{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 叛逆 的问题《Symfony2 - Why voters are called even for SuperAdm》','https://www.manongdao.com/q-680078.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I noticed that my voters are solicited even for SuperAdmin users.
Is it working as expected ?
If yes, I thought that the philosophy of SuperAdmin is that they systematically have all rights, so that we don't have to give them each permission one by one. In that case why not granting access to all voters ?
Do I always have to put
if ($user->isSuperAdmin()) {
return VoterInterface::ACCESS_GRANTED;
}
in my voters ?
In the
IddqdVoterclass, you have a special role calledROLE_IDDQD.This voter adds a special role
ROLE_IDDQDwhich effectively bypasses any, and all security checks (including voters).This is what you're looking for. More : IDDQD Voter
You can even set an alias for the IDDQD role, so I guess that you can alias the
ROLE_SUPER_ADMINto theROLE_IDDQD. If you can't do that, simply grant theROLE_SUPER_ADMINtheROLE_IDDQDand you're ready to go.In order to use this special role, you'll have to enable it by doing so :