Asked 21/5, 2014 at 8:45 Answered 14/12, 2014 at 17:29

I am building system and trying to decide between Voters and ACL. What I need to achieve is there should be users with different roles to access object properties, for example: A regular authenticated user could see Post and it contents but not it's "Position" attribute, and User with editor role could also see the Post and it's contents, and have permision to see "Position" attribute and edit it. Can I achieve this functionality by using voters alone, or I need to use ACL?

EDIT:

I'm sorry for confusing question, I'm new to symfony and don't quite yet understand those concepts. What I wan't to achieve is permissions in object field level. enter image description here

Regular user can access "TITLE" and "CONTENT" properties, and modify "CONTENT" property", moderator can view and edit, both of previous properties, and admin should have access to all object properties, and do whatever with them.

Piddock answered 21/5, 2014 at 8:45 Comment(0)

The docs only explain how to check access on objects rather than properties. I'll explain the decisions I make when choosing between voters or ACL. Next I'll explain how you can use (Hierachy) voters to achieve your goal.

When users simply have or don't have access to a object based on a role, access can be performed using the firewall and is the simplest solution.
However when access depends on a per object basis under certain rules a Voter should be used. An example, Users can only edit a post when they created it. But moderators should always be ably to edit a post.
The most difficult of access control is when a user can be granted access by an other user. For example, an admin can assign users to a post and grant them edit permissions. This is a solution where access can't be decided based purely on the role of the user. The access/permissions need to be stored per user for an object. This is what ACL does. It stores permissions on objects in the database per user.

As for your problem. Mostly these kind of uses are handled in the code itself. I've seen a lot of different forms for an entity. UserPostFormType, ModeratorPostFormType and AdminPostFormType. This isn't very dry as you can see. And checking the type of user in the code

Consider defining roles and manage them using hierarchy.

Define separate roles per property per action. Thus define the following roles.

ROLE_ID_VIEW
ROLE_ID_EDIT
ROLE_TITLE_VIEW
ROLE_TITLE_EDIT
...

You can then assign these roles to the correct user role.

security:
    role_hierarchy:
        ROLE_USER:      [ROLE_TITLE_VIEW, ROLE_CONTENT_VIEW, ROLE_CONTENT_EDIT]
        ROLE_MODERATOR: [ROLE_USER, ROLE_TITLE_EDIT]
        ROLE_ADMIN:     [ROLE_MODERATOR, ROLE_ID_EDIT, ROLE_ID_VIEW]

You can now use the Hierarchy Voter to check if a user can modify or view a certain property. The cleanest solution would be to create a Listener on you form which adds fields on your forms based the permissions the current user has.

Ingravescent answered 14/12, 2014 at 17:29 Comment(1)

Thanks, I resolved this issue in a similar fashion (by creating user roles, but without individual field) some time ago. Your answer makes more sense. – Piddock 14/12, 2014 at 18:49

-1

Voters have nothing to do with ACL. Voters concern is route access whereas ACL concern is object read/write access.So it's not one or the other because they dont have anything to do with each other.

Hoffert answered 21/5, 2014 at 8:47 Comment(2)

From Symfony docs "Using ACL's isn't trivial, and for simpler use cases (...) consider using voters." – Bromidic 21/5, 2014 at 15:14

I do use voters to check on wether a user can access an object when the route does contain some type of object id. Plus you can pass an object to a voter so I don't understand why you couldn't do this... – Askance 25/1, 2015 at 22:53

EDIT:

Recommended topics

Hot tags