[Form] Add a new field type for managing Roles #10212

jameshalsall · 2014-02-06T20:21:49Z

Something that I think is lacking at the moment is an out-of-the-box "roles" form field type. This would provide the sole purpose of managing an array of roles. The role values could be either strings or \Symfony\Component\Security\Core\Role\RoleInterface instances (with this PR I opened a few days ago making comparisons between the two a little easier).

I would expect that this is a common problem that people have to tackle in their Symfony applications, and if we didn't want it as part of the core Form component we could provide it as part of the Symfony\Bridge.

As a set of high level requirements the field could:

Allow the granting / removal of roles (defined by a role hierarchy) to a user
Prevent users from granting / removing roles that they themselves do not have (optionally)
Extend the choice field type

Something has already been achieved in SonataUserBundle here and I implemented a similar solution in one of my own projects last week.

Is this something that would be of use in the Symfony standard distribution?

cc / @webmozart

The text was updated successfully, but these errors were encountered:

bigfoot90 · 2014-12-28T22:55:06Z

Add an option to select only roles reachable by current user using security.role_hierarchy service.

An admin should be able to create users,
and maybe other admin users if business logic permits it.
An admin should not be able to create users with super_admin role.

Glideh · 2016-09-16T07:54:54Z

8000

This would be useful.
I'm implemeting this same RoleType in all my projects.
Maybe it could be a small cookbook for example.

jameshalsall · 2016-09-16T08:10:14Z

If you have any example implementations you can share that would be great, I'm planning on implementing this over the coming weeks.

apfelbox · 2016-09-16T08:13:52Z

I guess the first thing that should be done is implementing a proper role system. Currently symfony itself doesn't know anything about the available roles, it just knows what roles a user has.

The role hierarchy isn't complete in this regard: roles outside the hierarchy aren't defined anywhere in symfony.

See #17892 for a related discussion, about RoleProviders. This would need to be added before we can add the form type.

Glideh · 2016-09-16T08:25:36Z

I'm personally using as convention to always list all roles in the hierarchy, even those with no child.
I'll paste my formType here depending on this convention.

jameshalsall · 2016-09-16T08:52:38Z

Symfony's security bundle would provide the hierarchy through the component... \Symfony\Component\Security\Core\Role\RoleHierarchyInterface. They would have to be part of the hierarchy for the field to be able to handle them, I agree with @Gildeh in this regard.

xabbuh · 2018-09-23T11:23:15Z

I am closing here as implementing such a form type requires a list of all possible roles which is not provided by the Security component.

jakzal added Security labels Feb 7, 2014

webmozart added the Feature label Oct 17, 2014

Cydonia7 mentioned this issue Dec 2, 2016

Add a RoleType that allows to select roles among the ones in the hierarchy #20728

Closed

xabbuh closed this as completed Sep 23, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[Form] Add a new field type for managing Roles #10212

[Form] Add a new field type for managing Roles #10212

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

[Form] Add a new field type for managing Roles #10212

[Form] Add a new field type for managing Roles #10212

Comments

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!