I would like to build my own very fine granular user rights system with Neos Flow 5.x For each individual user it should be possible to set exactly whether he is allowed to execute the action “x”.
That means before each call of an action function I would like to check if this is allowed at all. I could now add a corresponding initializeAction() to each controller - but I wonder if I can make this more global - a kind of initializeController() function.
Can anyone help me at this point? Thanks in advance for your support.
You could still create an own privilege class that decides independent of the roles.
But if you still want to have some entry-point into the controller invocation, you could hook onto the “BeforeControllerInvocation” signal, which receives the ActionRequest, ActionResponse and Controller as arguments.