Mattia Mariselli mariselli

## README.md

      
              3 files
            
          
              1 fork
            
          
              2 comments
            
          
              8 stars
            
          
                dbu
                / README.md
            
            
              Last active
              January 13, 2016 13:53
            
              
                Symfony2: Role Hierarchy check independent of firewall
              
          
    We needed to decide whether a user loaded from FOSUserBundle is granted a specific role. Because of the role hierarchy, this is not as simple as doing in_array($role, $user->getRoles()). The user model only knows about its roles, not about what other roles those roles grant it.
The only thing that handles this situation that i found is the SecurityContext::isGranted method. But the problem of that is that its a check about the role of the "current" user. We needed this information in a command that generates a file and needs to know which user has permission for a specific role.
The RoleHierarchy service can not do decisions but only explode roles into all roles granted through the tree. The RoleHiararchyVoter is part of the security manager. Both are private service and thus not intended to be reused in application code.
The simplest we could come up with is this code, which we use like this:
$roleHierarchy = $this->getContainer()->get('acme_demo.security.role_hierarchy_checker');


## 1.How to easily implement a REST API with oAuth2 presentation.md

      
              6 files
            
          
              29 forks
            
          
              21 comments
            
          
              161 stars
            
          
                lologhi
                / 1.How to easily implement a REST API with oAuth2 presentation.md
            
            
              Last active
              April 4, 2024 22:13
            
              
                Symfony2 : How to easily implement a REST API with oAuth2 (for normal guys)
              
          
    It's still a work in progress...

Intro

As William Durand was recently explaining in his SOS, he "didn't see any other interesting blog post about REST with Symfony recently unfortunately". After spending some long hours to implement an API strongly secured with oAuth, I thought it was time for me to purpose my simple explanation of how to do it.
Ok, you know the bundles

You might have already seen some good explanation of how to easily create a REST API with Symfony2.
There are famous really good bundles a.k.a. :

  
## fbappbookmark.js
/* Add it as a bookmark an click it when you are on the Config page of the app, or any Facebook Tab.
   This works for the following url formats:
 - http[s]://[www.]facebook.com/pagename/app_APPID
 - http[s]://[www.]facebook.com/pagename?sk=app_APPID.
 - http[s]://[www.]developers.facebook.com/apps/APP_ID[/summary[/... ?...]]
 - http[s]://[www.]facebook.com/pages/[pagename]/[page_id]?sk=app_APPID[&app_data=...]
 If you are not on any of these links... it will ask your for the App ID
*/

// Bookmarlet

## Cookie.js
window.Cookie = {
  set: function(name, value, daysToExpire) {
    var cookieValue, d, expire, path;
    expire = '';
    daysToExpire || (daysToExpire = 365);
    d = new Date();
    d.setTime(d.getTime() + (86400000 * parseFloat(daysToExpire)));
    expire = "expires=" + (d.toGMTString());
    path = "path=/";
    cookieValue = "" + (escape(name)) + "=" + (escape(value || '')) + "; " + path + "; " + expire + ";";
	/* Add it as a bookmark an click it when you are on the Config page of the app, or any Facebook Tab.
	This works for the following url formats:
	- http[s]://[www.]facebook.com/pagename/app_APPID
	- http[s]://[www.]facebook.com/pagename?sk=app_APPID.
	- http[s]://[www.]developers.facebook.com/apps/APP_ID[/summary[/... ?...]]
	- http[s]://[www.]facebook.com/pages/[pagename]/[page_id]?sk=app_APPID[&app_data=...]
	If you are not on any of these links... it will ask your for the App ID
	*/

	// Bookmarlet