I would like to build my own very fine granular user rights system with Neos Flow 5.x For each individual user it should be possible to set exactly whether he is allowed to execute the action “x”.
That means before each call of an action function I would like to check if this is allowed at all. I could now add a corresponding initializeAction() to each controller - but I wonder if I can make this more global - a kind of initializeController() function.
Can anyone help me at this point? Thanks in advance for your support.
user rights are normally done via the Policy.yaml files.
You can create custom privilege classes which could do certain checks based on a users properties.
Thanks a lot Sebastian for your prompt help. I know the idea of Policy.yaml - with n actions and m users I would have to create n^m roles. This gets very quickly tedious.
Thanks for your link - maybe I will find it here. I will contact you if I find something useful.
You could still create an own privilege class that decides independent of the roles.
But if you still want to have some entry-point into the controller invocation, you could hook onto the “BeforeControllerInvocation” signal, which receives the ActionRequest, ActionResponse and Controller as arguments.