Download the PHP package ybenhssaien/authorization-bundle without Composer

The AuthorizationBundle

The AuthorizationBundle manage authorizations on properties of an entity, they can be either readable or writable or both by some roles and not others, every property of an entity can be authorized or not for reading or writing using isGranted() in PHP files or Twig version is_granted().

Installation

1. Install with composer :

2. Enable it in config/bundles.php :

Example

• Declaration of properties :

• Usage in a FormBuilder :

• Usage in Twig :

Documentation

1. Annotations

   • Required : Declare an entity having authorizations, without @HasAuthorizations annotation, the entity is ignored automatically.

   Important : Authorizations work only with entities using Doctrine ORM

   • Declare authorizations map on properties using @Authorization() that accepts 3 named arguments

     • name : [optional] string to replace the default property name used (without $ (example : private $propertyOfEntity => propertyOfEntity))

     • aliases : [optional] string array of different names can be used for the target property

     • roles : [optional] authorizations array of roles, each role may have an array of options with keys read and write that accept boolean as value.
       • Passing roles as an argument without roles key is acceptable

     • The default value of an undeclared action is true (example for ROLE_USER without actions is equivalent to {"read" : true, "write" : true})
     • Declaring @Authorization without roles, is equivalent to {"read" : false, "write" : false} (the same case for undeclared roles)

2. Check authorization

   To check authorization on a property, use Security isGranted() method or twig equivalent is_granted() following the signature :

   • isGranted($action, [$entity, $property] :
   • $action : 'read' or 'write' string
   • $entity : Object or class name as string
   • $property : The name of property, the custom name or an alias if declared

Commandes

• bin/console debug:authorization : display authorizations map

Authorization services

• AuthorizationService : Contains methods to check authorizations and to get the map of authorizations.
  • getAuthorizationMap(): AuthorizationMap : return an instance of AuthorizationMap which contains the authorizations map and mapped entities.
  • canReadData(string $property, string $entity): bool : check if a property is authorized for reading.
  • canWriteData(string $property, string $entity): bool : check if a property is authorized for writing.
  • isPropertyExists(string $property, string $entity): bool : check if a property is declared for authorization.
• AuthorizationMap : Contains the map and entities declared for authorizations
  • getMap(): array : Return the map of authorizations.
  • getEntities(): array : Return the list of supported entities.

Contributing & bug report

• Report a bug or suggest a feature : Github issues
• Contribute : fork && create pull request

@developed by Youssef BENHSSAIEN