Download the PHP package triforce-technologies/symfony-rbac-bundle without Composer

On this page you can find all versions of the php package triforce-technologies/symfony-rbac-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package symfony-rbac-bundle

Triforce\RBACBundle

Triforce\RBACBundle is symfony 6 bundle with full access control library for PHP. It provides NIST Level 2 Standard Hierarchical Role Based Access Control as an easy to use library to PHP developers. It's a rework of the phprbac.net library made by OWASP for symfony 6.

Table of Content

How it works ?

Go to https://phprbac.net/ :) to have the representation of permissions and roles as well as their interactions.

Roles and Permissions
A hierarchical RBAC model of a system Blue: roles, Gray: users, Yellow: permissions

Installation

just include the package with composer:

composer require olivier127/rbac-bundle

register the bundle inside config/bundles.php

Add the Triforce\RBACBundle\Entity\UserRoleTrait inside the User entity class to add the rbac role relation.

Update the database schema with doctrine migration or doctrine schema update to create all the tables

Configuration

Prepare Symfony

Specify the different sections requiring prior authentication in the firewall security configuration section.

Access control only applies to authenticated sections of the website. Therefore, we will use basic ROLE_USER for all users. ROLE_ADMIN can be used for the main administrator but his rights will only be allocated by being associated with the role '/' of the roles tree.

example :

Add PhpRbac configuration

You must create your own entities for driving permissions and roles.

example :

add triforce_rbac.yaml to associate theses entities to the rbac core

Roles and permissions creation

Add all the roles and the permissions you need with the RoleManager and the PermissionManager

examples :

to add a permission to the root

To add a chain or permission

Make the rbac relations

Adding roles use same methods

for the example, i use the chain role "/editor/reviewer". The reviewer is the subrole of the editor, the editor is the subrole of the root "/".

Assign permissions to roles

The editor role will have /notepad permission and all sub permissions while the reviewer role will only have /notepad/todolist/read and /notepad/todolist/write permissions

Assign Role to the user and check permission

If the UserRoleTrait is in the class User, you will have addRbacRole. Just add the role in this entity

To test a user's permission or role, use the Triforce\RBACBundle\Core\Rbac class.

RBAC for controller

Just add attribute is granted like this example. The attributes IsGranted and HasRole check the security with the current user.

the first RBAC\IsGranted on the class check the lowest permission to access to the controller with the current user. The RBAC\IsGranted on each action check the minimum permission to make action work.

In the example :

The permission /notepad/todolist has also the read and write permission.

Voter based Rbac

With RbacVoter, you can use symfony security to check the user rbac permissions (not the roles).

example:

You need to set the security access control to be unanimous (all the voter must be ok)

add this lines to config/packages/security.yaml

Symfony CLI commands

The install command sets the root node role and permission and associates them.

Add permission into the rbac permissions tree

Add permission into the rbac roles tree

Assign a permission to a role

Assign a role to a user

Theses commandes are interactives.

Twig

test if user has a role

test if user has a permission


All versions of symfony-rbac-bundle with dependencies

PHP Build Version
Package Version
Requires php Version >=8.2.1
symfony/framework-bundle Version 6.2.*
webmozart/assert Version ^1.11
doctrine/annotations Version ^2.0
doctrine/doctrine-bundle Version ^2.9
doctrine/doctrine-migrations-bundle Version ^3.2
doctrine/orm Version ^2.14
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package triforce-technologies/symfony-rbac-bundle contains the following files

Loading the files please wait ....