Skip to content
ACL Manager for Symfony2
Latest commit a4382d1 Mar 11, 2016 @Problematic Merge pull request #38 from taylankasap/patch-1
Fixed MaskBuilder case in readme
Failed to load latest commit information.
DependencyInjection create DI extension to load services automatically Jun 23, 2011
Model A try to add field support to AclManager Oct 10, 2013
.gitignore clean out .gitignore Sep 13, 2011
LICENSE add explict MIT license - copied from the Symfony project. Sep 24, 2014
ProblematicAclManagerBundle.php Fixed MaskBuilder case in readme Mar 11, 2016


Add this bundle to your composer.json file:

    "require": {
        "problematic/acl-manager-bundle": "dev-master"

Register the bundle in app/AppKernel.php:


// app/AppKernel.php
public function registerBundles()
    return array(
        // ...
        new Problematic\AclManagerBundle\ProblematicAclManagerBundle(),

If you haven't configured the ACL enable it in app/config/security.yml:

# app/config/security.yml
        connection: default

Finally run the ACL init command

php app/console init:acl



$comment = new Comment(); // create some entity
// ... do work on entity

$em->flush(); // entity must be persisted and flushed before AclManager can act on it (needs identifier)
$aclManager = $this->get('problematic.acl_manager');

// Adds a permission no matter what other permissions existed before
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
// Or:
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER);
// Replaces all current permissions with this new one
$aclManager->setObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokePermission($comment, MaskBuilder::MASK_DELETE, $userEntity);
$aclManager->revokeAllObjectPermissions($comment, $userEntity);

// Same with class permissions:
$aclManager->addClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->setClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokePermission($comment, MaskBuilder::MASK_DELETE, $userEntity, 'class');
$aclManager->revokeAllClassPermissions($comment, $userEntity);

// You can alse use object-field...
$aclManager->addObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->setObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->revokeFieldPermission($comment,, 'title' MaskBuilder::MASK_DELETE, $userEntity);
$aclManager->revokeAllObjectFieldPermissions($comment, 'title', $userEntity);
// ...and class-field scope permissions :
$aclManager->addClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->setClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->revokeFieldPermission($comment,, 'title' MaskBuilder::MASK_DELETE, $userEntity, 'class');
$aclManager->revokeAllClassFieldPermissions($comment, 'title', $userEntity);


If no $userEntity is provided, the current session user will be used instead.

If you'll be doing work on a lot of entities, use AclManager#preloadAcls():


$products = $repo->findAll();

$aclManager = $this->get('problematic.acl_manager');

// ... carry on
Something went wrong with that request. Please try again.