Development

TracTickets

You must first sign up to be able to contribute.

Version 1 (modified by wowo, 9 years ago)
--

I'm using latest sfDoctrineGuardUser. When I'm trying to get users permissions, I'm getting only those, which are assigned to the user directly, but groups permissions, in which he is, are ommited.

For example we have user john, he is in groups moderators and admins, group moderatrs has permission block_user, group admins has permission delete_user, and john has permission write_articles.

$john->hasPermission('delete_user') and $john->hasPermission('block_user') returns false,
$john->hasPermission('write_articles') returns true,
array_keys($john->getAllPermissions()) returns array('write_articles','block_user','delete_user')

The solution for me is to override sfGuardSecuirtyUser::hasPermissions in this way:

  public function hasPermission($name)
  {
    if ( !($guardUser = $this->getGuardUser()) ) {
      return false;
    }
    $guardUser->loadGroupsAndPermissions();
    return isset($guardUser->allPermissions[$name]); //use allPermissions instead of permissions array
  }