Symfony2 - Current User Access to Route

Question

I have access_control setup in the security configuration of my Symfony app so, clearly, the application can detect if the current user has access for the current request (that works just fine). What I want to be able to is have the app figure out if the current user would have access to another request (eg. a different path or method) from a Controller action.

What is the proper way to do this in Symfony? I can hack together going through and accessing the FirewallContext of the current request and looking for the proper listener with the proper AccessMap but this is ugly and I fear that it will break easily. Any suggestions?

Answer 1

This question has gone unanswered for almost a week now so I've found a decent workaround solution in the meantime, if anyone finds this and wants to do something similar.

First of all, I pulled the functionality from AccessListener::handle(GetResponseEvent) out into a new class/method Authorization::checkAccess(Request) which takes a Request object instead of a GetResponseEvent .

Next (and the necessity of this depends on whether or not checkAccess differs from the way handle handles requests), I created a separate class to override AccessListener and use Authorization::checkAccess(Request) to do the checking (and swapped it out in the configuration by setting the security.access_listener.class parameter)

Next, setup a service in the configuration to construct an Authorization object with all of the parameters that are injected into the AccessListener .

Finally, in order to check a particular request, I use this slice of code in the controller:

$check = $this->getRequest()->duplicate();
$check->server->set('REQUEST_URI', $requestUri);
$check->setMethod('GET');
$this->get('my_access_control_service')->checkAccess($check);

I hope this helps someone out there...