0

PREMISE: All users on the system need to have accepted an NDA and SLA and filled in a questionnaire.

CONDITIONS:
1) The entire system (from /) falls under the security firewall in order to determine whether a user is logged in or not.
2) Routes under ^/ is authenticated anonymously.
3) Routes under ^/portal/ required ROLE_USER.

IMPLEMENTATION: I would like to implement a custom checker on all routes under ^/portal/ (including /portal/, /portal/orders/, /portal/admin/, /portal/admin/orders/, etc) to check whether the user has accepted the NDA, and if not not redirect to a page where the user can accept the NDA, then check for SLA and then for the questionnaire.

QUESTION: Is there a way to implement this in Symfony2 so that a "Check" function gets called first and then continues on to the actual controller function for which the route is set up, other than manually calling the check function in every controller function for every route?

COMPLICATION: The NDA/SLA/QUESTIONNAIRE pages to which the user will be redirected, will need to fall under ^/portal/, so these must also be excluded from the check (either inside the check function or in some other manner) in order to avoid a continuous redirect.

Magnanimity
  • 1,293
  • 8
  • 24
  • 44
  • It sounds like there are three levels of user: anonymous, ROLE_USER, and ROLE_ACCEPTED (or some such). ROLE_USER when credentials are known, ROLE_ACCEPTED when NDA, SLA, questionnaire completed. Controllers can [check role](http://stackoverflow.com/questions/12287740/how-do-i-check-for-user-role-in-symfony2-for-urls-not-falling-under-patterns-def) – geoB Apr 14 '14 at 14:15
  • Hi geoB, it is just ROLE_USER. Within the USER entity, there are three boolean fields namely "nda_accepted", "sla_accepted" and "questionnaire_filled". I know I can check this manually within each controller function, but I am hoping that there is a way to "program" Symfony2 to check these fields and redirect accordingly before the actual controller function (linked to the respective routes) executes. – Magnanimity Apr 14 '14 at 14:55
  • AFAIK, the only place to redirect based on the state of an entity is a controller. – geoB Apr 14 '14 at 15:34

1 Answers1

0

To date, I found no "generic" framework-level implementation for this. The only solution I could implement was to create a "checker/redirector" controller function and call that in the beginning of each controller function for pages that I wished to redirect should the checks fail.

Magnanimity
  • 1,293
  • 8
  • 24
  • 44