17

I would like to know how can i know if a user is granted when it's not the current user in twig.

I use this code for the current user:

{% if is_granted('ROLE_USER') %}
    <a href="...">Delete</a>
{% endif %}

But i would like to be able to do the same thing with ohter users that are not logged in at the moment. Thank you.

Edit: In fact i think there isn't a direct way with twig to test role of a user that is not authenticated. So i did it directly in the twig template, test if a user is admin or not, then set var. (in my question i was searching how to do in a list of users.)

{% set from_user_is_admin = false %}
{% for role in from_user.getRoles() %} 
    {% if role == 'ROLE_ADMIN' %}{% set from_user_admin = true %}{% endif %}
    {% if role == 'ROLE_SUPER_ADMIN' %}{% set from_user_admin = true %}{% endif %}
{% endfor %}
{% if from_user_admin == false %}THIS USER IS NOT ADMIN{% endif %}
Rmannn
  • 1,335
  • 1
  • 13
  • 18

4 Answers4

18

I think it would be much easier if you implemented an isGranted function in the User entity:

Class User implements UserInterface {
    ...
    public function isGranted($role)
    {
        return in_array($role, $this->getRoles());
    }
}

You can now easily check for granted roles in every layer of your application. In PHP:

$user->isGranted("USER_ADMIN")

Or in Twig: 

user.granted("USER_ADMIN")

If you need to check a role for the current user, you can do this in Twig:

app.user.granted("USER_ADMIN")

Note: the variable "app" is globally defined.

Note 2: this code may throw an exception if you use it outside the secured area of your app, since app.user would be NULL.

Webberig
  • 2,746
  • 1
  • 23
  • 19
7

You can use similar statement to the above with "not" :

{% if not is_granted('ROLE_USER') %}
    <a href="...">Delete</a>
{% endif %}

or use else statement: 

{% if is_granted('ROLE_USER') %}
    <a href="...">Delete</a>
{% else %}
    {# something else for guest user, not logged in #}
{% endif %}
Krzysztof Lenda
  • 398
  • 3
  • 8
  • 4
    Yes i know that funtion, but is_granted is testing the current user. The thing i would like to know is doing the same thing form a user object that is not the current user. I edit my question to put the way i did it. Thanks anyway. – Rmannn Jan 31 '12 at 14:13
4

You should create either a twig macro, or a twig function.

Creating a macro is very simple, using your code:

{% macro admin_status(from_user) %}
  {% set from_user_is_admin = false %}
  {% for role in from_user.getRoles() %} 
      {% if role == 'ROLE_ADMIN' %}{% set from_user_admin = true %}{% endif %}
      {% if role == 'ROLE_SUPER_ADMIN' %}{% set from_user_admin = true %}{% endif %}
  {% endfor %}
  {% if from_user_admin == false %}THIS USER IS NOT ADMIN{% endif %}
{% endmacro %}

You can then use it in the same file as {% _self.admin_status(user) %}. You may also move it to a separate file, and use twig's import tag to gain access to it.

Creating a twig function is a better option, for details see extending twig. It boils down to creating a regular function, that may be called from twig, so code like this becomes possible:

{% if user_is_admin(user) %}

You'll also need to read enabling custom twig extensions.

Maerlyn
  • 33,687
  • 18
  • 94
  • 85
  • WOw, Thank you very much, I can put that code in a twig template, include it, then reuse the code ! – Rmannn Feb 22 '12 at 05:01
1

i did it this way, have this snippet in the global twig file, in my case layout.html.twig

{% set is_admin = false %}
{% if app.security.token.user.roles is iterable %}
    {% for role in app.security.token.user.roles %}
        {% if role == 'ROLE_ADMIN' or role == 'ROLE_SUPER_ADMIN'  %}
            {% set is_admin = true %}
        {% endif %}
    {% endfor %}
{% endif %}

then i can use anywhere

{% if is_admin %}....{% endif %}
Steffen Kamper
  • 172
  • 1
  • 2
  • 10