PHPackages                             rheck/accesscontrol-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. rheck/accesscontrol-bundle

ActiveSymfony-bundle[Authentication &amp; Authorization](/categories/authentication)

rheck/accesscontrol-bundle
==========================

Bundle to control the user access.

7361PHP

Since Jun 15Pushed 10y ago1 watchersCompare

[ Source](https://github.com/rheck/accesscontrol-bundle)[ Packagist](https://packagist.org/packages/rheck/accesscontrol-bundle)[ RSS](/packages/rheck-accesscontrol-bundle/feed)WikiDiscussions master Synced 4w ago

READMEChangelogDependenciesVersions (1)Used By (0)

Access Control Bundle
=====================

[](#access-control-bundle)

[![SensioLabsInsight](https://camo.githubusercontent.com/6d1bb7351dd237c89fa7247bd6dbf35cd59cc0eb9163f318fb1f7a1e55a4cc39/68747470733a2f2f696e73696768742e73656e73696f6c6162732e636f6d2f70726f6a656374732f36633865356561652d326539632d343961392d613133662d3136333533616438656634632f6269672e706e67)](https://insight.sensiolabs.com/projects/6c8e5eae-2e9c-49a9-a13f-16353ad8ef4c)

This Bundle is a easy solution for the route access control. You can choose to use the default strategy of the Bundle or create your own custom.

### How it works

[](#how-it-works)

You can install this bundle using composer

```
composer require rheck/accesscontrol-bundle
```

or add the package to the composer.json file of your Symfony project.

After you have installed the package, you need to add the bundle to your AppKernel.php file:

```
// in AppKernel::registerBundles()
$bundles = array(
    // ...
    new Rheck\AccessControlBundle\RheckAccessControlbundle(),
    // ...
);
```

### Configuration

[](#configuration)

If you want to use the default Bundle Strategy you must to create the databases of permissions.

**1. Doctrine Schema Update Command**

```
php app/console doctrine:schema:update --force
```

**2. Create on the database directly (MySQL Example)**

```
CREATE TABLE rheck_permissioncontexts (
    `id` INT AUTO_INCREMENT NOT NULL,
    `name` VARCHAR(255) NOT NULL,
    `label` VARCHAR(255) NOT NULL,
    `description` VARCHAR(255) DEFAULT NULL,
    PRIMARY KEY (id)
) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB;

CREATE TABLE rheck_permissions (
    `id` INT AUTO_INCREMENT NOT NULL,
    `name` VARCHAR(255) NOT NULL,
    `label` VARCHAR(255) NOT NULL,
    `description` VARCHAR(255) DEFAULT NULL,
    `permissionContext_id` INT DEFAULT NULL,
    INDEX IDX_538F31584B364D6E (permissionContext_id),
    PRIMARY KEY (id)
) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB;
```

**3. Entity**

The permission must have relationship with an entity user or other one with realtionship with user as will be logged in and must implement an interface.

Example:

```
use Rheck\AccessControlBundle\Entity\PermissionAccessInterface;

class User implements PermissionAccessInterface
{
    protected $permissions;

    public function __construct()
    {
        $this->permissions = new ArrayCollection();
    }

    public function addPermission(Permission $permission)
    {
        $this->permissions->add($permission);
    }

    public function getPermissions()
    {
        return $this->permissions;
    }

}
```

**4. config.yml**

Example 1: If you want to validate the permission with my user entity directly. The configuration is:

```
rheck_access_control:
    has_permissions: user
```

Example 2: Suposing that I have an entity called UserGroups and it have relationship ManyToMany with user. The configuration is:

```
rheck_access_control:
    has_permissions: user.userGroups
```

### Usage

[](#usage)

**You have two ways to check the permissions.**

For both ways you have 4 fields:

***1. Permissions***: can be a single parameter or an array;

***2. Context***: you can group the permissions by a context, default value is "System";

***3. Criteria***: you can choose how is the criteria to check the permissions, its value can be "AND" or "OR". The default value is "AND";

***4. Strategy***: you can create your own strategy of validation. An example follow at the end of this file.

#### 1. Validation By Annotation

[](#1-validation-by-annotation)

**@PermissionAccess**: you need to add the use statement:

```
use Rheck\AccessControl\Annotation\PermissionAccess;
```

**Example 1** (Using the Default Bundle Strategy):

```
/**
 * @PermissionAccess("INDEX", context="DASHBOARD")
 */
```

On the example above I want to check if my logged user has the permission "INDEX" of context "DASHBOARD" allowed to access. Otherwise a 403 http error message will be throwed.

**Example 2** (Using the Default Bundle Strategy):

```
/**
 * @PermissionAccess({"VIEW", "VIEW_ALL"}, context="PROJECT", criteria="OR")
 */
```

On the example above I want to check if my logged user is allowed to access one of the array of permissions added on the permissions check. Note: I need just one permission allowed, because the criteria is "OR". If the criteria is "AND" I must to be allowed on every listed permissions.

#### 2. Validation By Twig

[](#2-validation-by-twig)

Like the "*1. Validation By Annotation*", we have the same parameters, so lets just adapt for the twig view:

**Example 1** (Like the annotation example 1):

```
{% if permissionAccess("INDEX", "DASHBOARD") %}
    You have permission to access.
{% else %}
    You donot have permission to access.
{% endif %}
```

**Example 2** (Like the annotation example 2):

```
{% if permissionAccess(["VIEW", "VIEW_ALL"], "PROJECT", "OR") %}
    You have permission to access.
{% else %}
    You donot have permission to access.
{% endif %}
```

### Creating your own Strategy

[](#creating-your-own-strategy)

To create your own validation strategy you must follow the steps bellow:

#### 1. Create the Strategy file:

[](#1-create-the-strategy-file)

```
