GuilroProtectionProxyBundle with Ocramius ProxyManager

23 Jan 2014

GuilroProtectionProxyBundle generates proxy objects from your configuration. Those proxies handle access granting, so you can render them without having to do authorization in your views or in your controllers. It is not completely AOP, but it is the same idea.

I took the time this afternoon to rewrite it using OcramiusProxyManager. I was also thinking to use JMSAopBundle but I already knew a bit the first one, so I decided to stick with it. The code is now much cleaner and easier to read. You can check it on Github.

  • There is no break in the documented API.
  • Lots of new tests.
  • It uses OcramiusProxyManager to generate proxies.
  • New dependency on a small Zend component +1,5 Mb in memory.
  • Fix a bug when using attribute and expression together.
  • Removed doctrine dependency.

So you can still do :

# app/config/config.yml

                    attribute: ROLE_USER # can be a role, or any attribute a voter can handle
                    return_proxy: true   # the Comments themselves will be proxified
                    deny_value: false    # ::getComments() will return false if
                                         # ROLE_USER is not granted by security context
                    return_proxy: true
                    expression: has(VIEW_EMAIL) # it also supports expressions
                    deny_value: ''

and then

{% if article.comments %}
    {% for comment in article.comments %}
        {{ }}
        {{ }}
        {{ comment.text }}
    {% endfor %}
{% endif %}

You just have to add two lines in your controller :

$proxyManager = $this->get('guilro.protection_proxy');
$articleProxy = $proxyManager->getProxy($article);
    array('article' => $articleProxy)

Next step for me is adding a way to configure the ProxyManager to cache the proxy classes.
EDIT 27/02/2014 : this is done !

(↓This is bad, I will use something else when I have time ! )
comments powered by Disqus