PermissionCheck Annotation
- Class:
\Zikula\PermissionsModule\Annotation\PermissionCheck
- Also see:
\Zikula\PermissionsModule\Listener\ControllerPermissionCheckAnnotationReaderListener
This annotation is used in a Controller Action Method OR Controller Class in one of two ways.
-
Like so:
@PermissionCheck("admin")
Possible alias values are:- 'admin'
- 'delete'
- 'add'
- 'edit'
- 'moderate'
- 'comment'
- 'read'
- 'overview'
In the above cases,
- the component will be like
AcmeFooModule::
- the instance will be
::
- the level will be the corresponding
ACCESS_*
constant (e.g.ACCESS_ADMIN
)
Also allowed:
@PermissionCheck("ACCESS_ADMIN")
-
You can also pass any valid permission schema (e.g.
@PermissionCheck({"ZikulaCategoriesModule::category", "ID::5", "ACCESS_EDIT"})
.- Note the use of curly brackets
{}
within for this type of value.
The listener will attempt to replace any variable with a route attribute value. For example if the annotation is
@PermissionCheck({"ZikulaGroupsModule::", "$gid::", "ACCESS_EDIT"})
then the listener will look for an 'gid' attribute in theRequest
object and replace the variable name with its value when testing for permissions.
You can also use$_zkModule
as the extension name if preferred, e.g.@PermissionCheck({"$_zkModule::", "$gid::", "ACCESS_EDIT"})
.
You can also use the access alias if preferred, e.g.@PermissionCheck({"$_zkModule::", "$gid::", "edit"})
. - Note the use of curly brackets
Please note: You cannot use @PermissionCheck() in both the Class and the Method. This will produce an AnnotationException.
Examples:
Method-level
use Zikula\PermissionsModule\Annotation\PermissionCheck;
// ...
/**
* @Route("/admin/edit/{gid}", requirements={"gid" = "^[1-9]\d*$"})
* @PermissionCheck({"$_zkModule::", "$gid::", "edit"})
* @Theme("admin")
* @Template("@ZikulaGroupsModule/Group/edit.html.twig")
*
* Modify a group.
*/
public function editAction(
Request $request,
GroupEntity $groupEntity,
EventDispatcherInterface $eventDispatcher
) { ... }
Class-level
use Zikula\PermissionsModule\Annotation\PermissionCheck;
// ...
/**
* Class ThemeController
*
* @Route("/config")
* @PermissionCheck("admin")
*/
class ConfigController extends AbstractController
{
/**
* @Route("/config")
* @Theme("admin")
* @Template("@ZikulaThemeModule/Config/config.html.twig")
*/
public function configAction() { ... }