PHPackages tourze/biz-role-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. tourze/biz-role-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) tourze/biz-role-bundle ====================== 业务角色管理包,提供角色和权限管理功能 1.0.2(5mo ago)012MITPHPCI passing Since Nov 5Pushed 4mo ago1 watchersCompare [ Source](https://github.com/tourze/biz-role-bundle)[ Packagist](https://packagist.org/packages/tourze/biz-role-bundle)[ RSS](/packages/tourze-biz-role-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (3)Dependencies (40)Versions (4)Used By (0) BizRoleBundle ============= [](#bizrolebundle) [![PHP Version](https://camo.githubusercontent.com/83dd395020c37276225039739320f6c8e7e99963ab21ee3d09282cb48dad2a60/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e312532422d626c7565)](https://php.net)[![Symfony Version](https://camo.githubusercontent.com/40e7d80ef2c730ce0e62367699117274df242c85ea6ee3c20913c28a8cc6cb1e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f53796d666f6e792d362e342532422d677265656e)](https://symfony.com)[![License](https://camo.githubusercontent.com/fdf2982b9f5d7489dcf44570e714e3a15fce6253e0cc6b5aa61a075aac2ff71b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d79656c6c6f772e737667)](LICENSE)[![Tests](https://camo.githubusercontent.com/214930dd574621ac62e96dbd4d3060592e9a26c296be4fb76e2fc63fe85546ef/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f54657374732d50617373696e672d627269676874677265656e)](#testing)[![Code Coverage](https://camo.githubusercontent.com/2b732858c71e7bf8132caff599a40b22368d09b5026f643738bec8c99b83e45e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f436f7665726167652d39352532352d627269676874677265656e)](#testing) [English](README.md) | [中文](README.zh-CN.md) A Symfony bundle for managing business roles and permissions with entity-level access control. Table of Contents ----------------- [](#table-of-contents) - [Requirements](#requirements) - [Installation](#installation) - [Features](#features) - [Configuration](#configuration) - [Usage](#usage) - [Advanced Usage](#advanced-usage) - [Security Considerations](#security-considerations) - [Events](#events) - [Testing](#testing) - [License](#license) Requirements ------------ [](#requirements) - PHP 8.1+ - Symfony 7.3+ - Doctrine ORM 3.0+ - EasyAdmin Bundle 4.0+ - Additional Tourze packages (automatically installed) Installation ------------ [](#installation) ``` composer require tourze/biz-role-bundle ``` Enable the bundle in your `config/bundles.php`: ``` return [ // ... Tourze\BizRoleBundle\BizRoleBundle::class => ['all' => true], ]; ``` Features -------- [](#features) - **Role Management**: Create and manage business roles with hierarchical inheritance - **Permission System**: Flexible permission assignment with inclusion/exclusion capabilities - **Entity-Level Access Control**: Define data permissions based on entity classes with custom WHERE clauses - **Admin Integration**: EasyAdmin controllers for role and permission management - **Security Integration**: Implements Symfony Security interfaces for seamless integration - **Audit Trail**: Built-in tracking for changes with user, timestamp, and IP logging Configuration ------------- [](#configuration) ### Entity Mapping [](#entity-mapping) The bundle provides two main entities: 1. **BizRole** - Represents a system role 2. **RoleEntityPermission** - Defines entity-level data permissions ### Database Schema [](#database-schema) Run migrations to create the required tables: ``` php bin/console doctrine:migrations:diff php bin/console doctrine:migrations:migrate ``` This creates two tables: - `biz_role` - Stores role definitions with hierarchical support - `biz_data_permission` - Stores entity-level permissions with custom WHERE clauses Usage ----- [](#usage) ### Creating Roles [](#creating-roles) ``` use Tourze\BizRoleBundle\Entity\BizRole; $role = new BizRole(); $role->setName('ROLE_MANAGER'); $role->setTitle('Manager'); $role->setPermissions(['user.view', 'user.edit', 'report.view']); $role->setHierarchicalRoles(['ROLE_OPERATOR']); // Inherits from ROLE_OPERATOR $role->setValid(true); $entityManager->persist($role); $entityManager->flush(); ``` ### Entity-Level Permissions [](#entity-level-permissions) Define data access rules for specific entities: ``` use Tourze\BizRoleBundle\Entity\RoleEntityPermission; $permission = new RoleEntityPermission(); $permission->setRole($role); $permission->setEntityClass('App\Entity\Order'); $permission->setStatement('o.department = :dept'); // WHERE clause $permission->setRemark('Access to department orders only'); $permission->setValid(true); $entityManager->persist($permission); $entityManager->flush(); ``` ### Admin Interface [](#admin-interface) The bundle provides EasyAdmin controllers: 