security attribute, handled by a different voter. However, has_role in
security expressions only deals with roles. It replicates the work of
the RoleVoter only. there is 2 ways to achieve your expectation here:
- use the full authorization system to trigger all voters:
@Security("is_granted('IS_
- use the dedicated function in the security language reproducing the
same check: @Security('is_authenticated()'
The Symfony doc indeed describes all security attributes as roles, but
this is a mistake in the doc. See
https://github.com/symfony/
From https://groups.google.com/forum/#!topic/symfony2/cyNRtjfrI8Q
