Reputation: 1275
Multi-layered permissions in Symfony
I'm trying to implement a service which allows users to create "organizations" as subdomains. I want my users to allow inviting people to invite them to their "organization", e.g. orgname.exampleapp.com.
As I have a fair bit of familiarity with Symfony, I'd like to use it to build this project. I've read a fair bit of documentation on roles, groups, voters, etc. but I can't quite piece it together. Therefore my question:
How would I best approach building a permission system in Symfony 2.6+ matching this criteria:
- Users should register on a main page, e.g.
example.com - Users should be able to create organizations, which get assigned a subdomain (e.g.
orgname.exampleapp.com) - Users should be able to invite people to organizations.
- Users should be able to put people into groups for a specific organization.
- Users should be able to assign permissions to groups for a specific organization.
I have control over the servers I intend to run this on, so I am not opposed to constructs that use an SSO or require provisioning an own virtual machine / cloud server / etc.
Upvotes: 1
Views: 126
Answers (1)
Reputation: 24298
Voters suits your requirements just fine. They're simple and allows to validate complex rules.
In my personal experience, it's about changing mindset from typical ACL approach. Saying that, I recommend you checking these slides with comparison of ACL and Voters, where it's nicely explained.
Upvotes: 1
Related Questions
- Symfony2 - ACL & ROLES
- Symfony2 access control with multiple role requirement
- Symfony 2 - ACL check permission based on 'separate' roles
- How to make a permission system like the following with Symfony 2?
- How to implement role / resources ACL in Symfony2
- Symfony 2 ACL and Role Hierarchy
- Symfony complex acl based on dynamic roles and permissions
- Symfony security roles
- Symfony2 extend ACL with additional Permissions
- How to make advanced ACL in Symfony2?