这是我解决它的方法(在我提交 PR 后,这在 Symfony 2.3 中变得更容易了):
使用您自己的掩码扩展现有的 MaskBuilder:
namespace Acme\DemoBundle\Security\Acl\Permission;
use Symfony\Component\Security\Acl\Permission\MaskBuilder as BaseMaskBuilder;
class MaskBuilder extends BaseMaskBuilder
{
const MASK_COPY = 256; // 1 << 8
const MASK_REVIEW = 512; // 1 << 9
const CODE_COPY = 'X';
const CODE_REVIEW = 'R';
}
扩展现有的 PermissionMap(您过去必须完全覆盖它,因为所有内容都设置为私有)。
namespace Acme\DemoBundle\Security\Acl\Permission;
use Symfony\Component\Security\Acl\Permission\BasicPermissionMap;
class PermissionMap extends BasicPermissionMap
{
const PERMISSION_COPY = 'COPY';
const PERMISSION_REVIEW = 'REVIEW';
public function __construct()
{
parent::__construct();
// This basically says "If you have VIEW, REVIEW, EDIT..., OWNER,
// you have VIEW".
$this->map[self::PERMISSION_VIEW] = array(
MaskBuilder::MASK_VIEW,
MaskBuilder::MASK_REVIEW,
MaskBuilder::MASK_EDIT,
MaskBuilder::MASK_COPY,
MaskBuilder::MASK_OPERATOR,
MaskBuilder::MASK_MASTER,
MaskBuilder::MASK_OWNER,
);
$this->map[self::PERMISSION_COPY] = array(
MaskBuilder::MASK_COPY,
MaskBuilder::MASK_OPERATOR,
MaskBuilder::MASK_MASTER,
MaskBuilder::MASK_OWNER,
);
$this->map[self::PERMISSION_REVIEW] = array(
MaskBuilder::MASK_REVIEW,
MaskBuilder::MASK_OPERATOR,
MaskBuilder::MASK_MASTER,
MaskBuilder::MASK_OWNER,
);
}
}
不要问我为什么必须包含相同的权限。
最后,您需要告诉 Symfony 在以下位置使用您的 PermissionMap config.yml
:
parameters:
security.acl.permission.map.class: Acme\DemoBundle\Security\Acl\Permission\PermissionMap
那是为我做的。