Use Security Voters instead of roles

lexik / LexikWorkflowBundle

Simple workflow bundle for Symfony2

MIT License

126 stars 29 forks source link

Use Security Voters instead of roles #34

Closed stephanvierkant closed 4 years ago

stephanvierkant commented 7 years ago

Having a roles attribute is an easy way to check permissions, but has some limitations. What if you want to allow users to edit their own posts/comments/whatever?

I think the Security Voters are the perfect way to check if a user has permissions to change the state of an object.

What about adding Security Voters to this bundle?

cedric-g commented 7 years ago

Hi, you can create your own voter that support a custom attribute, then use this attribute in the step definition. Let's say your voter support the IS_OWNER attribute, you can do:

lexik_workflow:
    processes:
        post_publication:
            # ...
            steps:
                published:
                    label: "Post published"
                    roles: [ IS_OWNER ]
                    # ...