Does anyone know a good ACL tutorial on Symfony 2? [closed]

0

I am starting a new project and I decided to use Symfony, I would like to know if anyone knows a good tutorial on acl and / or roles so I can implement it.

The hierarchy I'm going to need to use is something like this:

  

Master > Company > Departments > Cells > Employees

When I log into the system, I will have to identify which cell I am, which department, and which company.

From this analysis I can tell which clients the logged-in user can access, and what CRUD permissions he has, and which fields he can view and / or change.

I am actually in doubt whether I use ACLs or simply use roles, so I would need to understand both of them to make the decision.

    
asked by anonymous 29.01.2014 / 16:33

4 answers

1

A good start is the symfony "Security" documentation: link

You're going to take some time reading, but I guarantee this will save you from further questions.

It will explain the difference between authentication and authorization, how the symfony firewall works (Authentication), and finally how to use ACL with roles.

I believe the ACL part will suit you well. They are very flexible, allowing you to create rules of the type:

User / Roles

  • João - Admin_Mega_Foda Official
  • Maria - Accounting Officer
  • Joana - Chief_Accounting Accounting Officer

Content / Roles

  • Customer Registration (Read and Write): Accounting Admin_Mega_Foda
  • Customer Registration (Delete): Account_Account Admin_Mega_Foda
  • Internal company documentation: Employee

It will only complicate if there is a very specific rule about a client that can only be seen by one user, and recorded by another.

In Symfony's developer bar, you can check which user is logged in and what roles that user has.

    
29.01.2014 / 17:18
0

You can use FOSUserBundle to manage the users of your application.

In the security settings of the application you can define roles, for example ROLE_MASTER, ROLE_EMPRESA, ROLE_DEPARTMENT, ROLE_CELULA and ROLE_FUNCIONARIO, and then use the FOSUserBundle's own features to create, change and delete users.

Their documentation is very good and should help you through the process of adapting the application to the bundle features:)

    
29.01.2014 / 16:46
0

Official documentation is sufficient:

link

In Portuguese:

link

    
29.01.2014 / 16:47
0

There is a tutorial translated into Portuguese about Symfony2 security: link

    
21.02.2014 / 22:44