Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

The fundament of our security is a customizable role hierarchy. One or multiple roles can be applied to a user. Every role itself is linked to different permissions which allow to view, edit or delete resources like geocaches, logs or users. If no permission is present it defaults to disallowing the action.

Role hierarchy

https://app.conceptboard.com/board/9qra-r8bs-bpy2-cuf2-0ikx

This diagram must be read bottom to top. Every role inherits roles above them. Example: ROLE_SOCIAL_HEAD contains ROLE_SOCIAL, ROLE_SOCIAL_TRAINEE, ROLE_TEAM and ROLE_USER. Every logged in user has ROLE_USER.

Permissions

Permissions are linked to different roles which can be seen as a permission group.

Database

Code examples

PHP

..

Twig

{% if is_granted('ROLE_SOCIAL') %}
  {{ 'You have access.' }}
{% else %}
  {{ 'Sorry. You don\'t have access.' }}
{% endif %}
  • No labels