OneupAclBundle icon indicating copy to clipboard operation
OneupAclBundle copied to clipboard

Published 20 hours ago verified publisher icon 1up-lab

Class permission

Open unusorin opened this issue 10 years ago • 2 comments

Hi, I'm trying to set up this acl manger with doctrine ODM on Symfony 2.5. Everything seems to work but I've noticed that the class permissions are not working. Basically, I've annotated my document like

     @Acl\DomainObject({
         @Acl\ClassPermission({ "ROLE_ADMIN" = MaskBuilder::MASK_IDDQD })
       })

, but when I check permissions with isGranted using a normal user, it allows me to create a new document. Do you have any ideas about this issue ?

Thanks.

unusorin avatar Jun 14 '14 15:06 unusorin

IIRC this is the way the current granting process works. Have you tried to explicitly define the permission for ROLE_USER?

@Acl\DomainObject({
    @Acl\ClassPermission({ "ROLE_ADMIN" = MaskBuilder::MASK_IDDQD })
    @Acl\ClassPermission({ "ROLE_USER" = MaskBuilder::MASK_VIEW })
})

sheeep avatar Jun 20 '14 09:06 sheeep

I Have a similar issue :

security:
      acl:
        connection: default
        voter:
          allow_if_object_identity_unavailable: false

And when I do

$aclManager->setClassPermission('My\\Class\\Name', MaskBuilder::MASK_VIEW, $user);

// always returns false 
$aclManager->isGranted('VIEW', 'My\\Class\\Name')

isGranted returns always false ... Did I miss something ?

GreGosPhaTos avatar Mar 28 '16 19:03 GreGosPhaTos