Permissons in policy.yaml Neos 2.3LTS

Hello Everyone,

I hope someone can get me a hint how to solve the problem. I have a multisite-installation and want to create a role espacialy for one site. Which isn’t the big problem, but my Administrator doesn’t have any right on this site eather.
So how can I create my policy.yaml that I dno’t have to change the policy.yaml everytime we get a new site?

To get it more clear - this is my policy.yaml and it is at the moment only restricting the assest collection

the assets are called: apo00xx

matcher: ‘isType(“TYPO3\Media\Domain\Model\AssetCollection”) && property(“title”).like(“apo%”)’
matcher: 'isType(“TYPO3\Media\Domain\Model\AssetCollection”) && property(“title”).like("%apo0001%")'
parentRoles: [‘TYPO3.Neos:Editor’]
privilegeTarget: ‘permanent.apo0001:media’
permission: GRANT
privilegeTarget: 'permanent.basic:media’
permission: GRANT
privilegeTarget: 'permanent.apo0001:media’
permission: GRANT

As far as I understand it, you can grant access to a collection and if you have another delimiter all other roles are excluded, but can I create a privilegeTarget which grant in my case the admin access to all?

Thanks in advance

Hey Robby

You can create your own security helpers like isType that accept a regex or wildcard like %. See for an example how to do so.

Basically by mimicking the isInCollection helper, but using LIKE instead of = in

Hope that helps.


1 Like