Secure Entire Class #50

Closed
d00001 opened this Issue Mar 11, 2012 · 4 comments

Comments

Projects
None yet
4 participants

d00001 commented Mar 11, 2012

Is it possible to secure an entire class. I tried looking for a discussion in this topic but I couln't find anything. Is there any reason why this has not implemented? I can work on a PR but I would like to know first if there is anything I should know?

/**
@secure(roles="ROLE_USER")
*
/
class MyClass
{
}

Owner

schmittjoh commented May 15, 2012

We could add that. Apart from a slight performance impact, I can't see a reason against this.

This feature would be quite handy for me as well, especially if it supported cascading permissions (i.e. specify that all actions on a controller require a certain role, but one or two actions require additional roles).

It's not exactly difficult to add them by hand, but it would be very handy for rapid application development.

Owner

schmittjoh commented Jul 30, 2012

@PreAuthorize can now be used on class-level.

/** @PreAuthorize("hasRole('A') or (hasRole('B') and hasRole('C'))") */
class MyService
{

public function secureMethod()
{
    // ...
}

}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment