The Symfony2 Security Component And Propel
If you’ve started to play with the awesome Symfony2 Security Component, you’ll
know that you can configure a provider to retrieve your users. Symfony2, and the
PropelBundle provide a propel provider, so you just need to add the following
configuration to your security.yml file:
# app/config/security.yml
providers:
main:
propel:
class: My\AwesomeBundle\Model\User
property: username
Your User class have to implement the UserInterface:
<?php
// src/My/AwesomeBundle/Model/User.php
use Symfony\Component\Security\Core\User\UserInterface;
class User extends BaseUser implements UserInterface
{
}
That’s all!
ACL implementation
The PropelBundle provides a model-based implementation of the Security components’ interfaces. To make use of this AuditableAclProvider you only need to change your security configuration.
security:
acl:
provider: propel.security.acl.provider
This will switch the provider to be the AuditableAclProvider of the PropelBundle.
The auditing of this provider is set to a sensible default. It will audit all ACL failures but no success by default. If you also want to audit successful authorizations, you need to update the auditing of the given ACL accordingly.
After adding the provider, you only need to run the propel:acl:init command in
order to get the model generated. If you already got an ACL database, the schema
of the PropelBundle is compatible with the default schema of Symfony2.
Separate database connection for ACL
In case you want to use a different database for your ACL than your business model, you only need to configure this service.
services:
propel.security.acl.connection:
class: Propel\Runtime\Connection\DebugPDO
factory_class: Propel\Runtime\Propel
factory_method: getConnection
arguments: [ "acl" ]
The PropelBundle looks for this service, and if given uses the provided
connection for all ACL related operations. The given argument (acl in the
example) is the name of the connection to use, as defined in your runtime
configuration.