dcStatefulSecurityPlugin - 1.0.0

Stateful user authorization plugin

You are currently browsing
the website for symfony 1

Visit the Symfony2 website


« Back to the Plugins Home

Signin


Forgot your password?
Create an account

Tools

Stats

advanced search
Information Readme Releases Changelog Contribute
Show source

dcStatefulSecurity plugin

The dcStatefulSecurityPlugin is a symfony plugin that provides authorization features above the standard security feature of symfony.

Installation

  • Install the plugin

    • using the symfony plugin system

      $ symfony plugin:install dcStatefulSecurityPlugin
    • using subversion

      $ svn co http://svn.symfony-project.com/plugins/dcStatefulSecurityPlugin/trunk dcStatefulSecurityPlugin
  • Insert the filter

    rendering: ~
    security:  ~
     
    # insert your own filters here
    stateful_security:
      class: dcStatefulSecurityFilter
     
    cache:     ~
    execution: ~

    Optionally, you can set the default policy:

    stateful_security:
      class: dcStatefulSecurityFilter
      param:
        default_policy: allow # or deny

    Default policy gives you the posibility of allow or deny actions that are not defined in the user class.

  • Clear you cache

    $ symfony cc

Usage

Define the user permissions based on object states (and user credentials, why not?).

For example, supose that we have the person module, so, we can disallow the user to edit persons that are blocked (supose that a person is blocked if an attribute 'is_blocked' is set to true)

// in myUser.class.php
public function canEditPerson($person)
{
  return !$person->isBlocked();
}