Bug #43236

f:security.ifHasRole role ="..." does not recognize the right role

Added by Jan Greth almost 9 years ago. Updated almost 9 years ago.

Must have
Target version:
Start date:
Due date:
% Done:


Estimated time:


Hey everyone!

I think there is a difference between the <f:security.ifHasRole role="...">-ViewHelper in TYPO3 Flow v 1.0.6 and 1.1.0 .
'Cause my problem is this: I tried to do the Registration and Login Guide on layh.com

Everything works fine - except one thing: Inside the Index Template, there should be a decision
between two possibilities: On the one hand beeing logged in (role = "Visitor"), then show logout link or you
are not logged in, then show log in form.
This should be done by using:

<f:security.ifHasRole role="Visitor">
    <!-- Logout Link -->
    <!-- Log in form -->

But this does not work. The log in form is always showed.
OK, i cheked the Database. Everything fine. User was created and has the right role.

#    flow3_persistence_identifier    party    accountidentifier    authenticationprovidername credentialssource    creationdate    expirationdate    roles
1    '202b0f71-d36c-4900-b0b9-59569aff273d'    NULL    'jan'    'DefaultProvider' 'bcrypt=>$2a$14$gzVFpOIPsClcLqM4ZrJA1.cn1umi8JONXVZ2v41xLwsiUvzYEQfQK'    '2012-11-21 11:03:26'    NULL    'a:1:{i:0;s:7:"Visitor";}'

Then i tried replacing the f:security.ifHasRole by f:security.ifAuthenticated -> that works fine.

So i added the following:
LoginController - indexAction:

    $account = $this->securityContext->getAccount()->getRoles();
            $isset = 'Is set!';
            $isset = 'Is not set!';
    $this->view->assign('roles', $account);
    $this->view->assign('isset', $isset);


    <f:section name="Title">
            <f:for each="{roles}" as="role">
                <li>Role: {role}</li>
        Is set? -> {isset}

I got the following output:
Role: Visitor
Is set? -> Is not set!

But I know it is set in the DB and as I see using the f:security.ifAuthenticated ViewHelper,
Logging in works also. All this happens when running the code on Flow 1.1.0.
When I copy the exact somae code onto a Flow 1.0.6 - it works! Both!
The f:security.ifAuthenticated and the f:security.ifHasRole !

But I want to use 1.1.0 - so what can there be wrong?

Here my complete code:
Settings.yaml: [[http://pastebin.com/b1H073fX]]
LoginController.php: [[http://pastebin.com/2Avz9ib7]]
Index.html: [[http://pastebin.com/MXF65WF7]]



Updated by Rafael Kähm almost 9 years ago

Please define your role in Policy.yaml

see http://flow.typo3.org/documentation/guide/partiii/security.html#policies-aka-access-control-lists-acls

  Administrator: []
  Customer: []
  PrivilegedCustomer: [Customer]
  Visitor: []

see TYPO3\Flow\SecurityContext on row 312

$roles = array_intersect($roles, $this->policyService->getRoles());


Updated by Jan Greth almost 9 years ago

  • % Done changed from 0 to 100

Ok, solved it.
Had a really stupid misspelling in Policy.yaml...

Thanks for bringing me on track again. ;)


Updated by Karsten Dambekalns almost 9 years ago

  • Status changed from New to Resolved
  • Target version deleted (1.1.1)

Also available in: Atom PDF