I'm securing an action in security.yml. I want the user to have access if he has credentials (A and B) OR (A and C). Looking at the rather sparse docs I tried these combinations:
myaction:
credentials: [[A, B], [A, C]]
credentials: [[[A, B], [A, C]]]
credentials: [A, [B, C]]
None of them work; [A, B]
works, but that's only half the battle. Has anyone got something like this to work?
I'm using Propel 1.4.2 and sfActionCredentialsGetterPlugin. Thanks for your input.
Edit:
I did my testing without using the sfActionCredentialsGetterPlugin, just straight php in a template:
<?php $sf_user->addCredentials('A', 'C'); ?>
<?php var_dump($sf_user->getCredentials()->getRawValue()) ?><br><br><br>
<?php $cred_a = 'A'; ?>
<?php $cred_b = 'B'; ?>
<?php $cred_c = 'C'; ?>
<?php $cred_3 = array('B', 'C'); ?>
<?php $has_cred1 = $sf_user->hasCredential(array($cred_a, $cred_3)) ? 'true' : 'false' ?>
<?php $has_cred2 = $sf_user->hasCredential($cred_a, $cred_b) ? 'true' : 'false' ?>
<?php echo 'has cred1? '.$has_cred1 ?><br><br>
<?php echo 'has cred2? '.$has_cred2 ?><br><br>
I'm not getting anywhere.
There's a bit more info here: http://www.symfony-project.org/gentle-introduction/1_4/en/06-Inside-the-Controller-Layer#chapter_06_sub_complex_credentials
According to that, my third try above [A, [B, C]]
should work!
Anyone?
Edit 2:
I tried a simple OR combination copied from the docs:
// security.yml:
credentials: [[A, B]]
// template:
$sf_user->hasCredential(array('A', 'B'), false)
Again, no dice. I posted a bugreport: http://trac.symfony-project.org/ticket/10036
I will post my temporary workaround as an answer here. Thanks guys.
I need to move on to other things, so I'm posting my workaround to this issue here.
lib/Tools.class.php:
apps/mymodule/actions/actions.class.php:
This function is used to check action permissions and in the templates to hide inaccessible menus. Hope it helps someone with the same issue.
I'd still be glad to hear from anyone with a real answer!