PHP code example of olivier127 / rbac-bundle
1. Go to this page and download the library: Download olivier127/rbac-bundle library . Choose the download type require .
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
olivier127 / rbac-bundle example snippets
return [
...
PhpRbacBundle\PhpRbacBundle::class => ['all' => true],
];
/* src/Entity/Role.php */
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use PhpRbacBundle\Entity\Role as EntityRole;
use PhpRbacBundle\Repository\RoleRepository;
#[ORM\Entity(repositoryClass: RoleRepository::class)]
#[ORM\Table('my_roles')]
class Role extends EntityRole
{
}
/* src/Entity/Permission.php */
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use PhpRbacBundle\Entity\Permission as EntityPermission;
use PhpRbacBundle\Repository\PermissionRepository;
#[ORM\Entity(repositoryClass: PermissionRepository::class)]
#[ORM\Table('my_permissions')]
class Permission extends EntityPermission
{
}
/** @var PhpRbacBundle\Core\PermissionManager $manager */
$manager = $this->container->get(PermissionManager::class);
$permission = $manager->add("notepad", "Notepad", PermissionManager::ROOT_ID);
/** @var PhpRbacBundle\Core\PermissionManager $manager */
$manager = $this->container->get(PermissionManager::class);
$manager->addPath("/notepad/todolist/read", ['notepad' => 'Notepad', 'todolist' => "Todo list", "read" => "Read Access"]);
/** @var PhpRbacBundle\Core\RoleManager $manager */
$manager = $this->container->get(RoleManager::class);
$manager->addPath("/editor/reviewer", ['editor' => 'Editor', 'reviewer' => "Reviewer"]);
/** @var PhpRbacBundle\Core\RoleManager $manager */
$manager = $this->container->get(RoleManager::class);
$editorId = $manager->getPathId("/editor");
$editor = $manager->getNode($editorId);
$reviewerId = $manager->getPathId("/editor/reviewer");
$reviewer = $manager->getNode($reviewerId);
$manager->assignPermission($editor, "/notepad");
$manager->assignPermission($reviewer, "/notepad/todolist/read");
$manager->assignPermission($reviewer, "/notepad/todolist/write");
/** @var PhpRbacBundle\Core\RoleManager $manager */
$manager = $this->container->get(RoleManager::class);
$editorId = $manager->getPathId("/editor");
$editor = $manager->getNode($editorId);
$user = $userRepository->find($userId);
$user->addRbacRole($user);
$userRepository->add($user, true);
$rbacCtrl = $this->container->get(Rbac::class);
$rbacCtrl->hasPermission('/notepad', $userId);
$rbacCtrl->hasRole('/editor/reviewer', $userId);
namespace App\Controller;
...
use PhpRbacBundle\Attribute\AccessControl as RBAC;
#[Route('/todolist')]
#[RBAC\IsGranted('/notepad/todolist/read')]
class TodolistController extends AbstractController
{
#[RBAC\IsGranted('/notepad/todolist/read')]
#[Route('/', name: 'app_todolist_index', methods: ['GET'])]
public function index(TodolistRepository $todolistRepository): Response
{
...
}
#[RBAC\IsGranted('/notepad/todolist/write')]
#[Route('/new', name: 'app_todolist_new', methods: ['GET', 'POST'])]
public function new(Request $request, TodolistRepository $todolistRepository): Response
{
...
}
#[RBAC\IsGranted('/notepad/todolist/read')]
#[Route('/{id}', name: 'app_todolist_show', methods: ['GET'])]
public function show(Todolist $todolist): Response
{
...
}
#[RBAC\IsGranted('/notepad/todolist/write')]
#[Route('/{id}/edit', name: 'app_todolist_edit', methods: ['GET', 'POST'])]
public function edit(Request $request, Todolist $todolist, TodolistRepository $todolistRepository): Response
{
...
}
#[RBAC\IsGranted('/notepad/todolist')]
#[Route('/{id}', name: 'app_todolist_delete', methods: ['POST'])]
public function delete(Request $request, Todolist $todolist, TodolistRepository $todolistRepository): Response
{
...
}
}
#[IsGranted('/todolist/index', statusCode: 403, message: 'Access denied for user')]
#[Route('/', name: 'app_todo_list_index', methods: ['GET'])]
public function index(TodoListRepository $todoListRepository): Response
yaml
# config/packages/php_rbac.yaml
php_rbac:
no_authentication_section:
default: deny
resolve_target_entities:
user: App\Entity\User
role: App\Entity\Role
permission: App\Entity\Permission