B
B
BonBon Slick2018-02-10 18:24:20
symfony
BonBon Slick, 2018-02-10 18:24:20

Why does Symfony require the ROLE_ prefix on roles?

All roles you assign to a user must begin with the ROLE_ prefix. Otherwise, they won't be handled by Symfony's security system in the normal way (ie unless you're doing something advanced, assigning a role like FOO to a user and then checking for FOO as described below will not work)

Why and why so? How could this be related to "Security"? What does it give?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
B
BoShurik, 2018-02-10
@BonBonSlick

Because apart from

if ($this->isGranted('ROLE_ADMIN')) {
// Тут код, который доступен только админу
}

Can do like this
if ($this->isGranted('EDIT', $post)) {
// Тут код только для тех пользователей, которые могут редактировать конкретный пост
// Это может быть как автор поста (ROLE_USER), так и админ (ROLE_ADMIN)
}

Thus roles are a special case of security attributes
symfony.com/doc/current/security/voters.html

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question