News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Johannes Schmitt's Blog:
A New Killer Feature for Symfony2 Security
October 31, 2011 @ 14:26:08

Johannes Schmitt has a new post about his "killer feature" he's added to the security for Symfony2 framework (as a bundle) - a new customized expression-based query language that's compiled down to native PHP to make permissions checking simpler and faster.

If you have used the Symfony2 Security Component to any modest degree, you will know that we have a quite heavy voting system which uses attributes like "IS_AUTHENTICATED_FULLY" to make authorization decisions. [...] If you are concerned about performance, then you should not be all too generous with the isGranted() calls. The second option would work as well, but writing a new voter each time you need to make a new check does not really seem ideal either. Fortunately, we can do better.

He includes an example of this expression language in a direct isGranted() call, a string that checks to see if a user has three different roles, and a snippet showing the same thing in the docblock comment of a controller method. The second is a bit more complex, checking for an admin role or if the user is the one that should be deleted. You can find more doucmentation here.

0 comments voice your opinion now!
symfony2 framework security bundle expression language allow deny


blog comments powered by Disqus

Similar Posts

Dave Dash's Blog: Dynamically adjusting your page title in symfony

Zend Developer Zone: PHP Abstract Podcast Episode 19: Glue Frameworks vs. Full Stack Frameworks

Ed Finkler's Blog: What Matt Mullenweg doesn't know about PHP5, and how it hurts him and his users

Tim Koschuetzki's Blog: CakePHP 1.2 Manual

Christian Wenz's Blog: SANS Top-20 Internet Security Attack Targets (2006 Annual Update)


Community Events





Don't see your event here?
Let us know!


configure interview install release podcast code threedevsandamaybe series api language laravel wordpress developer introduction application bugfix community list library unittest

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework