Download the PHP package data-dog/acl-bundle without Composer
On this page you can find all versions of the php package data-dog/acl-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download data-dog/acl-bundle
More information about data-dog/acl-bundle
Files in data-dog/acl-bundle
Package acl-bundle
Short Description ACL management bundle
License MIT
Homepage https://github.com/DATA-DOG/acl-bundle
Informations about the package acl-bundle
ACL management bundle 
ACL comes without any database requirements. It is bare ACL manager. The bundle only registers resource and access policy providers. See DOCTRINE.md which shows how to configure database for policy management.
- Has symfony profiler bar
- Does not depend on database
- Basic resource and policy concept
Configuration
This is the default ACL bundle configuration:
ACL resource
A resource is basically represented by a string.
Would be "app.resource.string.action". Action is concatenated. That way it is easier to store and match resources.
- app.resource.string - is a resource acccess point.
- action - is any action that can be done with the resource.
ACL resource providers
Providers are used to collect all ACL resources from bundles. The ACL provider interface:
All provider services must be tagged with acl.resource.provider. They should build a resource map as required by interface.
Bundle configuration
This type of ACL resource provider is enabled by default. It looks for configuration file: ../VendorBundle/Resources/config/acl_resources.yml and loads all resources from each bundle.
ACL policy providers
ACL policy providers must implement AclBundle\Access\PolicyProviderInterface and implement one method which return a list of policies, where key is a resource or resource branch and value is boolean - whether the resource is granted or denied.
Given we have these resources:
We can make policies for leaf actions:
Or we can do the same thing by granting access to the branch and denying leaf:
NOTE: The configuration above is the ACL bundle extension configuration. Which should be located in kernel configuration directory.
Config provider
For very simple use cases, config provider may be used. To enable it, acl configuration must contain some accesses in the map:
It will load this access map based on username of currently logged user from security context. Though the user model must implement Symfony\Component\Security\Core\User\UserInterface
ACL resource transformers
Sometimes it may be useful to transform an object to a specific resource with identifier for deep permission checks. As an example we could have form type resources identified by name:
This transformer service then may be registered with tag: acl.resource.transformer, it accepts a priority attribute. When acl actions may be checked like:
NOTE: these resources must be provided, either through configuration or by resource provider service.
For convenience, make a service alias:
Questions and Answers
Q: Why it does not have a vendor namespace. A: Hopefully, you need only one AclBundle in your projects, cheers.
Tests
Tested with phpunit. To run all tests:
composer install
bin/phpunit