techpaf/annotation-firewall-bundle

Symfony2 bundle

Maintainers

Details

github.com/MattPieraggi/TechPafAnnotationFirewallBundle

Homepage

Source

Issues

Installs: 17

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

Type:symfony-bundle

dev-master / 0.1.x-dev 2013-12-04 01:57 UTC

Requires

MIT b3c081dd359b156d1b555fd7b0c7cf201fe9f505

  • Mathieu Pieraggi <github.woop@techpaf.com>

symfonyfirewallannotation

This package is not auto-updated.

Last update: 2025-05-05 17:03:22 UTC

README

This bundle allows you to configure firewalls using annotations for your Symfony2 Project. It is inspired by Matthias Noback's blog, the NelmioApiDocBundle and the JMSSerializerBundle.

knpbundles.com

Installation

Update your composer.json file:

{
    "require": {
        "techpaf/annotation-firewall-bundle": "0.1.*@dev"
    }
}

Register the bundle in app/AppKernel.php:

// app/AppKernel.php
public function registerBundles()
{
    return array(
        // ...
        new TechPaf\AnnotationFirewallBundle\TechPafAnnotationFirewallBundle(),
    );
}

Usage

The AnnotationFirewallBundle uses annotations to indicate which Routes should be secured.

Security.yml

Instead of using a pattern like pattern: ^/api/ in your security.yml file, you need to register the request_matcher provided by the bundle.

# app/config/security.yml
# ...
firewalls:
    any_firewall:
        #pattern: ^/api/    # No need of the pattern anymore
        request_matcher: techpaf.annotation_firewall.annotation_request_matcher

You can use it with multiple firewalls. For example:

firewalls:
    dev:          # default Firewall
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    fos_secured:  # FOSUserBundle Firewall
        pattern: ^/admin/
        # ...

    wsse_secured: # MopaWSSEAuthenticationBundle Firewall
        request_matcher: techpaf.annotation_firewall.annotation_request_matcher
        # ...

Annotations

Then you need to configure each Controller you want to secure using this bundle.

<?php

namespace TechPaf\ExampleBundle\Controller;

// ...
use TechPaf\AnnotationFirewallBundle\Annotation\FirewallExclude;
use TechPaf\AnnotationFirewallBundle\Annotation\FirewallExclusionPolicy;

/**
 * @FirewallExclusionPolicy("NONE")
 */
class MyController extends Controller
{
    /**
    * @Route("/secured")
    * @Template()
    **/
    public function securedAction()
    {
        return array('secured' => true);
    }

    /**
    * @Route("/not_secured")
    * @Template()
    *
    * @FirewallExclude
    **/
    public function notSecuredAction()
    {
        return array('secured' => false);
    }
}

There are three annotations:

  • @FirewallExclusionPolicy
  • @FirewallExclude
  • @FirewallExpose

@FirewallExclusionPolicy

This annotation specify the default policy for every routes of a controller. It can have two values : ALL or NONE.

  • ALL means that every route will be excluded from the firewall unless you add an @FirewallExpose annotation
  • NONE means that every route will be added to the firewall unless you add an @FirewallExclude annotation

By default the exclusion policy is ALL, so unless you add annotations, no route will be secured using the AnnotationFirewallBundle.

@FirewallExclude

This annotation exclude a specific route from the firewall (the route is not secured)

@FirewallExpose

This annotation add a specific route to the firewall (the route is secured)

TODO

The next updates are going to be:

  • Allow usage of the AnnotationFirewallBundle in multiple firewalls simultaneously
  • Add Cache