Stack Overflow
Stack Overflow

Questions tagged [symfony4-voter]

20 questions
2
votes
2 answers

How to return extra information from a voter in Symfony4?

I have a voter that I use to check if the current user can access an object. The access can be refused for several reasons, and I would like to know which in the Controller. However, the voter can only return a boolean, same for isGranted() in the…
user153991
  • 135
  • 6
2
votes
2 answers

Doctrine QueryBuilder COUNT and Voters

I have some entities, for example Device entity with a voter allowing the current user to access or not some Devices. When searching for Devices, in order to filter, I user an array_filter function which is working well. But, I want to make some…
Julien FOURNIER
  • 107
  • 8
1
vote
0 answers

ApiPlatform - implement security authorization on subresource route

I'm using Symfony5 and ApiPlatform I have a User entity and a Product entity. I want to list all my user's products through a subressource, to do so I've implemented my user class as follow : /** * @ApiResource( * attributes={ * …
baronbrn
  • 89
  • 12
1
vote
0 answers

Symfony - Voter returns null object on /GET LIST

I'm working with Symfony5 and ApiPlatform with JWT implemented on the app. I have a classic /GET route, that returns only few field of all User entities by adding the dynamic group "anonym:read" to some property for unauthenticated users through a…
baronbrn
  • 89
  • 12
1
vote
1 answer

Symfony4 - How to filter EntityType Field with Voter

I need to filter options displayed in an EntityType Field with Voters. I have a User Entity which has some relations to CustomerGroup, CustomerEntity and CustomerSite. I have a Voter on, for example, Customer Group. I can filter the results…
Julien FOURNIER
  • 107
  • 8
1
vote
1 answer

Token storage contains no authentication token and denyAccessUnlessGranted()

I'm having an error: "The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL. Which is caused by denyAccessUnlessGranted() added to a controller. It happens on test…
Roman Newaza
  • 11,405
  • 11
  • 58
  • 89
0
votes
1 answer

How can I use OR logic in @Isgranted for Symfony 4.4

I'm in Symfony 4.4 My first permission is * @IsGranted( * ModulePermission::MODULE_MODERATOR, * subject="module", * ) My second permission is * @IsGranted( * ItemPermission::DELETE_ITEM, * subject="cm", * ) Every permission…
Boodyguard
  • 41
  • 4
0
votes
0 answers

Symfony RBAC - How to add into it programmatically in DDD?

I have written an RBAC (Role-based access control) implementation within my Symfony project a few days ago using Symfony Voters. This is my universal voter for checking if the member has the ability to, for example, create on a specific…
jabepa
  • 61
  • 5
0
votes
1 answer

Symfony - testing vote TokenInterface not invoked

I'm trying to write a PHPUnit test in my Symfony project for a Voter class. class CustomVoter extends Voter { private MyCustomRepository $myCustomRepository; public function __construct(MyCustomRepository $myCustomRepository) { …
yaraw69
  • 43
  • 5
0
votes
0 answers

Symfony - Voter usage on many entity classes

In my Symfony application I am using Voters for RBAC implementation. I am using it within API platform. For now I managed to make it work both on Collections and Item operations. The thing that concerns me is the code repetition. Could this be a bad…
yaraw69
  • 43
  • 5
0
votes
0 answers

Symfony 4 voter check role in html.twig

i created a custom voter it's name CustomVoter. I want to check user role in html.twig and if it has role i want to do something. My logged user has 'CAN_REMOVE' role that indicated in CustomVoter. Unfortunately it is not working or cannot see voter…
Erdem Nayir
  • 9
  • 1
0
votes
2 answers

TokenInterface $token->getUser() doesnt bring back an object

I am making CheeseListing RESTful API with ApiPlatform. I made a voter for my CheeseListing object: class CheeseListingVoter extends Voter { ... protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user =…
Gediminas
  • 87
  • 1
  • 13
0
votes
2 answers

ApiPlatform - implement authorization based on apiplatform filters

I'm using ApiPlatform and Symfony5 I placed a filter on the User entity to sort them by a boolean value of the class named $expose Use case: For the /users?expose=true route ROLE_USER can get list of every user with filter $expose set to true For…
baronbrn
  • 89
  • 12
0
votes
1 answer

Use Constant in API Platform Security Annotation

API Platform for Symfony allows you to use Voters in order to grant or deny access to your ressources, as described in their docs. However all example are using magic values, I would rather use class constants for this. Ex. /** * @ApiResource( * …
wawa
  • 4,816
  • 3
  • 29
  • 52
0
votes
0 answers

Symfony 4 Voter - Useable with dynamic permissions?

I need to implement a user permission system for my Symfony 4 application. All permissions and possible method calls are stored inside a separate database table, and there is also a cross-reference table which decides which of the CRUD operations…
SieGeL
  • 303
  • 2
  • 6
1
2