Class permission

[unusorin]

Hi,
I'm trying to set up this acl manger with doctrine ODM on Symfony 2.5. Everything seems to work but I've noticed that the class permissions are not working. Basically, I've annotated my document like

     @Acl\DomainObject({
         @Acl\ClassPermission({ "ROLE_ADMIN" = MaskBuilder::MASK_IDDQD })
       })

, but when I check permissions with isGranted using a normal user, it allows me to create a new document. Do you have any ideas about this issue ?

Thanks.

[sheeep]

IIRC this is the way the current granting process works. Have you tried to explicitly define the permission for ROLE_USER?

@Acl\DomainObject({
    @Acl\ClassPermission({ "ROLE_ADMIN" = MaskBuilder::MASK_IDDQD })
    @Acl\ClassPermission({ "ROLE_USER" = MaskBuilder::MASK_VIEW })
})

[GreGosPhaTos]

I Have a similar issue :

security:
      acl:
        connection: default
        voter:
          allow_if_object_identity_unavailable: false

And when I do

$aclManager->setClassPermission('My\\Class\\Name', MaskBuilder::MASK_VIEW, $user);

// always returns false 
$aclManager->isGranted('VIEW', 'My\\Class\\Name')

isGranted returns always false ... Did I miss something ?