Symfony:将用户角色存储在可以由特权更高的用户创建和更改的位置

时间:2018-10-11 20:14:31

标签: php user-roles symfony-3.4 symfony-security

根据这段symfony的documentation告诉您如何从数据库存储和加载用户。但是我有一个问题,假设有一个角色为ROLE_ADMIN的用户,并且具有创建新应用程序角色的能力,例如ROLE_USER_ADMIN

另外,存储用户的实体如下:

namespace AppBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Validator\Constraints as Assert;


/**
 * @ORM\Table(name="users")
 * @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true, nullable=true)
     */
    private $displayName;

    /**
     * @ORM\Column(type="string", length=64, nullable=true)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=254, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;


    public function __construct()
    {
        $this->isActive = false;
        // may not be needed, see section on salt below
        // $this->salt = md5(uniqid('', true));
    }

    public function getDisplayName()
    {
        return $this->displayName;
    }

    public function getSalt()
    {
        // you *may* need a real salt depending on your encoder
        // see section on salt below
        return null;
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getRoles()
    {
        return array('ROLE_USER');
    }

    public function eraseCredentials()
    {
    }

    public function isAccountNonExpired()
    {
          return true;
    }

    public function isAccountNonLocked()
    {
        return true;
    }

    public function isCredentialsNonExpired()
    {
        return !empty($this->password);
    }

    public function isEnabled()
    {
          return $this->isActive && !empty($this->password);
    }


    /** @see \Serializable::serialize() */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->$displayName,
            $this->password,
            $this->email,
            $this->isActive,
            // see section on salt below
            // $this->salt,
        ));
    }

    /** @see \Serializable::unserialize() */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->$displayName,
            $this->password,
            $this->email,
            $this->isActive,
            // see section on salt below
            // $this->salt
        ) = unserialize($serialized, array('allowed_classes' => false));
    }
}

问题是如何存储角色?它应该是另一个表还是存储为字符串数组?如果角色在不同的表中,getRoles将如何作为表返回?

0 个答案:

没有答案