1

In the class vendor\friendsofsymfony\user-bundle\Model\User.php it's said that 

/**
 * Never use this to check if this user has access to anything!
 *
 * Use the SecurityContext, or an implementation of AccessDecisionManager
 * instead, e.g.
 *
 *         $securityContext->isGranted('ROLE_USER');
 *
 * @param string $role
 *
 * @return boolean
 */
public function hasRole($role)
{
    return in_array(strtoupper($role), $this->getRoles(), true);
}

but isGranted return the role on actual user

        $data = $form->getData();
        $user = new User();
        $user->setUsername($data->getUsername());
        $user->setExpiresAt($data->getExpiresAt());
        $user->setName($data->getName());
        $user->setPassword($data->getPassword());
        $user->setEmail($data->getEmail());
        $user->setCredentialsExpired($data->isCredentialsExpired());
        $user->setRoles(array('ROLE_NEW'));
        $em->persist($user);
        $em->flush();
        // return false
        var_dump(
        $this->get('security.context')>isGranted('ROLE_NEW',$user));

how do i check "isGranted" for a specific user ?

spinoza
  • 196
  • 4
  • 18

3 Answers3

1

Which version are you using?. In the most recent versions you must do it this way:

 if ($this->get('security.authorization_checker')-isGranted('ROLE_NEW'))
Hernan
  • 101
  • 1
  • 1
  • 7
  • tested with 'authorization_checker' not working too. – spinoza Sep 02 '15 at 17:55
  • 1
    Correct syntax is: `if ($this->get('security.authorization_checker')->isGranted('ROLE_NEW'))` Could not correct the Answer because an edit needs at least 6 characters. But this version works for me. – dStulle Oct 11 '17 at 12:18
1

Just simply:

// $specific_user = get specific user from db.
if (in_array('ROLE_SPECIFIC_ROLE', $specific_user->getRoles()))
{
    // Make specific operation on specific user
}
malcolm
  • 5,486
  • 26
  • 45
  • In the class User.php, it says /** * Never use this to check if this user has access to anything! * * Use the SecurityContext, or an implementation of AccessDecisionManager * instead, e.g. * * $securityContext->isGranted('ROLE_USER'); * – spinoza Sep 03 '15 at 07:24
  • It's not used for access to anything, you said that you want check not actual user. Security context is used only for actual user. If you want to allow access for specific user how you do that? Just simply you must add role to him `$user->addRole('ROLE_EDITOR')` and check with security context that actual user have access to resource `$this->get('security.authorization_checker')-isGranted('ROLE_EDITOR')`. – malcolm Sep 03 '15 at 07:35
0

EDIT: I probably misread your question. If you want to check permissions for a specific user, see here: Check if a role is granted for a specific user in Symfony2 ACL

Original answer

You should first get an instance of the specific User you want to check, using the UserManager provided by FOSUserBundle. Then you can check isGranted on that specific user.

You may use, for example:

$userManager = $this->get('fos_user.user_manager');
$user = $userManager->findUserByUsername('foobar'));

In the source you may find several methods to find users, including a generic findUserBy()

Community
  • 1
  • 1
MarcoReni
  • 468
  • 5
  • 14