Multi-layered permissions in Symfony
Question
I'm trying to implement a service which allows users to create "organizations" as subdomains. I want my users to allow inviting people to invite them to their "organization", eg orgname.exampleapp.com.
As I have a fair bit of familiarity with Symfony, I'd like to use it to build this project. I've read a fair bit of documentation on roles, groups, voters, etc. but I can't quite piece it together. Therefore my question:
How would I best approach building a permission system in Symfony 2.6+ matching this criteria:
- Users should register on a main page, eg
example.com - Users should be able to create organizations, which get assigned a subdomain (eg
orgname.exampleapp.com) - Users should be able to invite people to organizations.
- Users should be able to put people into groups for a specific organization.
- Users should be able to assign permissions to groups for a specific organization.
I have control over the servers I intend to run this on, so I am not opposed to constructs that use an SSO or require provisioning an own virtual machine / cloud server / etc.
1 answers
solution1
1 ACCPTED 2015-07-09 12:05:24
Voters suits your requirements just fine. They're simple and allows to validate complex rules.
In my personal experience, it's about changing mindset from typical ACL approach. Saying that, I recommend you checking these slides with comparison of ACL and Voters , where it's nicely explained.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.