• Task Queue Doc
• Middlewares Doc
• Feature Flag
• CSRF Tokens
• Client Config

Webhooks allow you to send a request to remote server based on triggered event

use command \oat\tao\scripts\tools\RegisterEventWebhook to register events that are implementing \oat\tao\model\webhooks\configEntity\WebhookInterface interface.

i.e:

$ php index.php 'oat\tao\scripts\tools\RegisterEventWebhook'
    \ -u "https://example.com"
    \ -m "POST"
    \ -e "<<Class FQN>>"

In order to check ACL permissions, you can use the PermissionChecker:

$permissionChecker = $this->getServiceLocator()->get(oat\tao\model\accessControl\PermissionChecker::class);

$permissionChecker->hasWriteAccess('resourceId');
$permissionChecker->hasReadAccess('resourceId');
$permissionChecker->hasGrantAccess('resourceId');

Important: It takes into consideration the current user in the session, if no user is provided.

Script allow you to apply (add)/revoke (remove) list of rules and/or permissions to a specific roles and actions.

Execute the following command to apply (add) new rules/permissions:

$ php index.php 'oat\tao\scripts\tools\accessControl\SetRolesAccess' \
--config [config.json|json_string]

If you want to revoke (remove) them, add --revoke flag:

$ php index.php 'oat\tao\scripts\tools\accessControl\SetRolesAccess' \
--revoke \
--config [config.json|json_string]

{
  "rules": {
    "role": [
      {
        "ext": "extensionIdentifier",
        "mod": "actionControllerName",
        "act": "actionMethodName"
      }
    ]
  },
  "permissions": {
    "controller": {
      "action": {
        "rule1": "READ",
        "rule2": "WRITE"
      }
    }
  }
}

Here you can find the environment variables including feature flags

Check more information about actions/controllers and routing here

Check the current observer implementations here