1. **BizRoleCrudController** - Manage roles 2. **RoleEntityPermissionCrudController** - Manage entity permissions Register them in your EasyAdmin dashboard: ``` use Tourze\BizRoleBundle\Controller\Admin\BizRoleCrudController; use Tourze\BizRoleBundle\Controller\Admin\RoleEntityPermissionCrudController; public function configureMenuItems(): iterable { yield MenuItem::linkToCrud('Roles', 'fa fa-user-shield', BizRole::class) ->setController(BizRoleCrudController::class); yield MenuItem::linkToCrud('Data Permissions', 'fa fa-lock', RoleEntityPermission::class) ->setController(RoleEntityPermissionCrudController::class); } ``` ### Permission Checking [](#permission-checking) Roles can be assigned to users and checked using Symfony Security: ``` // In a controller $this->denyAccessUnlessGranted('user.edit'); // In Twig {% if is_granted('user.view') %} {% endif %} ``` Features -------- [](#features-1) ### Role Properties [](#role-properties) - **name**: Unique role identifier (e.g., ROLE\_ADMIN) - **title**: Human-readable role name - **permissions**: Array of permission strings - **excludePermissions**: Permissions to explicitly deny - **hierarchicalRoles**: Parent roles to inherit from - **admin**: Boolean flag for system administrators - **menuJson**: Custom menu configuration - **valid**: Enable/disable the role ### Entity Permission Properties [](#entity-permission-properties) - **entityClass**: Fully qualified class name - **statement**: SQL WHERE clause for filtering - **remark**: Description of the permission - **valid**: Enable/disable the permission ### Tracking Features [](#tracking-features) All entities include: - Creation and update timestamps - User tracking (created by, updated by) - IP address tracking Events ------ [](#events) The bundle integrates with Doctrine events for tracking changes. All modifications are automatically logged with user and timestamp information. Advanced Usage -------------- [](#advanced-usage) ### Role Hierarchy [](#role-hierarchy) Roles can inherit permissions from other roles: ``` $managerRole = new BizRole(); $managerRole->setName('ROLE_MANAGER'); $managerRole->setHierarchicalRoles(['ROLE_USER']); // Manager inherits all USER permissions plus additional ones ``` ### Complex Entity Permissions [](#complex-entity-permissions) Use parameterized queries for dynamic filtering: ``` $permission = new RoleEntityPermission(); $permission->setEntityClass('App\Entity\Document'); $permission->setStatement('d.owner_id = :current_user_id OR d.is_public = 1'); ``` ### Custom Permission Checks [](#custom-permission-checks) Implement custom permission logic in your security voters: ``` class DocumentVoter extends Voter { protected function supports(string $attribute, mixed $subject): bool { return $attribute === 'VIEW_DOCUMENT' && $subject instanceof Document; } protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool { // Custom permission logic using role data permissions } } ``` Security Considerations ----------------------- [](#security-considerations) 1. **SQL Injection**: Entity permission statements should be parameterized 2. **Role Validation**: Ensure roles are validated before assignment 3. **Permission Caching**: Consider caching permission checks for performance 4. **Audit Trail**: All changes are tracked for security auditing Testing ------- [](#testing) Run the test suite: ``` ./vendor/bin/phpunit packages/biz-role-bundle/tests ``` ### Code Coverage [](#code-coverage) Generate test coverage report: ``` ./vendor/bin/phpunit packages/biz-role-bundle/tests --coverage-html coverage ``` License ------- [](#license) This bundle is available under the MIT License. See the LICENSE file for details. ### Health Score 31 — LowBetter than 68% of packages Maintenance72 Regular maintenance activity Popularity5 Limited adoption so far Community4 Small or concentrated contributor base Maturity37 Early-stage or recently created project How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~5 days Total 3 Last Release 177d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e354fdb316da535dfa8ba2e9193a473c403b6bc6fb9170778d1dc50e304c6e9d?d=identicon)[tourze](/maintainers/tourze) ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/tourze-biz-role-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/tourze-biz-role-bundle/health.svg)](https://phpackages.com/packages/tourze-biz-role-bundle) ``` ### Alternatives [sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M651](/packages/sylius-sylius)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube)[contao/core-bundle Contao Open Source CMS 1231.6M2.4k](/packages/contao-core-bundle)[open-dxp/opendxp Content & Product Management Framework (CMS/PIM) 7310.3k29](/packages/open-dxp-opendxp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)