Securing a whole Controller in Symfony with sfGuard?

I was looking at the Documents for sfGuard and Symfony about the security. But I cannot find anywhere about secure a whole Controller. There is only called action Secure.

I tried to use the preExecute method to make a call to forward404Unless($this->getUser()->hasGroup('admin')) but it doesn't work.

Is it possible to use the security.yml and sfGuard to secure my actions in a controller? Or is there practice of doing this in symfony? It will be a hassle to edit every single controller I have had to create custom security that might change in the future.

Thank you.

Well symfony use a cascading configuration schema, those allowing you to configure all your project/app/module/action in a more reusable and practical way. With security happens the same thing, you can use the security.yml to define access restrictions.

If you create a security.yml in the app folder (that would be $sf_root/app_name/config/security.yml) and specify something like this:

default:
  is_secure:true

It will make all your app secure by default (users will have to be logged in), allowing you to overwrite when appropiate. Lets say the file module has an action "download" that needs admnistrator credentials, but all the other actions could be used by user having "common" and "administrator" credentials, so you will have to create a security.yml at $sf_root/apps/app_name/modules/file/config/ and define:

all:
  credentials: [[ common , administrator]]

download:
  credentials: [ administrator ]

For more info on security and advanced credentials, please check out symfony page on Action Security

You can use security.yml like this:

all:
  credentials: [admin]

I'm not sure about it working with a group, though.