How can I use multiple IsGranted attribute on a symfony controller ? #54696
-
I have a controller on which I have 2 routes created: #[Route('/announcement/create', name: 'app_admin_restock_announcement_create'), IsGranted(RestockVoter::CREATE_RESTOCK)]
#[Route('/announcement/edit/{id}', name: 'app_admin_restock_announcement_edit'), IsGranted(RestockVoter::EDIT_RESTOCK, 'restockQueue')]
public function detail(
?RestockQueue $restockQueue,
... The problem is user who can When I debug on route How can I manage this? If I don't want to create separate controllers. This is a temporary solution: if (is_null($restockQueue)) {
$this->denyAccessUnlessGranted(RestockVoter::CREATE_RESTOCK);
} else {
$this->denyAccessUnlessGranted(RestockVoter::EDIT_RESTOCK, $restockQueue);
} But I want it done only using PHP attributes. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
If you put multiple Note that those |
Beta Was this translation helpful? Give feedback.
If you want to keep a single controller, you indeed cannot use attribute-based access control checks if you need 2 different checks depending on the case where it is called.