PHPackages                             jonston/symfony-permission - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. jonston/symfony-permission

ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication)

jonston/symfony-permission
==========================

A basic permission management bundle for Symfony, similar to spatie/laravel-permission

v0.1.0(8mo ago)211[1 issues](https://github.com/Jonston/symfony-permission/issues)MITPHPPHP >=8.1

Since Sep 9Pushed 8mo agoCompare

[ Source](https://github.com/Jonston/symfony-permission)[ Packagist](https://packagist.org/packages/jonston/symfony-permission)[ Docs](https://github.com/jonston85/symfony-permission)[ RSS](/packages/jonston-symfony-permission/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (7)Versions (5)Used By (0)

Symfony Permission Bundle
=========================

[](#symfony-permission-bundle)

A flexible and extensible permission and role management bundle for Symfony applications, inspired by [spatie/laravel-permission](https://github.com/spatie/laravel-permission).

Concept & Paradigm
----------------------

[](#concept--paradigm)

This bundle brings the best practices of access control from Spatie Laravel Permission to Symfony:

- **Explicit modeling**: Permissions and roles are first-class entities, not just strings.
- **Flexible relationships**: Users (or any domain entity) can have many roles and permissions, and roles aggregate permissions.
- **Traits & interfaces**: Easily add permission/role logic to your models via traits and interfaces.
- **DTOs & services**: All business logic and data transfer are handled via DTOs and service classes, keeping your domain clean.
- **Doctrine attributes**: All relations are described via Doctrine attributes for correct migrations and schema generation.

Step-by-step Integration Guide
------------------------------

[](#step-by-step-integration-guide)

### 1. Install the Bundle

[](#1-install-the-bundle)

```
composer require jonston/symfony-permission
```

### 2. Configure Your Models

[](#2-configure-your-models)

#### User Entity Example

[](#user-entity-example)

Add traits, interfaces, and Doctrine relations:

```
use Doctrine\ORM\Mapping as ORM;
use Jonston\SymfonyPermission\Trait\HasRoles;
use Jonston\SymfonyPermission\Contract\HasRolesInterface;
use Jonston\SymfonyPermission\Entity\Role;
use Jonston\SymfonyPermission\Entity\Permission;

#[ORM\Entity]
class User implements HasRolesInterface
{
    use HasRoles;

    #[ORM\Id]
    #[ORM\GeneratedValue]
    #[ORM\Column(type: 'integer')]
    private ?int $id = null;

    #[ORM\ManyToMany(targetEntity: Role::class)]
    #[ORM\JoinTable(name: 'user_role')]
    protected Collection $roles;

    #[ORM\ManyToMany(targetEntity: Permission::class)]
    #[ORM\JoinTable(name: 'user_permission')]
    protected Collection $permissions;

    public function __construct()
    {
        $this->roles = new \Doctrine\Common\Collections\ArrayCollection();
        $this->permissions = new \Doctrine\Common\Collections\ArrayCollection();
    }
    // ... your logic ...
}
```

#### Role Entity Example

[](#role-entity-example)

Already provided by the bundle, but you can extend:

```
#[ORM\Entity]
class Role implements HasPermissionsInterface
{
    use HasPermissions;
    // ...existing code...
    #[ORM\ManyToMany(targetEntity: Permission::class, inversedBy: 'roles')]
    #[ORM\JoinTable(name: 'role_permission')]
    protected Collection $permissions;
    // ...existing code...
}
```

#### Permission Entity Example

[](#permission-entity-example)

Already provided by the bundle, but you can extend:

```
#[ORM\Entity]
class Permission
{
    #[ORM\ManyToMany(targetEntity: Role::class, mappedBy: 'permissions')]
    private Collection $roles;
    // ...existing code...
}
```

### 3. Run Doctrine Migrations

[](#3-run-doctrine-migrations)

After configuring your models, generate and apply migrations:

```
php bin/console doctrine:migrations:diff
php bin/console doctrine:migrations:migrate
```

This will create all necessary tables and relations: `roles`, `permissions`, `user_role`, `user_permission`, `role_permission`.

### 4. Use DTOs and Services for Business Logic

[](#4-use-dtos-and-services-for-business-logic)

- Use DTOs (e.g. `CreateRoleDto`, `UpdatePermissionDto`) for all input to services.
- Use `RoleService` and `PermissionService` for CRUD operations and assignment logic.

#### Example: Creating and Assigning Roles/Permissions

[](#example-creating-and-assigning-rolespermissions)

```
$role = $roleService->createRole(new CreateRoleDto('admin', 'Administrator role'));
$permission = $permissionService->createPermission(new CreatePermissionDto('edit articles', 'Can edit articles'));
$user->addRole($role);
$user->addPermission($permission);
$role->addPermission($permission);
```

#### Example: Revoking Roles/Permissions

[](#example-revoking-rolespermissions)

```
$user->removeRole($role);
$user->removePermission($permission);
$role->removePermission($permission);
```

#### Example: Checking Permissions

[](#example-checking-permissions)

```
$accessControlService->hasPermission($user, 'edit articles'); // true if user or any role has permission
$accessControlService->hasAnyPermission($user, [$permission1, $permission2]);
$accessControlService->hasAllPermissions($user, [$permission1, $permission2]);
```

### 5. Advanced Use Cases

[](#5-advanced-use-cases)

- **Multiple models**: You can add HasRoles/HasPermissions to any entity (Team, Organization, etc).
- **Custom queries**: Use repositories for advanced queries (e.g. find all users with a specific permission).
- **Validation**: DTOs support Symfony Validator attributes for future validation needs.
- **Extending entities**: Add custom fields, methods, or override logic as needed.

### 6. Best Practices

[](#6-best-practices)

- Keep all business logic in services, not in entities.
- Use DTOs for all input to services.
- Use traits and interfaces for your domain models.
- Write tests for your business logic and permission checks.
- Use Doctrine attributes for all relations to ensure correct migrations.

Example Use Case Scenarios
--------------------------

[](#example-use-case-scenarios)

- **RBAC for admin panel**: Assign roles like `admin`, `editor`, `viewer` to users, and granular permissions to roles.
- **Feature toggles**: Use permissions to enable/disable features for specific users or groups.
- **Multi-tenancy**: Assign roles/permissions to teams or organizations, not just users.
- **API access control**: Check permissions in controllers, security voters, or middleware.

License
-------

[](#license)

MIT

Author
------

[](#author)

Jonston

###  Health Score

27

—

LowBetter than 49% of packages

Maintenance51

Moderate activity, may be stable

Popularity8

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity37

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

246d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/f33063720f95228b977edc5abff5e1360f2891484c6aa7dbab1210c9d8214719?d=identicon)[Jonston](/maintainers/Jonston)

---

Top Contributors

[![Jonston](https://avatars.githubusercontent.com/u/1535998?v=4)](https://github.com/Jonston "Jonston (16 commits)")

---

Tags

symfonybundlesecurityaclrolespermissions

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/jonston-symfony-permission/health.svg)

```
[![Health](https://phpackages.com/badges/jonston-symfony-permission/health.svg)](https://phpackages.com/packages/jonston-symfony-permission)
```

###  Alternatives

[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[beatswitch/lock

A flexible, driver based Acl package for PHP 5.4+

870304.7k2](/packages/beatswitch-lock)[scheb/2fa

Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install)

578630.7k1](/packages/scheb-2fa)[olivier127/rbac-bundle

Symfony PhpRabcBundle allow to use RBAC control access for symfony project

318.3k](/packages/olivier127-rbac-bundle)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)