December 18, 2014 Javier Eguiluz

Symfony 2.6 was released less than a month ago, but we are already working hard on new features for Symfony 2.7. The first significant new feature is related to hierarchical security roles.

In Symfony applications, you can define a hierarchy of security roles to avoid associating many roles to users. Consider the following simple example:

1 2 3 4 # app/config/security.yml security : role_hierarchy : ROLE_ADMIN : [ ROLE_USER , FEATURE_ALPHA , ROLE_ALLOWED_TO_SWITCH ]

This configuration tells Symfony that whenever a user is granted with the ROLE_ADMIN role, he/she is implicitly granted the ROLE_USER , FEATURE_ALPHA and ROLE_ALLOWED_TO_SWITCH roles too.

However, when you browse the Security panel of the Symfony Profiler, you can only see the user's roles but not the inherited roles. Since this last information is very useful, in Symfony 2.7 you'll get the full security role information for the user, including the direct roles and the inherited ones: