PHPackages egulias/security-debug-command-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Debugging & Profiling](/categories/debugging) 4. / 5. egulias/security-debug-command-bundle ActiveSymfony-bundle[Debugging & Profiling](/categories/debugging) egulias/security-debug-command-bundle ===================================== Symfony 2 console commands to debug security 0.6.0(9y ago)3618.1k↓75%3[3 issues](https://github.com/egulias/SecurityDebugCommandBundle/issues)MITPHPPHP >=5.3.3 Since Oct 27Pushed 9y ago4 watchersCompare [ Source](https://github.com/egulias/SecurityDebugCommandBundle)[ Packagist](https://packagist.org/packages/egulias/security-debug-command-bundle)[ Docs](https://github.com/egulias/SecurityDebugCommandBundle.git)[ RSS](/packages/egulias-security-debug-command-bundle/feed)WikiDiscussions master Synced 4d ago READMEChangelog (1)Dependencies (1)Versions (6)Used By (0) Security debug console command for Symfony2 =========================================== [](#security-debug-console-command-for-symfony2) This bundle provides commands under the `security` namespace (`security:debug:*`) to help debugging your application security in a simple way, by inspecting Voters, Listeners and (yet to come) ACL. IMPORTANT --------- [](#important) This bundle fakes credentials and tokens to be able to inspect permissions. This implies a possible security hole in your application, please be aware of this. *I'm not responsible for any issue derived for a misuse or an insecure use of it* Caution ------- [](#caution) The DataCollector feature re issues the request and some events to be able to inspect the results. If any of your custom voters, listeners, firewal listeners has side effects **they will be issued twice** Usage ===== [](#usage) As for any command you should use: `app/console` from your project root. Current available commands are: - `app/console security:debug:firewalls` to view listeners for a firewall. - `app/console security:debug:voters` to display voters, voters vote and result. - `app/console security:debug:acl_voters` to display voters, voters vote and result when ACL is present. - `app/console security:debug:acl_object` to display ACL results for each mask provided. Available Commands ------------------ [](#available-commands) - `app/console security:debug:firewalls uri firewall username roles` - `uri` The exact URI you have in the firewall - `firewall` Firewall name - `username` User to test - `roles` Multiple space separated roles for the user - `app/console security:debug:voters` (this can be faked too, but for the moment a real user is needed) - `firewall` Secured area of the app - `username` Username to authenticate - `password` Username Password - `app/console security:debug:acl_voters username object-fqcn id permission-name` - `username` For which user you need the information - `object-fqcn` The object class for which you are asking (using `/` instead of `\`) - `id` Object ID in the DB - `permission-name` The permission map name, e.g. OWNER - `app/console security:debug:acl_object username object-fqcn mask-binary` - `username` For which user you need the information - `object-fqcn` The object class for which you are asking (using `/` instead of `\`) - `id` Object ID in the DB - `mask-binary` The binary of the mask, e.g. 128 (OWNER) Sample output ------------- [](#sample-output) - `app/console security:debug:firewalls` [here](https://gist.github.com/egulias/7186738) - `app/console security:debug:voters` [here](https://gist.github.com/egulias/7186678) - `app/console security:debug:acl_voters` [here](https://gist.github.com/egulias/8498166) - `app/console security:debug:acl_object` [here](https://gist.github.com/egulias/8498245) Installation and configuration ============================== [](#installation-and-configuration) Get the bundle -------------- [](#get-the-bundle) Add to your composer.json ``` { "require": { "egulias/security-debug-command-bundle": "0.5.0" } } ``` Use composer to download the new requirement ``` $ php composer.phar update egulias/security-debug-command-bundle ``` Add SecurityDebugCommandBundle to your application kernel --------------------------------------------------------- [](#add-securitydebugcommandbundle-to-your-application-kernel) ```