yokai/security-extra-bundle

This package is abandoned and no longer maintained. No replacement package was suggested.

Symfony security extra features

Maintainers

Details

github.com/yokai-php/security-extra-bundle

Source

Issues

Installs: 7

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

dev-master / 1.0.x-dev 2017-08-24 08:30 UTC

Requires

Requires (Dev)

MIT 30adfa9e1d8db700fbb2a1292d30df67fbd4c0da

  • Yann Eugoné <eugone.yann.woop@gmail.com>

This package is auto-updated.

Last update: 2024-01-04 15:01:53 UTC

README

Latest Stable Version Latest Unstable Version Total Downloads License

Build Status Scrutinizer Code Quality Code Coverage

Installation

Add the bundle as dependency with Composer

$ composer require yokai/security-extra-bundle:1.0-dev

Enable the bundle in the kernel

<?php
// app/AppKernel.php

public function registerBundles()
{
    $bundles = [
        // ...
        new Yokai\SecurityExtraBundle\YokaiSecurityExtraBundle(),
    ];
}

Configuration

Imagine that you handle an entity named AppBundle\Entity\Article on which you has basic CRUD operations.

You can imagine what kind of checks you will have to implements to secure your CRUD actions :

  • browsing posts is allowed if you have the role ROLE_ARTICLE_LIST
  • displaying post details is allowed if you have the role ROLE_ARTICLE_SHOW
  • creating a new post is allowed if you have the role ROLE_ARTICLE_CREATE
  • updating an existing post is allowed if you have the role ROLE_ARTICLE_UPDATE AND if you created this post in the first place
  • deleting an existing post is allowed if you have the role ROLE_ARTICLE_DELETE AND if you created this post in the first place

OK, here is a way to configure it :

# app/config/config.yml

yokai_security_extra:
    permissions:

        - attributes: 'browse'
          roles:      ROLE_ARTICLE_LIST

        - attributes: 'details'
          subjects:   AppBundle\Entity\Article
          roles:      ROLE_ARTICLE_SHOW

        - attributes: 'create'
          roles:      ROLE_ARTICLE_CREATE

        - attributes: 'update'
          subjects:   AppBundle\Entity\Article
          roles:      ROLE_ARTICLE_UPDATE
          callables:  'isOwnedBy'

        - attributes: 'delete'
          subjects:   AppBundle\Entity\Article
          roles:      ROLE_ARTICLE_DELETE
          callables:  'isOwnedBy'

note isOwnedBy is a method available on AppBundle\Entity\Article that could look like

public function isOwnedBy(User $user)
{
    return $this->author === $user;
}

Advanced

todo

MIT License

License can be found here.

Authors

The bundle was originally created by Yann Eugoné.

See the list of contributors.