Global policy files no longer allowed
Since one of the last changes, global policy files are no longer allowed. After a discussion on the IRC channel, this seems to be a bug.
All that should be checked is wether or not a role is defined in that Policy file not if it exists as it makes sense to configure the acls on installation base.
Other than that, this check should not be executed if the security is disabled at all which it is in my case.
Updated by Thomas Hempel about 8 years ago
FYI: I'm not entirely sure what should be allowed in global policy files but I wonder why I am supposed to change the files of a package (which is not necessarily from me) in order to change the acls for, let's say Anonymous.
My global Policy.yaml file looks like this:
Vendor: MyPackage: acls: Anonymous: methods: updateMethods: GRANT createMethods: GRANT deleteMethods: GRANT
My local package Policy.yaml looks like:
roles: AdminRole: ['EditorRole'] EditorRole:  resources: entities:  methods: deleteMethods: 'method(Vendor\MyPackage\Controller\.*->delete.*())' updateMethods: 'method(Vendor\MyPackage\Controller\.*->update.*())' createMethods: 'method(Vendor\MyPackage\Controller\.*->create.*())' acls: AdminRole: methods: deleteMethods: GRANT EditorRole: methods: updateMethods: GRANT createMethods: GRANT deleteMethods: DENY
Updated by Philipp Maier almost 8 years ago
Right now, not even Policy.yaml files within the "Vendor.Package/Configuration" folder are working.
After moving the Policy.yaml inside "Vendor.Package/Configuration/Development" it worked again.
This might be a bug, might be intended or just my Flow installation going to hell - I'll test this later with a fresh installation.