Fix broken ACL inheritance

[ghost]

See #905

[swen100]

Hi,

tried it out in 1.3.0. This issue is still present! I always get access to ressources which should be denied.

Greetings.

[ghost]

Could you please post a test case?

[swen100]

$acl = new Phalcon\Acl\Adapter\Memory();

//Default action is deny access
$acl->setDefaultAction(Phalcon\Acl::DENY);

//Add "Guests" role to acl
$acl->addRole( new Phalcon\Acl\Role('Guests') );

//Add "Designers" role to acl
$acl->addRole('Designers');

//Define the "Customers" resource
$customersResource = new Phalcon\Acl\Resource('Customers', 'Customers management');

//Add "customers" resource with a couple of operations
$acl->addResource($customersResource, 'search');
$acl->addResource($customersResource, array('create', 'update'));

//Set access level for roles into resources
$acl->allow('Guests', 'Customers', 'search');
$acl->allow('Guests', 'Customers', 'create');
$acl->deny('Guests', 'Customers', 'update');

//Check whether role has access to the operations
echo $acl->isAllowed('Guests', 'Customers', 'edit') . "
"; // should return 0 but returns 1 !!!
echo $acl->isAllowed('Guests', 'Customers', 'update'); // should return 0 but returns 1 !!!

[ghost]

OK, confirmed, I will file a separate bug report for this case.

[ghost]

See #1303