Dynamically add new roles to Symfony2 users

Question

Is it possible to manualy update user roles with Symfony2?

In my application, users are able to handle many companies. For each of them, they have different rôles.

At login time, I'd like to give them the roles of their default company and when they switch of company, I'd like to remove the previous roles and add the ones of the new company.

I just answered similar question here - http://stackoverflow.com/questions/19713802 — dmnptr, Oct 31 '13 at 22:26

score 0 · Answer 1 · answered Oct 31 '13 at 16:02

Yes it is possible. But i wouldn't advise you to dynamically remove and add roles on an company switch as it could lead to an security issue. If you want to use the basic role system you could create roles prefixed by company name (this is an bad idea if you have many companies). Or upgrade your security context to use ACLs. Maybe the simplest solution is to create an user for each company with the same credentials (or no creadentials if you manage the user switch) and different roles.

As far as I can see you should consider developing an own role system that meets your multi company requirement.

What I don't like with ACLs is that they are checked in the code of each actions. Roles are set in the security config file so they can easily be checked and maintained. In my case I just need some simple roles for each user-company tuples (i.e.: COMPANY_ADMIN_ROLE, COMPANY_EMPLOYE_ROLE, COMPANY_SUPPLIER_ROLE and COMPANY_CLIENT_ROLE). — Sébastien, Oct 31 '13 at 18:23

Dynamically add new roles to Symfony2 users

1 Answers1