ics / ssi-bundle
Bundle security extention
Installs: 186
Dependents: 2
Suggesters: 0
Security: 0
Stars: 3
Watchers: 2
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- doctrine/doctrine-fixtures-bundle: ^3.4
- easycorp/easyadmin-bundle: ^3.2
- ics/dashboard-bundle: ^0
- ics/navigation-bundle: ^0
- knpuniversity/oauth2-client-bundle: ^2.8
- stevenmaguire/oauth2-keycloak: ^2.2
- symfony/config: ^5
- symfony/console: ^5
- symfony/dependency-injection: ^4.4|^5
- symfony/event-dispatcher: ^4.4|^5
- symfony/framework-bundle: ^5
- symfony/http-client: ^5
- symfony/intl: ^4.4|^5
- symfony/monolog-bundle: ^3.6
- symfony/orm-pack: ^2.1
- symfony/security-bundle: ^5
- symfony/string: ^5
- symfony/translation: ^4.4|^5
- symfony/twig-bundle: ^4.4|^5
Requires (Dev)
- symfony/maker-bundle: ^1.30
README
Symfony bundle for extend security and logging
Installation
Make sure Composer is installed globally, as explained in the installation chapter of the Composer documentation.
Applications that use Symfony Flex
Open a command console, enter your project directory and execute:
composer require ics/ssi-bundle
Applications that don't use Symfony Flex
Step 1: Download the Bundle
Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:
$ composer require ics/ssi-bundle
Step 2: Enable the Bundle
Then, enable the bundle by adding it to the list of registered bundles
in the config/bundles.php file of your project:
// config/bundles.php return [ // ... ICS\SsiBundle\SsiBundle::class => ['all' => true], ];
Step 3: Adding bundle routing
Add routes in applications config/routes.yaml
# config/routes.yaml # ... ssi_bundle: resource: '@SsiBundle/config/routes.yaml' prefix: /ssi # ...
Step 4: Install Database
For install database :
# Installer la base de données
php bin/console doctrine:schema:create
For update database :
# Mise a jour la base de données
php bin/console doctrine:schema:update -f
Adding bundle to EasyAdmin
Step 1: Add entities to dashboard
Add this MenuItems in your dashboard Controller/Admin/DashboardController.php
// Controller/Admin/DashboardController.php use ICS\SsiBundle\Entity\Account; use ICS\SsiBundle\Entity\Log; class DashboardController extends AbstractDashboardController { public function configureMenuItems(): iterable { // ... yield MenuItem::section('Security', 'fa fa-shield'); yield MenuItem::linkToCrud('Accounts', 'fa fa-user-circle', Account::class); yield MenuItem::linkToCrud('Logs', 'fa fa-newspaper', Log::class); // ... } }
Step 2: Add twig widgets to dashboard
{# templates/admin/dashboard.html.twig #} {% extends "@EasyAdmin/page/content.html.twig" %} {% block page_content %} {% include "@Ssi/admin/logs.html.twig" %} {% endblock %}
Install bundle fixtures
# Every data in database will destruct
php bin/console doctrine:fixture:load
The Passwords for created users are :
- admin :
adminPassword - user[1~10] :
userPassword
Log Entity
For log an entity just add @Log Annotation on entity declaration
you must define the actions and property properties
value for actions can :
- "add" On add entity in database
- "update" On update entity in database
- "delete" On delete entity in database
- "all" On all action of entity in database
for property make a property than return the log message you want
use Doctrine\ORM\Mapping as ORM; use ICS\SsiBundle\Annotation\Log; /** * @ORM\Entity() * @ORM\Table() * @Log(actions={"all"},property="logMessage") */ class Account implements UserInterface { /** * @ORM\Column(type="string", length=180, unique=true) */ private $username; public function getLogMessage() { return $this->username.' (#'.$this->getId().')'; } }
Configure keycloak authentification
For enabled a keycloak authentification add this lines in .env file :
#Keycloak configuration KEYCLOAK_URL="<url of keycloak server>" KEYCLOAK_REALM="<realm for keycloak>" KEYCLOAK_CLIENT_ID="<client_id of keycloak server>" KEYCLOAK_CLIENT_SECRET="<secret of client_id"
you can enabled keycloak user auto creation :
# config/packages/ssi.yaml ssi: keycloak: auto_create_user: true
by default unknow user as ignored.
Configure Active Directory authentification
For enabled a Active Directory authentification add this lines in .env file :
#Keycloak configuration ACTIVE_DIRECTORY_HOST="<Active Directory domain controller IP or DNS name>" ACTIVE_DIRECTORY_BASEDN="<User base DN (dc=example,dc=com)>" ACTIVE_DIRECTORY_DOMAIN="<Active Directory short domain name>"
you can enabled Active Directory user auto creation :
# config/packages/ssi.yaml ssi: active_directory: auto_create_user: true
by default unknow user as ignored.