0

I'm making entities for a Symfony2 project at work.

I'm trying to make a system that controls the access to certain resources in function of an organisation (a company) and of a role. To sum it up, roles are the same for all the companies, but a company may make a resource available for a role, as another may not want to.

As for resources, they represent some actions and contents, such as the creation of this, the edition of that, and so on...

I attempted to solve this problematic with the following entity. It represents a one to one to one relationship between my three entities Organisation, Role and Resource.

I wanted to know if that kind of relation was possible/good, or if there is another way to manage resources.

/**
 * @ORM\Entity
 */
class Organisation_Role_Resource
{
    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Organisation")
     */
    private $organisation;

    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Role")
     */
    private $role;

    /**
     * @ORM\Id
     * @ORM\ManyToOne(targetEntity="Aurae\UserBundle\Entity\Resource")
     */
    private $resource;

Do you have any piece of advice on how to solve this problem?

Is there another/better way to represent resources (which are, in fact, pages and links) and to manage their access?

4

1 回答 1

1

While this might be quite valid approach you would be really reinventing the wheel.

Symfony2 has it all implemented already as 'Access Control Lists' or (ACL):

http://symfony.com/doc/current/cookbook/security/acl.html

Check it out.... I think it covers everything you need...

于 2012-05-22T14:27:38.737 回答