I want to create different pages for users and admins. It seems that:
$app->user->checkAccess('uri_my-whatever-access-rights')
does not work for admins, it always validates to true. I don't want the admin to have the same options as a regular user.
This goes for index.php (Slim) as well as the Twig templates (admins see all user menus, even though they are only meant for users).
Bug? Am I doing something wrong?
Thanks
i noticed the same behavior on my project. The root user always sees everything, a possible fix would be to simply exclude the 'user_master_id' if you not want to see everything as root.
Something like:
if($app->config('user_id_master') == $app->user->id)
should do the job.
Edit: I checked the User.checkAccess(..) Method. See also the API
The User with the MasterUserId will see everything (evaluates always true) any other Admin does not see the stuff which it should not see - like defined in the rule(s).
If you want to exclude the root from some pages/entries simply append a suitable routine like isRoot() to the user model, register it here and you can use it in twig and also in the routing routines.
regards