Add this bundle to your composer.json
"require": {
"problematic/acl-manager-bundle": "dev-master"
Register the bundle in app/AppKernel.php
// app/AppKernel.php
public function registerBundles()
return array(
// ...
new Problematic\AclManagerBundle\ProblematicAclManagerBundle(),
If you haven't configured the ACL enable it in app/config/security.yml
# app/config/security.yml
connection: default
Finally run the ACL init command
php app/console init:acl
$comment = new Comment(); // create some entity
// ... do work on entity
$em->flush(); // entity must be persisted and flushed before AclManager can act on it (needs identifier)
$aclManager = $this->get('problematic.acl_manager');
// Adds a permission no matter what other permissions existed before
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
// Or:
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER);
// Replaces all current permissions with this new one
$aclManager->setObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokeObjectPermission($comment, MaskBUILDER::MASK_DELETE, $userEntity);
$aclManager->revokeAllObjectPermissions($comment, $userEntity);
// Same with class permissions:
$aclManager->addClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->setClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokeClassPermission($comment, MaskBUILDER::MASK_DELETE, $userEntity);
$aclManager->revokeAllClassPermissions($comment, $userEntity);
If no $userEntity
is provided, the current session user will be used instead.
If you'll be doing work on a lot of entities, use AclManager#preloadAcls():
$products = $repo->findAll();
$aclManager = $this->get('problematic.acl_manager');
// ... carry on