According to this piece of symfony's documentation tells you how to store and load a user from the database. But I have an question, let suppose there is a user with role ROLE_ADMIN and has the ability to create new application roles, for example ROLE_USER_ADMIN.
Also the entity storing the user is the following:
namespace AppBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Validator\Constraints as Assert;
/**
* @ORM\Table(name="users")
* @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository")
*/
class User implements UserInterface, \Serializable
{
/**
* @ORM\Column(type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORM\Column(type="string", length=25, unique=true, nullable=true)
*/
private $displayName;
/**
* @ORM\Column(type="string", length=64, nullable=true)
*/
private $password;
/**
* @ORM\Column(type="string", length=254, unique=true)
*/
private $email;
/**
* @ORM\Column(name="is_active", type="boolean")
*/
private $isActive;
public function __construct()
{
$this->isActive = false;
// may not be needed, see section on salt below
// $this->salt = md5(uniqid('', true));
}
public function getDisplayName()
{
return $this->displayName;
}
public function getSalt()
{
// you *may* need a real salt depending on your encoder
// see section on salt below
return null;
}
public function getPassword()
{
return $this->password;
}
public function getRoles()
{
return array('ROLE_USER');
}
public function eraseCredentials()
{
}
public function isAccountNonExpired()
{
return true;
}
public function isAccountNonLocked()
{
return true;
}
public function isCredentialsNonExpired()
{
return !empty($this->password);
}
public function isEnabled()
{
return $this->isActive && !empty($this->password);
}
/** @see \Serializable::serialize() */
public function serialize()
{
return serialize(array(
$this->id,
$this->$displayName,
$this->password,
$this->email,
$this->isActive,
// see section on salt below
// $this->salt,
));
}
/** @see \Serializable::unserialize() */
public function unserialize($serialized)
{
list (
$this->id,
$this->$displayName,
$this->password,
$this->email,
$this->isActive,
// see section on salt below
// $this->salt
) = unserialize($serialized, array('allowed_classes' => false));
}
}
The question is how to store the roles? Should it be a different table or store is as a stringified array? If the roles are in a different table how the getRoles will return is as a table?