Joshua Dalley Joshua Dalley - 5 months ago 28
PHP Question

Does Silex support custom user roles

I been playing with Silex for the past few weeks and I'm about to start a major stepping stone. Authentication has always caused me some trouble.

I been looking at documentations / examples for the past few days and I can't seem to find any answers to what I am seeking.

I can tell Silex supports ROLE_ADMIN and ROLE_USER but I don't see any ROLE_SUPER_ADMIN. Is it possible to modify the user provider/interface to handle this extra role and if so where could I find the proper documentation for it.

Answer

I believe that roles are "mostly" arbitrary in that you can define whatever role you want (like: ROLE_AWESOME_USER‍‍‍, etc...) but ROLE_USER and ROLE_ADMIN seem to be referenced in Symfony tests as well as the core UserInterface.php class.

The Silex documentation covering security should have most of what you need. There is also a pretty good example of a firewall setup in this so question here

Here is my default firewall config at current:

'security.firewalls' => array(
    'main' => array(
        'pattern' => '^/',
        'anonymous' => true,
        'form' => array(
            'login_path' => '/login',
            'check_path' => '/login_check',
            'username_parameter' => 'form[username]',
            'password_parameter' => 'form[password]',
            'form_login' => array(
                'csrf_provider' => 'form.csrf_provider',
            ),
        ),
        'logout' => array('logout_path' => '/logout'),
        'users' => array(
            'username' => array(
                '%security.role%',
                '%security.password%',
            ),
        ),
    ),
),
'security.role_hierarchy' => array(
    'ROLE_USER' => array(),
    'ROLE_ADMIN' => array('ROLE_USER'),
    'ROLE_SUPER_ADMIN' => array('ROLE_USER','ROLE_ADMIN','ROLE_ALLOWED_TO_SWITCH'),
),
'security.access_rules' => array(
    array('^/user', 'ROLE_USER'),
    array('^/admin', 'ROLE_ADMIN'),
    array('^/root', 'ROLE_SUPER_ADMIN'),
),