问题
I've been working with Symfony (2.x) for the first time and I had some questions regarding the definition of roles, role hierarchy, and how they can be assigned to individual users.
I was interested in storing the roles and role hierarchy in a database (rather than security.yml); however, I cannot find any documentation supporting this. Is this advisable?
I was interested in having an admin module that can add new roles and define role hierarchies; however, having the admin module modify security.yml or some other config file seems like a bad idea.
This obviously would require that the ACLs can be stored in a database as well.
- Does anyone have any tips or documentation that might help with this?
- Is it a bad idea, performance wise?
I've been successful implementing this with Zend Framework in the past and was hoping to do the same with Symfony2.
回答1:
Perhaps you might want to have a look at FOSUserBundle
回答2:
The solution:
The following cookbook entry is about storing/retrieving users and roles to/from the database "How to load Security Users from the Database (the Entity Provider)" http://symfony.com/doc/current/cookbook/security/entity_provider.html
To make the long story short, your role and user entity classes have to implement RoleInterface and UserInterface / AdvancedUserInterface and you have to make some changes to your security.yml
回答3:
You would need to put the roles in the db, and map it using a many-to-many relation. Then build some admin on the roles. I wrote how to change the User to use m2m roles at http://blog.jmoz.co.uk/symfony2-fosuserbundle-role-entities. I haven't got as far as the role hierarchy so that is still stored in the config.
来源:https://stackoverflow.com/questions/8178862/symfony2-storing-users-roles-role-hierarchy-and-access-controls-in-database