From 22be309dc253c94e2815243a34c14d8a6df97810 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Sun, 28 Nov 2021 23:42:22 +0100
Subject: [PATCH] fix: [ACL] fix wildcard controller checks failing

---
 src/Controller/Component/ACLComponent.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/Controller/Component/ACLComponent.php b/src/Controller/Component/ACLComponent.php
index cd38752..ea0378f 100644
--- a/src/Controller/Component/ACLComponent.php
+++ b/src/Controller/Component/ACLComponent.php
@@ -267,9 +267,19 @@ class ACLComponent extends Component
             return true;
         }
         //$this->__checkLoggedActions($user, $controller, $action);
+        if (isset($this->aclList['*'][$action])) {
+            if ($this->evaluateAccessLeaf('*', $action)) {
+                return true;
+            }
+        }
         if (!isset($this->aclList[$controller])) {
             return $this->__error(404, __('Invalid controller.'), $soft);
         }
+        return $this->evaluateAccessLeaf($controller, $action);
+    }
+
+    private function evaluateAccessLeaf(string $controller, string $action): bool
+    {
         if (isset($this->aclList[$controller][$action]) && !empty($this->aclList[$controller][$action])) {
             if (in_array('*', $this->aclList[$controller][$action])) {
                 return true;