Home » Php » php – How to store Symfony2 "access_control" information in Database?

php – How to store Symfony2 "access_control" information in Database?

Posted by: admin July 12, 2020 Leave a comment

Questions:

I am using Symfony2 and I have users and roles already stored in my DB. If I set something like below in security.yml it works great:

access_control:
   - { path: ^/admin, role: ROLE_ADMIN}
   - { path: ^/users, role: ROLE_MANAGER}

But I would like to store this access_control information in the database, so the user from my system can change the permissions itself by using the administrative interface.

I looked at ACL and FOSUserBundle but could not find a solution for this. I found that I could check permissions with something like if ($user->hasRole($role)) but I would need to do this in every controller.

Is there a way to define a dynamic “access_control” feature? Maybe something like redirecting the access_control to some class that could return true or false.
Any solution?

How to&Answers:

The best way would be to setup a specific role (e.g. DB_ROLE_CHECK) that you set on your actions/services that you want validated against your database stored roles.

Then you would create a security voter that hooks into DB_ROLE_CHECK and validates your request against your database entries.

See:

Answer:

The access map is built here.

If no access_control is found, nothing is done.

Now, define your own implementation of the AccessMapInterface and override the parameter security.access_map.class with your class.

You will probably need a factory to build your AccessMap.