SymfonyWorld Online 2021 Winter Edition December 9 – 10, 2021 100% Online +20 talks and workshops

New in Symfony 2.7: Inherited security roles in the web profiler

Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.

Contributed by
Peter Rehm
in #12896.

Symfony 2.6 was released less than a month ago, but we are already working hard on new features for Symfony 2.7. The first significant new feature is related to hierarchical security roles.

In Symfony applications, you can define a hierarchy of security roles to avoid associating many roles to users. Consider the following simple example:

# app/config/security.yml

This configuration tells Symfony that whenever a user is granted with the ROLE_ADMIN role, he/she is implicitly granted the ROLE_USER, FEATURE_ALPHA and ROLE_ALLOWED_TO_SWITCH roles too.

However, when you browse the Security panel of the Symfony Profiler, you can only see the user's roles but not the inherited roles. Since this last information is very useful, in Symfony 2.7 you'll get the full security role information for the user, including the direct roles and the inherited ones:

Symfony 2.7 Hierarchical Security Roles
Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Great one!
A neat little one. Thanks
Great ! I've been waiting a long time for this kind of feature ! :+1:
Finally :)

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.