Symfony2 - How to set the priority of the security voter used by the AccessDecisionManager?
I saw here on GitHub that the default settings use priority tags like the following:
<service id="security.access.simple_role_voter" class="%security.access.simple_role_voter.class%" public="false">
<tag name="security.voter" priority="245" />
</service>
I cannot find a reference to this "priority" inside the AccessDecisionManager .
How does the parameter influence the decision-making process priority
?
source to share
The higher priority listener / voter is executed first.
For listener priorities, the following rules apply:
priority [...] by default is 0.
This value can range from -255 to 255, and the listeners will be executed in order of priority ( highest to lowest ).
(see How to create an event listener. )
app / Config/security.yml
The parameter security.access_decision_manager
determines the strategy used for the final decision:
security:
access_decision_manager:
strategy: affirmative # <- strategy setting
There are 3 strategies available:
-
unanimous
- 1 single voter denies access. -
affirmative
- 1 single voter grants access. -
consensus
- The majority wins.
(See Changing Your Decision Making Strategy )
The voter's decision is expressed in the return value of this method vote()
. Example:
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
public function vote(TokenInterface $token, $post, array $attributes)
{
// ...
return VoterInterface::ACCESS_GRANTED;
}
-
VoterInterface::ACCESS_GRANTED
Permission will be granted by that voter; -
VoterInterface::ACCESS_ABSTAIN
The voter cannot decide whether a permit is permitted; -
VoterInterface::ACCESS_DENIED
The authority will be rejected by that voter.
source to share