我认为我已经按照所有步骤创建了一个选民,允许用户只编辑他们创建的对象。
1)app / config / services.yml
wars.profesorbundle.security.ownervoter :
class: Wars\ProfesorBundle\Security\OwnerVoter
2)OwnerVoter.php
<?php
namespace Wars\ProfesorBundle\Security ;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface ;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface ;
class OwnerVoter implements VoterInterface
{
public function supportsAttribute($attribute )
{
return 'ROLE_EDITAR_MENSAJE' == $attribute;
}
public function supportsClass( $class )
{
return true;
}
public function vote(TokenInterface $token, $object, array $attributes)
{
$vote = VoterInterface::ACCESS_ABSTAIN;
foreach ($attributes as $attribute ) {
if (false === $this->supportsAttribute($attribute)) {
continue;
}
$user = $token->getUser();
$vote = VoterInterface::ACCESS_DENIED;
/ / Check that the message being edited was published by the same teacher
if ($object->getProfesor()->getId() === $user->getId()) {
$vote = VoterInterface::ACCESS_GRANTED ;
}
}
return $vote;
}
}
我不知道错误在哪里,因为我总是得到一个拒绝例外:
if (false === $this->get('security.context')->isGranted('ROLE_EDITAR_MENSAJE', $panel))
答案 0 :(得分:1)
问题发生在app / config / config.yml中。我忘了导入app / config / services.yml:
// config.yml
进口:
- {services.yml}