Symfony @Security annotation with custom voter
I wrote a custom voter to check if the user is the owner of the book he is trying to change. Therefore, I use the @Security annotation to secure the controller:
@Security("is_granted('BookVoter::ATTRIBUTE_OWNER', book)")
This is what I would like the @Security annotation to look like, but only works when writing the following:
@Security("is_granted('OWNER', book)")
I don't want to "hardcode" the "OWNER" string, it is a constant in my BookVoter. Any ideas how to achieve this?
Sincerely.
source to share
What are you passing annotations to @Security
Expression Language .
SensionFrameworkExtraBundle provides a function is_granted
for the expression language ( see here ).
The default expression language has a function constant()
, so you should use it in your case:
@Security("is_granted(constant('\\Full\\Namespace\\To\\BookVoter::ATTRIBUTE_OWNER'), book)")
Please note that you must use the full namespace notation.
source to share