noob question, I'm working in Symfony 2.8 and I want to grant all access to the role ROLE_ADMIN in access control, is there a way to do this without writing 'ROLE_ADMIN' in every rule over access_control?
What I´m trying to avoid in my security.yml, is going from this:
access_control:
- { path: ^/application, roles: ROLE_STUDENT }
- { path: ^/keyword, roles: ROLE_MENTOR }
- { path: ^/department, roles: ROLE_ADMIN }
- { path: ^/requirement, roles: ROLE_MENTOR}
To this:
access_control:
- { path: ^/application, roles: [ROLE_ADMIN, ROLE_STUDENT ]}
- { path: ^/keyword, roles: [ROLE_ADMIN, ROLE_MENTOR ]}
- { path: ^/department, roles: ROLE_ADMIN }
- { path: ^/requirement, roles: [ROLE_ADMIN, ROLE_MENTOR ]}
in a most larger file
Yes, you can add role hierarchy:
security:
role_hierarchy:
ROLE_ADMIN: [ROLE_STUDENT, ROLE_MENTOR]
That way if you have ROLE_ADMIN, you have also ROLE_STUDENT and ROLE_MENTOR.