Posts tagged 'symfony2'

Defining multiple security rules in XML format for Symfony2

published on August 25, 2011.

This one falls into a category of bogus Symfony2 documentation. Or inconsistent behavior. Or whatever. It’s a bit frustrating.

I’ve chosen to use XML to define different settings across my sf2 apps: routing, ORM, services and of course security.

Symfony2’s security stuff let’s you define rules based on URL matching witch is, to some extent, explained in the documentation. The examples for YAML works fine, but for XML it’s kinda bogus.

The example says:

    <rule path="^/admin/users" role="ROLE_SUPER_ADMIN"></rule>
    <rule path="^/admin" role="ROLE_ADMIN"></rule>

which will actually die in a fire with an ugly as hell exception: InvalidConfigurationException: Unrecognized options “0, 1” under “security.access_control.rule". Thanks, that’s helpful. The funny thing is that if you have only one rule defined, it works!

After an hour of hunting up and down, I finally found the solution in the test fixtures of the SecurityBundle!

The solution is to omit the access-control tags:

<rule path="^/admin/users" role="ROLE_SUPER_ADMIN"></rule>
<rule path="^/admin" role="ROLE_ADMIN"></rule>

I thought about submitting an issue against the code, but as the fixtures use this format, I’ll open up a ticket against the docs. A real WTF moment.

Happy hackin’!

Update, August 26th, 2011:

Defining roles suffers from the same bug. So, instead of using:

    <role id="ROLE_ADMIN" >Admin</role>
    <role id="ROLE_SUPER_ADMIN">Super admin</role>


<role id="ROLE_ADMIN" >Admin</role>
<role id="ROLE_SUPER_ADMIN">Super admin</role>
Tags: rule, security, symfony2, xml.
Categories: Development, Programming.

Importing Symfony2 security settings from a bundle

published on August 25, 2011.

I started to work on/figuring out the security part in Symfony2 and one part where the docs fail so far is to explain how to import security settings from a bundle.

Once I put some thinking into it, it’s pretty easy actually. Simply import the needed security file in your main config file. Something like this will work:

# app/config/config.yml
    - { resource: parameters.ini }
    - { resource: '@AcmeDemoBundle/Resources/config/security.xml' }

where the security.xml file is the same as already described in the documentation.

Happy hackin’!

P.S.: Bonus tip: When googling for symfony2 stuff, start your query with +symfony2 to include only symfony2 results. Makes life a bit easier.

Robert Basic

Robert Basic

Software developer making web applications better.

Let's work together!

I would like to help you make your web application better.

Robert Basic © 2008 — 2020
Get the feed