Using SecurityRoles in excludeif...

[qooplmao]

At present I, as I assume a lot of people have different permission for those that can view compared to those that can view, update, delete. I prefer the idea of stating what is possible early on rather than bouncing people back. Would it be possible to to include an 'is_granted' permission in the exclude if like

/**

• ... *
• @Hateoas\Relation(
• "manager",
• href = "expr('/api/users/' ~ object.getManager().getId())",
• embedded = "expr(object.getManager())",
• exclusion = @Hateoas\Exclusion(excludeIf = "!security_context.is_granted([ROLE_SOMETHING])")
• ) */

[willdurand]

you should be able to use the service() function in an expression. So I guess this expression should work:

@Hateoas\Exclusion(excludeIf = "expr(service('security.context').isGranted([ ROLE_SOMETHING ]))")

[qooplmao]

Well then I feel like an idiot. Sorry man.

[willdurand]

@qooplmao I reopen the issue. Let me know if it works first.

[adrienbrault]

Wow, never thought of that ... that's pretty awesome :+1:

[qooplmao]

Sorry for the delay.. Christmas and that.

It seems I can't get it to work but I'm assuming it's with how I am setting it up/using it.

If I use $hateoas = HateoasBuilder::create()..->build() and $hateoas->serialize() then I get 'The function "service" does not exist around position 1.' If I use $this->container->get('serializer')->serialize() then I get "Undefined index: container in ../Symfony/Component/DependencyInjection/ExpressionLanguage.php line 33"

Also data in the PagerfantaFactory comes out as _embedded rather than as a collection but that's another issue.

[willdurand]

You should use: $this->container->get('serializer')->serialize(), but the issue comes from symfony itself obviously... /cc @fabpot

[willdurand]

let me setup a test case.

[qooplmao]

I was thinking that (usage wise).

Will be interested to see any results from a test case.

[willdurand]

Oh. I know. Which Symfony version are you using? I am pretty sure it does not work with Symfony < 2.4... because of the ContainerBuilder.

[willdurand]

Well no, unfortunately it works fine. See:

• https://github.com/willdurand/BazingaHateoasBundle/commit/547dbc8e5a3c4b15395dacf2130dbacc6a238382
• https://travis-ci.org/willdurand/BazingaHateoasBundle/builds/16231762

[qooplmao]

Managed to get it to work as expected. I was using version 0.1.1 which gave the issues above with Symfony 2.4. Updated to dev-master and it is working a treat, also downgraded to 2.3 for LTS and it's still good. I feel I probably should have realised this earlier.

Thanks a lot for looking at it.

[willdurand]

cool, I just tagged 0.2.0.