0

I'm making entities for a Symfony2 project at work.

I'm trying to make a system that controls the access to certain resources in function of an organisation (a company) and of a role. To sum it up, roles are the same for all the companies, but a company may make a resource available for a role, as another may not want to.

As for resources, they represent some actions and contents, such as the creation of this, the edition of that, and so on...

I attempted to solve this problematic with the following entity. It represents a one to one to one relationship between my three entities Organisation, Role and Resource.

I wanted to know if that kind of relation was possible/good, or if there is another way to manage resources.

/**
 * @ORM\Entity
 */
class Organisation_Role_Resource
{
    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Organisation")
     */
    private $organisation;

    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Role")
     */
    private $role;

    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Resource")
     */
    private $resource;

Do you have any piece of advice on how to solve this problem?

Is there another/better way to represent resources (which are, in fact, pages and links) and to manage their access?

tshepang
  • 12,111
  • 21
  • 91
  • 136
Gabriel Theron
  • 1,346
  • 3
  • 20
  • 49

1 Answers1

1

While this might be quite valid approach you would be really reinventing the wheel.

Symfony2 has it all implemented already as 'Access Control Lists' or (ACL):

http://symfony.com/doc/current/cookbook/security/acl.html

Check it out.... I think it covers everything you need...

Jovan Perovic
  • 19,846
  • 5
  • 44
  • 85
  • Thank you for your answer. I had already read some things about the ACL, but I couldn't see if it actually covered what I needed. I will look into it though, thanks! – Gabriel Theron May 22 '12 at 14:29