On the Stovepipe Systems blog author Iltar van der Berg has retuned with a continuation of his series on Symfony security basics with this new post covering voters and roles.
In my previous blog post I've explained the basics of authentication, authorization and how this is dealt with in Symfony. Due to the size of the post, I've left out several important topics such as roles and voters; Both an equally important part of authentication and authorization. A common misconception is that roles should be used to check permissions. In fact, they should definitely not be used to check permissions!
He goes on to explain where "roles" come into the process of authentication (not authorization) and how they describe something about the user of the system. With that defined he moves on to the "voters": functionality that "vote" on attributes related to the user/request/resource/etc. and return a pass or fail decision based on their logic. He explains why voters are probably more what most developers are looking for and some reasons to use them over roles. He then ends the post showing how to create your own custom voter and configure it into your application.