Reputation: 784
Check specific user permission in a twig view
In a TWIG view of my Symfony 5 project, I have the following piece of code :
<table class="table table-hover table-striped datatable">
<thead>
<tr>
<th>ID</th>
<th>Username</th>
<th>Email</th>
<th>Created at</th>
</tr>
</thead>
<tbody>
{% for user in users %}
<tr>
<td>{{ user.id }}</td>
<td>{{ user.name }}</td>
<td>{{ user.email }}</td>
<td>{{ user.createdAt|date('d/m/Y H:i') }}</td>
</tr>
{% endfor %}
</tbody>
</table>
Nothing impressive. I wanted to know if there was a way to check if the user in my loop has a specific role, let's say ROLE_STAFF (More precisely, I want to check it against the hierarchy. If he has a role that "inherits" ROLE_STAFF, it should also satisfy the condition). I have seen this post but it's quite old, and I'm hoping maybe something has been implemented since the moment it was written.
I tried injecting the AccessDecisionManagerInterface in my User entity without any good result. My method (thereafter) does not work because $this->decisionManager is null. I guess it has not been injected properly. I inject it by the constructor :
public function __construct(AccessDecisionManagerInterface $decisionManager)
{
$this->decisionManager = $decisionManager;
}
public function hasRolePermissions(string $role)
{
$decisionManager = new AccessDecisionManager();
$token = new UsernamePasswordToken($this, '', '', $this->getRoles());
return $this->decisionManager->decide($token, [$role]);
}
Although a solution that does not use isGranted, like a service, or an injection, is perfectly acceptable to me, I would prefer to keep it simple. I was planning to build a twig function, but I would like to know if I'm reinventing the wheel or not. This seems a common enough issue, so I hope there is some built-in functionality I'm not aware of.
Upvotes: 1
Views: 1041
Answers (1)
Reputation: 41934
You can use the RoleHierarchy class to find all "reachable" roles for a current user.
In the Symfony framework, this class is available as the security.role_hierarchy service (autowirable as Symfony\Component\Security\Core\Role\RoleHierarchyInterface).
// check for ROLE_STAFF while taking the role hierarchy into account
$isStaff = in_array(
'ROLE_STAFF',
$roleHierarchy->getReachableRoles($user->getRoles())
);
You can write a custom Twig extension (e.g. a custom Twig test) to be able to do this in your templates.
Upvotes: 1
Related Questions
- Twig is_granted() with array of roles
- Check if other user is granted than the active one
- Check if a role is granted for a specific user in Symfony2 ACL
- Twig: if is_granted('ROLE_MANAGER') check is not granted
- Symfony2 check if user has access to url inside Twig
- How to check required user role
- Symfony2 - How to only show specific elements to ROLE_USER
- Symfony2: How to hide link in Twig based on permissions
- How can I check other users or role permissions in the template? symfony2
- Symfony2 security functions in Twig? How to check the user's role?