Using the built-in Matcher

Symfony provides a built-in matcher which can match paths and IPs. For example, if you want to only show the profiler when accessing the page with the 168.0.0.1 IP, then you can use this configuration:

1
2
3
4
5
6

# app/config/config.yml
framework:
    # ...
    profiler:
        matcher:
            ip: 168.0.0.1

1
2
3
4
5
6

<!-- app/config/config.xml -->
<framework:config>
    <framework:profiler
        ip="168.0.0.1"
    />
</framework:config>

1
2
3
4
5
6

// app/config/config.php
$container->loadFromExtension('framework', array(
    'profiler' => array(
        'ip' => '168.0.0.1',
    ),
));

You can also set a path option to define the path on which the profiler should be enabled. For instance, setting it to ^/admin/ will enable the profiler only for the /admin/ URLs.

Creating a custom Matcher

You can also create a custom matcher. This is a service that checks whether the profiler should be enabled or not. To create that service, create a class which implements RequestMatcherInterface. This interface requires one method: matches(). This method returns false to disable the profiler and true to enable the profiler.

To enable the profiler when a ROLE_SUPER_ADMIN is logged in, you can use something like:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

// src/AppBundle/Profiler/SuperAdminMatcher.php
namespace AppBundle\Profiler;

use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestMatcherInterface;

class SuperAdminMatcher implements RequestMatcherInterface
{
    protected $authorizationChecker;

    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
    {
        $this->authorizationChecker = $authorizationChecker;
    }

    public function matches(Request $request)
    {
        return $this->authorizationChecker->isGranted('ROLE_SUPER_ADMIN');
    }
}

Then, you need to configure the service:

1
2
3
4
5

# app/config/services.yml
services:
    app.profiler.matcher.super_admin:
        class: AppBundle\Profiler\SuperAdminMatcher
        arguments: ["@security.authorization_checker"]

1
2
3
4
5
6

<!-- app/config/services.xml -->
<services>
    <service id="app.profiler.matcher.super_admin"
        class="AppBundle\Profiler\SuperAdminMatcher">
        <argument type="service" id="security.authorization_checker" />
</services>

1
2
3
4
5
6
7
8

// app/config/services.php
use Symfony\Component\DependencyInjection\Definition;
use Symfony\Component\DependencyInjection\Reference;

$container->setDefinition('app.profiler.matcher.super_admin', new Definition(
    'AppBundle\Profiler\SuperAdminMatcher',
    array(new Reference('security.authorization_checker'))
);

Now the service is registered, the only thing left to do is configure the profiler to use this service as the matcher:

1
2
3
4
5
6

# app/config/config.yml
framework:
    # ...
    profiler:
        matcher:
            service: app.profiler.matcher.super_admin

1
2
3
4
5
6
7

<!-- app/config/config.xml -->
<framework:config>
    <!-- ... -->
    <framework:profiler
        service="app.profiler.matcher.super_admin"
    />
</framework:config>

1
2
3
4
5
6
7

// app/config/config.php
$container->loadFromExtension('framework', array(
    // ...
    'profiler' => array(
        'service' => 'app.profiler.matcher.super_admin',
    ),
));