symfony 1.4: trying to manage the credentials of the actions

we want开发者_StackOverflow to manage the credentials of the actions of the backend from the backend.

How to get the list of the actions of an app? After that we could show the credential of each one through getCredential().

2nd question: i found the function to get the credential of an action (getCredential()), but how to set the credentials? I didn't find any setCredential() function...

Javi

---

I agree with much of what has already been said regarding whether or not this is a good idea.

Regardless, to do what I think you are asking:

Credentials needed for an action come from this method in sfAction:

  public function getCredential()
  {
    return $this->getSecurityValue('credentials');
  }

You can overload that in your actions (or extend it in a new subclass of sfActions and have all your actions extend that) if you want to do something more complicated, like pull credentials from a database or some other source.

---

Getting a list of actions of an app has nothing to do with credentials. It's a matter of convention how the credentials are named or organized. Actions and credentials are independent. You could have one credential per whole application or define one credential per action. Still, you manage credential separately.

If you really want to get list of actions you could parse the routing file.

You could also use PHP's Reflection mechanism to get methods out of the action classes.

However, sfDoctrineGuardPlugin/sfGuardPlugin offers you sufficient credential management for most of the applications. I'd rather go with this approach.

2n question: There's no setCredential() method but there is an addCredential().

---

Let's start with your second question first, to firm up our grasp of how credentials in Symfony work.

Credentials in Symfony are set via the security.yml file the config directory of the module. A security.yml file might look like this:

all:
  is_secure: true #makes all methods on this action require user's to be authenticated

edit:
  credentials: [admin]

show:
  is_secure: false #don't require authentication for this one

You cannot change the security settings of an action from the backend unless you want to actually write a new YAML file and clear the old one from the cache (not recommended). If you really needed dynamic credentials on an action, I would store some sort of switch (lock file, APC, database) and use a filter to dynamically set the credentials required (also, not really recommended).

Can't you do whatever you're trying to do with a standard user/group/permission setup?