Chapters
33 Chapters
|
3:34:13
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!Compatible PHP versions: ^7.1.3
Subscribe to download the code!Compatible PHP versions: ^7.1.3
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
21.
Role Hierarchy
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": "^7.1.3",
"ext-iconv": "*",
"composer/package-versions-deprecated": "^1.11", // 1.11.99
"doctrine/annotations": "^1.0", // 1.10.2
"doctrine/doctrine-bundle": "^1.6.10", // 1.10.2
"doctrine/doctrine-migrations-bundle": "^1.3|^2.0", // v2.0.0
"doctrine/orm": "^2.5.11", // v2.7.2
"knplabs/knp-markdown-bundle": "^1.7", // 1.7.0
"knplabs/knp-paginator-bundle": "^2.7", // v2.8.0
"knplabs/knp-time-bundle": "^1.8", // 1.8.0
"nexylan/slack-bundle": "^2.0,<2.2.0", // v2.0.0
"php-http/guzzle6-adapter": "^1.1", // v1.1.1
"phpdocumentor/reflection-docblock": "^3.0|^4.0", // 4.3.0
"sensio/framework-extra-bundle": "^5.1", // v5.2.0
"stof/doctrine-extensions-bundle": "^1.3", // v1.3.0
"symfony/asset": "^4.0", // v4.1.4
"symfony/cache": "^3.3|^4.0", // v4.1.4
"symfony/console": "^4.0", // v4.1.4
"symfony/flex": "^1.0", // v1.21.6
"symfony/framework-bundle": "^4.0", // v4.1.4
"symfony/lts": "^4@dev", // dev-master
"symfony/property-access": "^3.3|^4.0", // v4.1.4
"symfony/property-info": "^3.3|^4.0", // v4.1.4
"symfony/security-bundle": "^4.0", // v4.1.4
"symfony/serializer": "^3.3|^4.0", // v4.1.4
"symfony/twig-bundle": "^4.0", // v4.1.4
"symfony/web-server-bundle": "^4.0", // v4.1.4
"symfony/yaml": "^4.0", // v4.1.4
"twig/extensions": "^1.5" // v1.5.2
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.0", // 3.0.2
"easycorp/easy-log-handler": "^1.0.2", // v1.0.7
"fzaninotto/faker": "^1.7", // v1.8.0
"symfony/debug-bundle": "^3.3|^4.0", // v4.1.4
"symfony/dotenv": "^4.0", // v4.1.4
"symfony/maker-bundle": "^1.0", // v1.7.0
"symfony/monolog-bundle": "^3.0", // v3.3.0
"symfony/phpunit-bridge": "^3.3|^4.0", // v4.1.4
"symfony/stopwatch": "^3.3|^4.0", // v4.1.4
"symfony/var-dumper": "^3.3|^4.0", // v4.1.4
"symfony/web-profiler-bundle": "^3.3|^4.0" // v4.1.4
}
}
4 Comments
Sorry about comment in Symfony 2 Track.
What about Roles Hierarchy inside Voter?
ROLE_ADMIN: [ROLE_USER, ROLE_EVENT_CREATE]``if (in_array('ROLE_EVENT_CREATE', $user->getRoles())) {
return true;
}
`
Above code will fail about that when user has ROLE_ADMIN - it will check only for ROLE_EVENT_CREATE in roles, but ignore whole hierarchy.
How to deal with that?
Is
`
foreach ($user->getRoles() as $role) {
`
propper solution?
Hey Krzysztof K.!
Excellent question :). You're 100% correct that checking for a role in
$user->getRoles()is not the correct approach - and that's why I recommend not doing this. There are people that use theroleHierarchy->getReachableRoleNames([$role])approach also. While this will work, it's not the proper solution - and I think you have already guessed that :). The main problem is that there is already code in the security system which handles all of this. So checking the role hierarchy manually is just re-inventing that wheel. Plus, the proper solution is easier!The proper solution is hiding way at the end of the tutorial - inject the Security object (no different than any other part of your code that needs to check security) and use it: https://symfonycasts.com/screencast/symfony-security/custom-voter#checking-for-roles-inside-a-voter
Let me know if that helps!
Cheers!
What's up!
Why not to use the naming like "ROLE_{RESOURCE}_ADMIN" instead of "ROLE_ADMIN_{RESOURCE}"? =)
Hey Bagar,
Just a matter of taste? :p Really, there's no any reason behind of it. The only requirement is that your role should start with "ROLE_" and that's it. Well, it comes form the Symfony docs that we advise ROLE_SUPER_ADMIN instead of ROLE_ADMIN_SUPER - probably because the 2nd sounds weird? :) So, it looks like the 1st template sounds better, but techincally it does not matter you can do whatever you want ;)
Cheers!
"Houston: no signs of life"
Start the conversation!