eZ Platform bundle which provides user role inheritance.

v1.0.3 2019-04-14 04:46 UTC

This package is not auto-updated.

Last update: 2021-11-22 17:01:37 UTC


This is an eZ Platform bundle which provides user role inheritance.

This is different from the built-in User Group inheritance because it allows for fine-grained, easy management of user roles that doesn't depend on groups.

(This is an eZ Platform port of permissions-inheritance-bundle.)


  • Run composer require:
$ composer require contextualcode/ezplatform-role-inheritance-bundle
  • Enable this bundle in app/AppKernel.php file by adding next line in registerBundles method:
    public function registerBundles()
        $bundles = array(
            new ContextualCode\EzPlatformRoleInheritanceBundle\ContextualCodeEzPlatformRoleInheritanceBundle(),
  • Add the routes to your app/config/routing.yml:
      resource: "@ContextualCodeEzPlatformRoleInheritanceBundle/Resources/config/routing.yml"
      prefix:   /
  • Create new custom database tables:
$ cat vendor/contextualcode/ezplatform-role-inheritance-bundle/src/ContextualCode/EzPlatformRoleInheritanceBundle/SQL/MySQL/schema.sql | mysql -u <username -p<password> <database_name>

Note: If you are upgrading from an eZ 5.x install that was using contextualcode/permissions-inheritance-bundle, please instead run the upgrade SQL to retain your old role inheritances:

$ cat vendor/contextualcode/ezplatform-role-inheritance-bundle/src/ContextualCode/EzPlatformRoleInheritanceBundle/SQL/MySQL/upgrade.sql | mysql -u <username -p<password> <database_name>
  • Done.


  1. Just open the role view page in the admin UI. There will be new functionality to add parent/child roles, in the "Role Inheritances" tab.
  2. Additional code needs to be executed to assign inherited roles to the user: you must call the function handleUserChildRoles($userId) of RoleInheritanceService. You can use a custom login handler/event listener or any other way to call that code. For example, you can create AppBundle\Security\User\Provider.php that extends eZ\Publish\Core\MVC\Symfony\Security\User\Provider. Add the RoleInheritanceService to the constructor, and override the refreshUser function to add these lines to load the inherited roles:
    $userId = $user->getAPIUser()->contentInfo->id;

    Then you must set to use the id of this new Provider. Now users will inherit roles set in the admin UI.