Does anyone know a good tutorial on ACL in Symfony 2?

Question

Does anyone know a good tutorial on ACL in Symfony 2?

Asked 10 years, 9 months ago

Viewed 698 times

0

I’m starting a new project and decided to use Symfony, I wonder if anyone knows a good tutorial on Acl and/ or roles so I can implement.

The hierarchy I’ll need to use is more or less this:

Master > Company > Departments > Cells > Employees

When I log into the system, I will need to identify which cell I’m from, which department I’m in, and which company I’m in.

From this analysis I can tell which clients the logged-in user can access, and which CRUD permissions he has, and which fields he can view and/or change.

I’m actually in doubt if I use ACL or simply use papers, so I would need to understand both of you well to make the decision.

4 answers

Browser other questions tagged php symfony acl

You are not signed in. Login or sign up in order to post.

by EHER • **151** points · Answer 1 · 2014-01-29T16:18:38+00:00

A good start is Symfony’s own "Security" documentation: http://symfony.com/doc/current/book/security.html

It will take you some time to read, but I assure you this will save you from further doubts.

It will explain the difference between Authentication and Authorization, how the symfony firewall works (Authentication) and finally how to use ACL with roles.

I believe the ACL part will suit you well. They are very flexible, allowing you to create rules like:

User / Roles

João - Admin_mega_foda Funcionario
Maria - Work Accounting
Joana - Chefe_accounting Accounting Staff

Contents / Roles

Customer Registration (Read and Record): Accounting Admin_mega_foda
Customer Registration (Delete): Chefe_accounting Admin_mega_foda
Company internal documentation: Employee

It will only complicate, if there is some very specific rule about a client that can only be seen by one user, and recorded by another.

In the Symfony developer bar, you can check which user logged in and which roles that user has.

by albert • **161** points · Answer 2 · 2014-02-21T21:44:57+00:00

There is a tutorial translated into Portuguese on Symfony2 security : http://www.duocriativa.com.br/janela/symfony-em-portugues/book/security

by Rodrigo Rigotti • **12,139** points · Answer 3 · 2014-01-29T15:46:07+00:00

You can use Fosuserbundle to manage users of your application.

In the application’s security settings it is possible to define roles, for example, ROLE_MASTER, ROLE_EMPRESA, ROLE_DEPARTMENTO, ROLE_CELULA and ROLE_FUNCIONARIO, and then use Fosuserbundle’s own features to create, change and delete users.

Their documentation is very good and should help you throughout the process of adapting the application to Bundle features :)

by dtelaroli • **101** points · Answer 4 · 2014-01-29T15:47:00+00:00

Official documentation is sufficient:

http://symfony.com/doc/current/cookbook/security/acl.html

In Portuguese:

http://translate.google.com/translate?sl=en&tl=pt&js=n&prevn&_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fsymfony.com%2Fdoc%2Fcurrent%2Fcookbook%2Fsecurity%2Facl.html