenced this issue Jan 10, 2019

niden added a commit to niden/cphalcon that referenced this issue Jan 10, 2019

@niden niden moved this from To do to In progress in 4.0 Release Jan 10, 2019

@niden niden referenced this issue Jan 10, 2019

Merged

T13758 acl default access level #13759

3 of 3 tasks complete

niden added a commit to niden/cphalcon that referenced this issue Jan 10, 2019

[phalcon#13758] - Merge branch '4.0.x' into T13758-acl-default-access…
…-level

* 4.0.x:
  Add to changelog and split out tests
  Fix for phalcon#13724
  Update docblocks
  Fix most of the issues
  PHPCS fixes
  Final Cli Console tests
  __get() test and Set Argument test working. Still to do HandleCest
  Getting there on Cli\Console tests.

niden added a commit that referenced this issue Jan 10, 2019

Merge branch 'niden-T13758-acl-default-access-level' into 4.0.x
* niden-T13758-acl-default-access-level:
  [#13758] - Added changelog entry
  [#13758] - Added test for default action in Acl
  [#13758] - Added default action to be deny
  [4.0.x] - Added match to travis for issue branches
  [4.0.x] - Code cleanup
  Revert "Revert "[4.0.x] -""
  Revert "[4.0.x] -"
  [4.0.x] -
  [4.0.x] - PHPCS fix
@niden

This comment has been minimized.

Copy link
Member

niden commented Jan 10, 2019

Implemented

@niden niden closed this Jan 10, 2019

4.0 Release automation moved this from In progress to Done Jan 10, 2019

CameronHall added a commit to CameronHall/cphalcon that referenced this issue Jan 20, 2019

@CameronHall CameronHall referenced this issue Jan 20, 2019

Open

Phalcon\Exception implements \Throwable #13776

2 of 2 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment