dcStatefulSecurityPlugin - 1.0.0

Stateful user authorization plugin

You are currently browsing
the website for symfony 1

Visit the Symfony2 website

« Back to the Plugins Home


Forgot your password?
Create an account



advanced search
Information Readme Releases Changelog Contribute
Show source

dcStatefulSecurity plugin

The dcStatefulSecurityPlugin is a symfony plugin that provides authorization features above the standard security feature of symfony.


  • Install the plugin

    • using the symfony plugin system

      $ symfony plugin:install dcStatefulSecurityPlugin
    • using subversion

      $ svn co http://svn.symfony-project.com/plugins/dcStatefulSecurityPlugin/trunk dcStatefulSecurityPlugin
  • Insert the filter

    rendering: ~
    security:  ~
    # insert your own filters here
      class: dcStatefulSecurityFilter
    cache:     ~
    execution: ~

    Optionally, you can set the default policy:

      class: dcStatefulSecurityFilter
        default_policy: allow # or deny

    Default policy gives you the posibility of allow or deny actions that are not defined in the user class.

  • Clear you cache

    $ symfony cc


Define the user permissions based on object states (and user credentials, why not?).

For example, supose that we have the person module, so, we can disallow the user to edit persons that are blocked (supose that a person is blocked if an attribute 'is_blocked' is set to true)

// in myUser.class.php
public function canEditPerson($person)
  return !$person->isBlocked();