Specify a different user when checking isGranted #57639

pauljura · 2024-07-04T00:46:41Z

Description

I like the idea of voters, but the problem is that they only work for the currently logged in user. I would like to perform access checks on behalf of other users.

Take the standard blog website as an example. Users have access to posts. But suppose I want to share a post with other users. I want to know whether Alice can view the post, to see if I can share it with her.

So instead of writing

if ($this->isGranted('view', $post)) { ... }

I want to write

if ($this->isGranted('view', $post, $user)) { ... }

Another use case would be for command line processes. For example, Bob requests to run a report that takes a long time. I have a command that runs in the background, and I want it to verify that Bob has access to the report he is requesting. I can't do that right now with voters.

Example

No response

The text was updated successfully, but these errors were encountered:

Seb33300 · 2024-07-04T04:28:36Z

Are you trying to impersonate an user?
https://symfony.com/doc/current/security/impersonating_user.html

wouterj · 2024-07-04T06:41:27Z

Hi! We've another issue about this topic already: #43372 So I'm going to close this one as duplicate.

xabbuh added Security Feature labels Jul 4, 2024

wouterj closed this as not planned Won't fix, can't repro, duplicate, stale Jul 4, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Specify a different user when checking isGranted #57639

Specify a different user when checking isGranted #57639

pauljura commented Jul 4, 2024

Seb33300 commented Jul 4, 2024

wouterj commented Jul 4, 2024

Specify a different user when checking isGranted #57639

Specify a different user when checking isGranted #57639

Comments

pauljura commented Jul 4, 2024

Description

Example

Seb33300 commented Jul 4, 2024

wouterj commented Jul 4, 2024