eb22fbb4/rbac-bundle

RBAC bundle for symfony 4

v0.1.6 2019-05-16 02:53 UTC

README

尝试性项目,请勿在生产环境中使用。

DEMO

symfony-rbac-demo

step 1

install bundle

$ composer require eb22fbb4/rbac-bundle

step 2

register bundle for kernel

// ./src/bundles.php

<?php

return [
    // ...
    Eb22fbb4\Bundle\RBACBundle\RBACBundle::class => ['all' => true],
];

step 3

configure the bundle

// ./config/packages/framework.yaml

// ...

rbac:
    // firewall pattern
    firewall_pattern: ^/admin
    // translation domain (default: rbac)
    translation_domain: rbac
    // anonymously routes (equal to IS_AUTHENTICATED_ANONYMOUSLY, e.g. login page)
    anonymously_routes:         
        - admin_login
    // fully routes (equal to IS_AUTHENTICATED_FULLY)
    fully_routes:
        - admin_index
        - admin_ajax_xxx
        - admin_file_upload

Usage

Entity

<?php

namespace App\Entity;

use Eb22fbb4\Bundle\RBACBundle\Model\RoleableTrait;
use Eb22fbb4\Bundle\RBACBundle\Model\RoleableInterface;

/**
 * @ORM\Entity(repositoryClass="App\Repository\RoleRepository")
 */
class Role implements RoleableInterface
{
    use RoleableTrait;

    // ...
}

Form

<?php

namespace App\Form;

use App\Entity\Role;
use Eb22fbb4\Bundle\RBACBundle\Form\Type\NodeType;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;

class RoleType extends AbstractType
{
 public function buildForm(FormBuilderInterface $builder, array $options)
    {
        $builder
            // ...
            ->add('nodes', NodeType::class)
        ;
    }

    public function configureOptions(OptionsResolver $resolver)
    {
        $resolver->setDefaults([
            'data_class' => Role::class,
        ]);
    }
}

check permissions in controller

<?php

namespace App\Controller;

use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController

class PostController extends AbstractController
{
    /**
     * @Route("/post/new", name="post_new")
     */
    public function new()
    {
        if ($this->isGranted('post_new')) {
            // ...
        }
    }
}

check permissions in twig

{% if is_granted('post_new') %}
    <a href="{{ path('post_new') }}">Add New</a>
{% endif %}

extras

Form fields

// ./config/packages/twig.yaml

twig:
    // ...
    form_themes:
        // ...
        - rbac_fields.html.twig

Translations

// ./translations/rbac.zh_CN.xlf

<?xml version="1.0" encoding="utf-8"?>
<xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
  <file source-language="zh-CN" target-language="zh-CN" datatype="plaintext" original="file.ext">
    <header>
      <tool tool-id="symfony" tool-name="Symfony"/>
    </header>
    <body>
        <trans-unit id="post_list">
        <source>post_list</source>
        <target>Post/View Posts</target>
      </trans-unit>
      <trans-unit id="post_new">
        <source>post_new</source>
        <target>Post/Add New</target>
      </trans-unit>
      <trans-unit id="post_edit">
        <source>post_edit</source>
        <target>Post/Edit</target>
      </trans-unit>
      // ...
    </body>
  </file>
</xliff>

update translation files

$ php bin/console translation:update zh_CN --force