Using JWT plugin+ ACL manager plugin

Need Help
1

Hi,

I was following this tutorial http://www.bravo-kernel.com/2015/04/how-to-add-jwt-authentication-to-a-cakephp-3-rest-api/ using this plugin https://github.com/ADmad/cakephp-jwt-auth

But now I need to make a REST API with ACL manager, for divide users in groups/roles and some roles/groups/users have different permission for access to diferents methods in controllers…so I use this plugin https://github.com/ivanamat/cakephp3-aclmanager but try to put this inside of /Api/AppController:

/* public $components = [
‘Acl’ => [
‘className’ => ‘Acl.Acl’
]
];*/

public function initialize()
{
    parent::initialize();



$this->loadComponent(‘Auth’, [
/‘authorize’ => [
‘Acl.Actions’ => [‘actionPath’ => ‘controllers/’]
],/
‘storage’ => ‘Memory’,
‘authenticate’ => [
‘Form’ => [
‘scope’ => [‘Users.active’ => 1]
],
‘ADmad/JwtAuth.Jwt’ => [
‘parameter’ => ‘token’,
‘userModel’ => ‘Users’,
‘scope’ => [‘Users.active’ => 1],
‘fields’ => [
‘username’ => ‘id’
],
‘queryDatasource’ => true
]
],
‘unauthorizedRedirect’ => false,
‘checkAuthIn’ => ‘Controller.initialize’
]);
If I uncomment the lines I recieve this error:

“DbAcl::check() - Failed ACO node lookup in permissions check. Node references”

Existe another way for use ACL+JWT?

Thanks in advance

2

Anybody found a solution to this? I could successfully do authentication with JWT, but authorization is a different ballgame. The current ACL doesn’t seem to play nice with JWT and I always keep getting a similar permissions check error.

3

My JWT plugin handles authentication. It has nothing to do with ACL which is for authorization. I have never used the Acl plugin so can’t offer any help.

4

Looks like an ACL data issue. Although I’m using cakephp/acl plugin the error seems familiar. Check the acos, aros and aros_acos tables.

aros table should be populated when running bin/cake acl_extras aco_sync
acos table should be populated when creating a new group and user via the endpoint.
aros_acos table should be populated when grant/deny permissions. e.g, bin/cake acl grant Groups.1 controllers

Hope these helps.