Download the PHP package birkof/rbac-bundle without Composer
On this page you can find all versions of the php package birkof/rbac-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download birkof/rbac-bundle
More information about birkof/rbac-bundle
Files in birkof/rbac-bundle
Package rbac-bundle
Short Description Symfony PhpRabcBundle allow to use RBAC control access for symfony project
License MIT
Informations about the package rbac-bundle
PhpRbacBundle
PhpRBACBundle is symfony 7 bundle with full access control library for PHP. It provides NIST Level 2 Standard Hierarchical Role Based Access Control as an easy to use library to PHP developers. It's a rework of the phprbac.net library made by OWASP for symfony 6.
Table of Content
- How it works ?
- Installation
- Configuration
- Prepare Symfony
- Add PhpRbac configuration
- Roles and permissions creation
- Make the rbac relations
- Assign Role to the user and check permission
- RBAC for controller
- Voter based RBAC
- Symfony CLI commands
- Twig functions
How it works ?
Go to https://phprbac.net/ :) to have the representation of permissions and roles as well as their interactions.
Installation
just include the package with composer:
composer require olivier127/rbac-bundle
register the bundle inside config/bundles.php
Add the PhpRbacBundle\Entity\UserRoleTrait inside the User entity class to add the rbac role relation.
Update the database schema with doctrine migration or doctrine schema update to create all the tables
Configuration
Prepare Symfony
Specify the different sections requiring prior authentication in the firewall security configuration section.
Access control only applies to authenticated sections of the website. Therefore, we will use basic ROLE_USER for all users. ROLE_ADMIN can be used for the main administrator but his rights will only be allocated by being associated with the role '/' of the roles tree.
example :
Add PhpRbac configuration
You must create your own entities for driving permissions and roles.
example :
add php_rbac.yaml to associate theses entities to the rbac core
Roles and permissions creation
Add all the roles and the permissions you need with the RoleManager and the PermissionManager
examples :
to add a permission to the root
To add a chain or permission
Make the rbac relations
Adding roles use same methods
for the example, i use the chain role "/editor/reviewer". The reviewer is the subrole of the editor, the editor is the subrole of the root "/".
Assign permissions to roles
The editor role will have /notepad permission and all sub permissions while the reviewer role will only have /notepad/todolist/read
and /notepad/todolist/write
permissions
Assign Role to the user and check permission
If the UserRoleTrait
is in the class User
, you will have addRbacRole
.
Just add the role in this entity
To test a user's permission or role, use the PhpRbacBundle\Core\Rbac class.
RBAC for controller
Just add attribute is granted like this example. The attributes IsGranted
and HasRole
check the security with the current user.
the first RBAC\IsGranted on the class check the lowest permission to access to the controller with the current user.
The RBAC\IsGranted
on each action check the minimum permission to make action work.
In the example :
- The permission
/notepad/todolist/read
gives the access to the all controller and so index and show action. - The permission
/notepad/todolist/write
gives the access to edit the todolist - The permission
/notepad/todolist
parent to the read and write permission gives the access to delete
The permission /notepad/todolist
has also the read and write permission.
Voter based Rbac
With RbacVoter, you can use symfony security to check the user rbac permissions (not the roles).
example:
You need to set the security access control to be unanimous (all the voter must be ok)
add this lines to config/packages/security.yaml
Symfony CLI commands
The install command sets the root node role and permission and associates them.
Add permission into the rbac permissions tree
Add permission into the rbac roles tree
Assign a permission to a role
Assign a role to a user
Theses commandes are interactives.
Twig
test if user has a role
test if user has a permission
All versions of rbac-bundle with dependencies
doctrine/annotations Version ^2.0
doctrine/doctrine-bundle Version ^2.5
doctrine/doctrine-migrations-bundle Version ^3.2
doctrine/orm Version ^3.2
symfony/orm-pack Version ^2.4
symfony/twig-pack Version ^1.0
symfony/framework-bundle Version ~6.0|~7.0
symfony/security-bundle Version ~6.0|~7.0
php Version ^8.1
symfony/dotenv Version ~6.0|~7.0