New expression language function: is_granted

[kleiram]

Using the is_granted expression language function allows users to check permissions for the active user while describing the HATEOAS serialization properties, i.e.:

/**
 * @Hateoas\Relation(
 *      "delete",
 *      href = @Hateoas\Route(
 *          "post_delete",
 *          parameters = { "id" = "expr(object.getId())" }
 *      ),
 *      exclusion = @Hateoas\Exclusion(
 *          excludeIf = "expr(not is_granted(['ROLE_ADMIN'])"
 *      )
 * )
 */
class Post
{
    // ...   
}

It is also possible to pass the object to the is_granted function:

/**
 * @Hateoas\Relation(
 *      "delete",
 *      href = @Hateoas\Route(
 *          "post_delete",
 *          parameters = { "id" = "expr(object.getId())" }
 *      ),
 *      exclusion = @Hateoas\Exclusion(
 *          excludeIf = "expr(not is_granted(['ROLE_ADMIN', object])"
 *      )
 * )
 */
class Post
{
    // ...   
}

This pull request fixes issue #29

[willdurand]

It would be nice to add documentation for this new function.

[kleiram]

I properly documented the is_granted function and put a little documentation for the service and parameter functions too (but haven't really added any examples).

[willdurand]

Great! Did you try your patch in your app?

Could you squash your commits?

[kleiram]

I tried it and it seemed to work just fine! And commits are squashed now.

[willdurand]

thank you!

[adrienbrault]

I think this should have been implemented in the library like the LinkExpressionFunction is (with ExpressionFunctionInterface) https://github.com/willdurand/Hateoas/blob/master/src/Hateoas/Expression/LinkExpressionFunction.php

[willdurand]

To me it is tied to Symfony..

[adrienbrault]

What if you use hateoas with silex ? What if you just use the component ?

[willdurand]

The security component? alone? :p

I get your point though, I thought about this before merging this PR. To me, it was ok to put this function here rather than into the core.

[adrienbrault]

Moving that to the lib is just a "refactoring", I'll do it when I have some time

On Thursday, July 17, 2014, William Durand notifications@github.com wrote:

The security component? alone? :p

I get your point though, I thought about this before merging this PR. To me, it was ok to put this function here rather than into the core.

— Reply to this email directly or view it on GitHub https://github.com/willdurand/BazingaHateoasBundle/pull/30#issuecomment-49358695 .

[willdurand]

We don't have to right now. We'll move that to the lib when it will be needed.

[kleiram]

Just my act's: I personally don't think it's necessary to move this into the lib. I think when this library is used in combination with the Security component it will be used in the context of the Symfony framework.

[sroze]

I agree with @kleiram