Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
Symfony2
Message from discussion User Rights on Entity

View parsed - Show only message text

Received: by 10.58.221.132 with SMTP id qe4mr3623862vec.9.1349858766521;
        Wed, 10 Oct 2012 01:46:06 -0700 (PDT)
X-BeenThere: symfony2@googlegroups.com
Received: by 10.52.20.7 with SMTP id j7ls96973vde.0.gmail; Wed, 10 Oct 2012
 01:46:03 -0700 (PDT)
Received: by 10.52.34.205 with SMTP id b13mr3460921vdj.3.1349858763737;
        Wed, 10 Oct 2012 01:46:03 -0700 (PDT)
Date: Wed, 10 Oct 2012 01:46:03 -0700 (PDT)
From: Mitchel <mitchel.versch...@gmail.com>
To: symfony2@googlegroups.com
Message-Id: <5e45ffe2-3858-4bc3-8b5e-08ebde6114e9@googlegroups.com>
Subject: User Rights on Entity
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_85_2523631.1349858763524"

------=_Part_85_2523631.1349858763524
Content-Type: multipart/alternative; 
	boundary="----=_Part_86_1871804.1349858763524"

------=_Part_86_1871804.1349858763524
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Hi there,

Data from the database:

Class: MV\NameBundle\Entity\BlogComment
Identity MV\NameBundle\Entity\User-Pietje
ObjectId: 11
FieldName: 
Ace Order: 0
Mask: 128
Granting: 1
Granging Strategy: all

now if I check if the user can edit it (should be with mask 128 
(MASK_OWNER)).

if (false === $securityContext->isGranted('EDIT', $entity)){
     var_dump('can not edit blogComment ' . $entity->getId() );
} else {
     var_dump('can edit blogComment ' . $entity->getId() );
}

He's saying he can not, so I guess there is something wrong.

Now I was debugging and dont know what to do next:

Class:     Symfony\Component\Security\Acl\Domain
function :hasSufficientPermissions

I was looking to the:
143: if ($sid->equals($ace->getSecurityIdentity()) && 
$this->isAceApplicable($requiredMask, $ace)) {

This is where he should end in the if, but he won't because the 
$sid->equeals only the the role identitys and not the user one.
dump of the equals:

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*316*]
  *private* 'role' => string 'IS_AUTHENTICATED_ANONYMOUSLY' *(length=28)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*316*]
  *private* 'role' => string 'IS_AUTHENTICATED_ANONYMOUSLY' *(length=28)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*316*]
  *private* 'role' => string 'IS_AUTHENTICATED_ANONYMOUSLY' *(length=28)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*316*]
  *private* 'role' => string 'IS_AUTHENTICATED_ANONYMOUSLY' *(length=28)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*364*]
  *private* 'role' => string 'ROLE_ADMIN' *(length=10)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*364*]
  *private* 'role' => string 'ROLE_ADMIN' *(length=10)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*364*]
  *private* 'role' => string 'ROLE_ADMIN' *(length=10)*

*object*(*Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity*)[*364*]
  *private* 'role' => string 'ROLE_ADMIN' *(length=10)*

I don't see any users in this list, What wrong should he not check the users also?
Let me know if you can help me out.


Regards Mitchel



------=_Part_86_1871804.1349858763524
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi there,<br><br>Data from the database:<br><br>Class: MV\NameBundle\Entity=
\BlogComment<br>Identity MV\NameBundle\Entity\User-Pietje<br>ObjectId: 11<b=
r>FieldName: <br>Ace Order: 0<br>Mask: 128<br>Granting: 1<br>Granging Strat=
egy: all<br><br>now if I check if the user can edit it (should be with mask=
 128 (MASK_OWNER)).<br><br>if (false =3D=3D=3D $securityContext-&gt;isGrant=
ed('EDIT', $entity)){<br>&nbsp;&nbsp;&nbsp;&nbsp; var_dump('can not edit bl=
ogComment ' . $entity-&gt;getId() );<br>} else {<br>&nbsp;&nbsp;&nbsp;&nbsp=
; var_dump('can edit blogComment ' . $entity-&gt;getId() );<br>}<br><br>He'=
s saying he can not, so I guess there is something wrong.<br><br>Now I was =
debugging and dont know what to do next:<br><br>Class:&nbsp;&nbsp;&nbsp;&nb=
sp; Symfony\Component\Security\Acl\Domain<br>function :hasSufficientPermiss=
ions<br><br>I was looking to the:<br>143: if ($sid-&gt;equals($ace-&gt;getS=
ecurityIdentity()) &amp;&amp; $this-&gt;isAceApplicable($requiredMask, $ace=
)) {<br><br>This is where he should end in the if, but he won't because the=
 $sid-&gt;equeals only the the role identitys and not the user one.<br>dump=
 of the equals:<br><br><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object=
</b>(<i>Symfony\Component\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>=
316</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'IS_AUTHENTICATED_ANONYMOUSLY'</font> <i>=
(length=3D28)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>316</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'IS_AUTHENTICATED_ANONYMOUSLY'</font> <i>=
(length=3D28)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>316</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'IS_AUTHENTICATED_ANONYMOUSLY'</font> <i>=
(length=3D28)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>316</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'IS_AUTHENTICATED_ANONYMOUSLY'</font> <i>=
(length=3D28)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>364</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'ROLE_ADMIN'</font> <i>(length=3D10)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>364</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'ROLE_ADMIN'</font> <i>(length=3D10)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>364</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'ROLE_ADMIN'</font> <i>(length=3D10)</i>
</pre><pre class=3D"xdebug-var-dump" dir=3D"ltr"><b>object</b>(<i>Symfony\C=
omponent\Security\Acl\Domain\RoleSecurityIdentity</i>)[<i>364</i>]
  <i>private</i> 'role' <font color=3D"#888a85">=3D&gt;</font> <small>strin=
g</small> <font color=3D"#cc0000">'ROLE_ADMIN'</font> <i>(length=3D10)</i>
<br><br>I don't see any users in this list, What wrong should he not check =
the users also?<br>Let me know if you can help me out.<br><br><br>Regards M=
itchel<br></pre><br>
------=_Part_86_1871804.1349858763524--

------=_Part_85_2523631.1349858763524--

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google