PHPackages                             godisco/acltree-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. godisco/acltree-bundle

ActiveSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

godisco/acltree-bundle
======================

Symfony2 Bundle for hierarchy relationship between entities with ACL Permissions.

171.1k3[1 issues](https://github.com/GoDisco/AclTreeBundle/issues)[1 PRs](https://github.com/GoDisco/AclTreeBundle/pulls)PHP

Since Dec 1Pushed 10y ago2 watchersCompare

[ Source](https://github.com/GoDisco/AclTreeBundle)[ Packagist](https://packagist.org/packages/godisco/acltree-bundle)[ RSS](/packages/godisco-acltree-bundle/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

AclTree Bundle
==============

[](#acltree-bundle)

AclTree Bundle allows you to create hierarchy relationship between your entities for ACL Permissions.

For example, If I have `Edit` permissions for `Dan Brown books` entity, I will able to edit also the author `Dan Brown`, and all of his books.

Table of contents:
------------------

[](#table-of-contents)

- [Introduction](#acltree-bundle)
- [Installation](#installation)
- [Usage](#usage)
    - [Defining entity parent](#defining-entity-parent)
    - [Using the voter](#using-the-voter)
    - [AclTreeHelper](#using-the-acltree-helper)
    - [AclUsersHelper](#using-the-acltree-helper)
- [Changing the default MaskBuilder](#changing-the-default-maskbuilder)

Installation:
-------------

[](#installation)

Add the following line into your `composer.json`, at the `require` section:

##### composer.json

[](#composerjson)

```
    "require": {
       "godisco/acltree-bundle": "dev-master"
```

Add the **AclTree Bundle** to your `AppKernel` (at the `registerBundles()` section):

##### app/AppKernel.php

[](#appappkernelphp)

```
class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = array(
            // ...
            new GoDisco\AclTreeBundle\AclTreeBundle(),
    }
```

Usage:
------

[](#usage)

Using the AclTree is pretty simple! First, you need to [Define your entities parents](#defining-entity-parent), then just use the voter to know if access is granted to user, or apply the helpers for complex queries.

- **[Defining entity parent](#defining-entity-parent)**
- **[Using the voter](#using-the-voter)**
- **[AclTreeHelper](#using-the-acltree-helper)** - Filtering entities by ACL.
- **[AclUsersHelper](#using-the-acltree-helper)** - Showing all the users who have access by ACL.

### Defining entity parent

[](#defining-entity-parent)

Just add the `@AclParent` annotation to the parent member of your entity.

#### Example:

[](#example)

```
use GoDisco\AclTreeBundle\Annotation\AclParent;
use Acme\AuthorBundle\Entity\Author;

/**
 * Book
 * @ORM\Table
 * @ORM\Entity
 */
class Book
{
    /**
     * @var Author
     *
     * @ORM\ManyToOne(targetEntity="Acme\AuthorBundle\Entity\Author")
     * @ORM\JoinColumn(name="author_id", referencedColumnName="id")
     * @AclParent
     */
    private $author;
}
```

\*\*\* Don't forget to include the annotation by adding the `use GoDisco\AclTreeBundle\Annotation\AclParent;` part! \*\*\*

### Using the voter

[](#using-the-voter)

You can use the regular [Symfony ACL voter](http://symfony.com/doc/current/cookbook/security/acl.html#checking-access), in order to know if access is granted to the user:

```
$vote= $this->get('security.context')->isGranted('VIEW', $entity);
```

(\*) For more Information about using voters, visit the [Symfony documentation](http://symfony.com/doc/current/cookbook/security/voters_data_permission.html).

In addition, you can also use the voter as annotation (duh?):

```
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;

class BookController extends Controller
{
    /**
     * @Security("is_granted('VIEW', post)")
     */
    public function showAction(Post $post)
    {
        //...
    }
}
```

(\*) For more Information about using security annotations, visit the [Symfony documentation](http://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/annotations/security.html#usage).

### Using the AclTree helper

[](#using-the-acltree-helper)

For filtering only entities the user have access to, apply the **@acl.tree.helper** service on your `QueryBuilder` object:

#### Methods:

[](#methods)

- **apply(QueryBuilder $queryBuilder, \[array $permissions = array("VIEW"), UserInterface $user = null\])**
    - ***$queryBuilder***(\*) - `QueryBuilder` object which select all the entities, **before the filtering**.
    - ***$permissions*** - array of permissions to check, default will check only for `VIEW`
    - ***$user*** - User entity to check, default will check for the logged-in user
    - ***returns*** modified **`Query`** object.

#### Example:

[](#example-1)

```
    /** @var \Doctrine\ORM\EntityManager\EntityManager $em */
    $em = $this->getDoctrine()->getManager();
    /** @var \GoDisco\AclTreeBundle\Security\Helper\AclTreeHelper $aclHelper */
    $aclHelper = $this->get("acl.tree.helper");

    $qb = $em->createQueryBuilder();
    $qb = $qb->select('e')
        ->from('GoDisco\EventBundle\Entity\Event', 'e')
        ->join("e.line", "l");

    // The query object returned here is a clone obj so, you can always use $qb->getQuery() to get the original query obj
    $query = $aclHelper->apply($qb);  // showing for current logged-in user
    $result = $query->getArrayResult();

    return $result;
```

### Using the AclUsers helper

[](#using-the-aclusers-helper)

For showing all the users who have directly access to the entity, apply the `acl.object.users` service on your `Entity` object:

#### Methods:

[](#methods-1)

- **get($entity, $user\_class\[array $permissions = array("VIEW"))**
    - ***$entity***(\*) - entity to check
    - ***$user\_class***(\*) - the class of the user object
    - ***$permissions*** - array of permissions to check, default will check only for `EDIT`
    - *returns* list of users.

#### Example:

[](#example-2)

```
    /** @var \Doctrine\ORM\EntityManager\EntityManager $em */
    $em = $this->getDoctrine()->getManager();

    $repo = $em->getRepository("VenueBundle:Venue");
    $entity = $repo->find(1);

    /** @var \GoDisco\AclTreeBundle\Security\Helper\AclUsersHelper $aclHelper */
    $aclHelper = $this->get("acl.object.users");

    $users = $aclUsers->get($entity, 'Acme\UserBundle\Entity\User'); // showing for current logged-in user
    return $users;
```

Changing the default MaskBuilder
--------------------------------

[](#changing-the-default-maskbuilder)

In some cases, you may wish to change the default `MaskBuilder`, to a custom mask map. You can just modify the MaskBuilder by overriding the `security.acl.mask_builder` parameter.

For instance, example for changing the AclTree to use The Sonata's ACL MaskBuilder:

```
parameters:
    security.acl.mask_builder: Sonata\AdminBundle\Security\Acl\Permission\MaskBuilder
```

###  Health Score

26

—

LowBetter than 43% of packages

Maintenance19

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/5134d1f7181d408648546bbc8d7aaa45328ed14e6c3225f65aa404a87ae5db87?d=identicon)[AlmogBaku](/maintainers/AlmogBaku)

---

Top Contributors

[![AlmogBaku](https://avatars.githubusercontent.com/u/98982?v=4)](https://github.com/AlmogBaku "AlmogBaku (21 commits)")

### Embed Badge

![Health badge](/badges/godisco-acltree-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/godisco-acltree-bundle/health.svg)](https://phpackages.com/packages/godisco-acltree-bundle)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client

OAuth 1.0 Client Library

99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)