Skip to content

1.10.0
Compare
Choose a tag to compare
@dereuromark dereuromark released this 13 Oct 11:22
· 254 commits to master since this release
1.10.0
da80c9c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Improvements

hasAccess() so far only included ACL data. Those links and access checks are meant to be used for logged in users.
It now can include also "allow" authentication-skipping data (publicly accessible actions), if includeAuthentication is set to true.
But this only checks/uses the INI config, it can not work on controller authentication. So make sure
you transformed everything fully to the INI file here. Any custom ->allow() call in controllers
can not be taken into account.

For this to work some of the (wrongly shared) configs had to be changed (while trying to keep BC):

ACL config:

  • cacheKey is now aclCacheKey
  • file is now aclFile
  • filePath is now aclFilePath

Authentication config:

  • cacheKey is now allowCacheKey
  • file is now allowFile
  • filePath is now allowFilePath

If you didnt modify any, you are BC here for sure.
If you used online runtime config on the classes (instead of Configure), you will also be fine.
Only if you used Configure (which technically was a bit wrong since they might affect both types due to the same key) you might have to do a small migration here.

Assets 2
Loading