问题
Does Symfony Acl can implement Acl System like this: http://phpgacl.sourceforge.net/manual.pdf This's concept used by Joomla (http://www.aclmanager.net/).
After researching for weeks. I'm not sure Symfony Acl can make it or not. The key of difference in this case is permission with allow and deny value. Symfony's permission have not value (just mask key edit,delete, ...) but Phpgacl's permission have a value (edit:allow|deny...).
What I want? I want to break (grant new) some user's permission is granted to group or role. Example (probably not right please refer to phpgacl).
A. User_A have ROLE_X.
B. ROLE_X granted 'VIEW and EDIT' to some resource (object, class).
-- $acl->insertObjectAce($roleSecurityIdentity, $mask) // mask VIEW,EDIT
C. User_A deny `EDIT`
D. User_A have only `VIEW`.
---- and.
A. User_B have ROLE_X
B. User_B have `VIEW` and `EDIT`
来源:https://stackoverflow.com/questions/19431454/symfony-acl-implementation