JDruery
commented
9 years ago I just realized, doing this would break everyone's voters, if they follow the example template in the symfony docs. For some reason, the examples use lowercase, instead of uppercase like in the ACL system. Perhaps I'm not understanding something here, or maybe no has tried to combine ACL and voters before. I'll likely extend or replace the BasicPermissionMap to make it work (unless someone suggests a better solution).
One solution would be to submit a pull request for symfony security component to make these constants case insensitive (just add strtoupper in the BasicPermissionMap methods that test the permission), but there could be reasons why this is also a bad idea! I tried making this change in my project and it works flawlessly, custom voters combined with acl system.
I wonder if the permission constants in ParamEntityFinder, LinkedResourcesSerializer, and ResourceObjectSerializer could be changed to all upper case ('VIEW' instead of 'view'). This would make it compatible with the constants defined in BasicPermissionMap in the Symfony ACL system. That way, the ACL system (and the default permission map) could be used in combination with custom voters. In my use case, I'd like a few of the entity classes to be granted permission via the ACL, and others with custom voters. Thanks for considering this.