How can I check if the role of a user is not registered by the user?

Question

How can I check if the role of a user is not registered by the user?

I have a situation where I need to check the roles for a user who is not logged in.

I initially simply requested the users table roles field to see if the given role was contained, but this does not take into account the role of the hierarchy. For example, if the user is provided with ROLE_ADMIN , they will also have ROLE_USER . However, you will not see ROLE_USER in the database, since in this case it is included in ROLE_ADMIN .

I am a little unfamiliar with the inner workings of the Symfony2 security mechanism - I would like to “layout” the token for the user (based on their username), but I'm not sure how to do this, or even if it is possible. I was digging a security component but have not yet found a solution.

Can I check the roles of a user who is not registered?

+2

php symfony roles

Steven mercantante Mar 2 '12 at 19:56

source share

1 answer

Mun Mun Das · Accepted Answer · 2012-03-03T00:15:06+0000

For a list of the roles that users have, see this code.

 use Symfony\Component\Security\Core\Role\Role; use Symfony\Component\Security\Core\Role\RoleHierarchy; //.... $roleHierarchy = new RoleHierarchy($this->container->getParameter('security.role_hierarchy.roles')); $userRoles = array(new Role('ROLE_ADMIN')); // Or $securityContext->getToken()->getRoles() $reachableRoles = $roleHierarchy->getReachableRoles($userRoles);

How can I check if the role of a user is not registered by the user?

More articles: