Protection proxy generator for Symfony2

0.1.4 2014-02-28 14:34 UTC


Build Status

Current version : 0.1.4


Add this bundle to your composer.json file:

    "require": {
        "guilro/protection-proxy-bundle": "0.1.*"

Register the bundle in app/AppKernel.php:


// app/AppKernel.php
public function registerBundles()
    return array(
        // ...
        new Guilro\ProtectionProxyBundle\GuilroProtectionProxyBundle(),


You have to configure the protected classes and methods (for the moment in config.yml).

# app/config/config.yml

    caching: true #optional, default to false
                    attribute: ROLE_USER #can be a role, or any attribute that a voter can handle
                    deny_value: Title hidden ! #optional setting, default will return null on deny
                    expression: '"ROLE_ADMIN" in roles or (user and user.isSuperAdmin())'
                    return_proxy: true

Typicall usage in your controllers and views:


$proxyManager = $this->get('guilro.protection_proxy');

$commentProxy = $proxyManager->getProxy($comment);

    array('comment' => $commentProxy)
  • If 'attribute' is set, when using the generated proxy, original methods getTitle() and setAuthor() of $comment will only be really executed if $securityContext->isGranted('attribute', $comment) returns true.
  • If 'expression' is set, when using the generated proxy, original methods will only be really executed if $securityContext->isGranted(new Expression($expression), $comment) returns true.
  • If both are set, both test are performed.
  • If $securityContext->isGranted() returns false, the original method will not be executed. It will return null, or deny_value if set.
  • If the original method returns an object of a pretected class, it will return the raw object or its protected proxy depending on return_proxy setting. Default for this setting is false.

If you use attributes other than roles, you should probably implements your own Voter in order to grant access or not to users.