Le 21/03/2011 20:11, Gustavo Adrian a écrit :
Hi all,
I'm starting to implement the ACL feature on my app and, for what
I''ve read and what I've already implemented, I must say: it's
BEAUTIFUL. Great job guys. It's just what I was looking for :)
I have one question about this wonderful feature:
1) I've already implemented object scope permissions using the
ObjectIdentifier class. What I don't know is: How to grant a class
scope and class-field scope permissions to a user? I didn't find how
to do it in the docs and I didn't find in the API something like
ClassIdentifier. Which is the right way to grant a class scope
permission to a user? Do I have to check this permissions the same way
I do it with object-scope permissions? ($securityContext->isGranted(
'UPDATE', $objectIdentity ) )
the key to create a class Ace is to use the insertClassAce method:
$oid = new ObjectIdentity('whatever_you_want', 'Class\\Name');
$acl = $provider->createAcl($oid);
$sid = UserSecurityIdentity::fromAccount($user);
$acl->insertClassAce($sid, MaskBuilder::MASK_OWNER);
And then your user will have OWNER rights for all instances of the
Class\Name class. The way to check does not change.
Regards
--
Christophe | Stof
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
