{"id":15021926,"url":"https://github.com/curiosity26/aclhelper","last_synced_at":"2025-06-26T16:33:50.634Z","repository":{"id":56960291,"uuid":"155774944","full_name":"curiosity26/ACLHelper","owner":"curiosity26","description":"A bundle to make it easier to query entities from doctrine and have them filtered using ACLs","archived":false,"fork":false,"pushed_at":"2020-03-31T01:49:09.000Z","size":222,"stargazers_count":2,"open_issues_count":3,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-10T20:48:37.599Z","etag":null,"topics":["acl","doctrine-orm","security","symfony-acl","symfony-bundle","symfony-security"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curiosity26.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-11-01T20:58:23.000Z","updated_at":"2023-03-09T00:38:45.000Z","dependencies_parsed_at":"2022-08-21T05:10:26.720Z","dependency_job_id":null,"html_url":"https://github.com/curiosity26/ACLHelper","commit_stats":null,"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/curiosity26/ACLHelper","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curiosity26%2FACLHelper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curiosity26%2FACLHelper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curiosity26%2FACLHelper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curiosity26%2FACLHelper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curiosity26","download_url":"https://codeload.github.com/curiosity26/ACLHelper/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curiosity26%2FACLHelper/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262102762,"owners_count":23259328,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acl","doctrine-orm","security","symfony-acl","symfony-bundle","symfony-security"],"created_at":"2024-09-24T19:57:13.742Z","updated_at":"2025-06-26T16:33:50.608Z","avatar_url":"https://github.com/curiosity26.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Acl Helper Bundle\n\nThis bundle is created for the purpose of applying ACL's when querying entities; preventing the need for\npost-query iteration. This helps with things like pagination and handling security on multiple records\nsimultaneously.\n\nQuerying does not apply to associations. It is recommended that you handle your own querying for any deep\nassociations that may require ACL's be applied to them.\n\nField level security is also not taken into account at query time. It is up to you and your application\nto handle field level security.\n\n## Example\n\nIn this example, let's pretend we have an entity which is owned by `user1` and those with `ROLE_ADMIN` can\nedit, delete and view, `ROLE_USER` users can just view.\n\n```php\n\u003c?php\n\nnamespace App\\Controller;\n\nuse Curiosity26\\AclHelperBundle\\Helper\\AclHelper;\nuse Curiosity26\\AclHelperBundle\\Tests\\Entity\\TestObject;\nuse Symfony\\Component\\Security\\Acl\\Permission\\BasicPermissionMap;\n\nclass MyController extends FOSRestController implements ClassResourceInterface {\n    \n    /**\n     * @var AclHelper\n     */\n    private $aclHelper;\n    \n    public function __construct(AclHelper $aclHelper)\n    {\n        $this-\u003eaclHelper = $aclHelper;\n    }\n    \n    /**\n     * @Rest\\View()\n     * @return TestObject[]\n     */\n    public function cgetAction()\n    {\n        // Get all of the TestObjects this user can view\n        $agent   = $this-\u003eaclHelper-\u003ecreateAgent(TestObject::class);\n        $permMap = new BasicPermissionMap();\n        $builder = $permMap-\u003egetMaskBuilder();\n        $masks   = $permMap-\u003egetMasks('VIEW', null);\n        \n        foreach ($masks as $mask) {\n            $builder-\u003eadd($mask);\n        }\n        \n        return $agent-\u003efindAll($builder-\u003eget(), $this-\u003egetUser());\n    }\n}\n\n```\n\n## ACL Manager\n\nTo make it easier to build ACLs, the ACL Manager was created. It's pretty much just a chain wrapper\nthat allows the ACL to be found/created and ACEs to be inserted, updated or deleted.\n\n### Example\n\n```php\n\u003c?php\n\nnamespace App\\Controller;\n\nuse Curiosity26\\AclHelperBundle\\Helper\\AclHelper;\nuse Curiosity26\\AclHelperBundle\\Tests\\Entity\\TestObject;\nuse Symfony\\Component\\Security\\Acl\\Domain\\UserSecurityIdentity;\nuse Symfony\\Component\\Security\\Acl\\Domain\\RoleSecurityIdentity;\nuse Symfony\\Component\\Security\\Acl\\Permission\\MaskBuilder;\n\nclass MyController extends FOSRestController implements ClassResourceInterface {\n    \n    /**\n     * @var AclHelper\n     */\n    private $aclHelper;\n    \n    public function __construct(AclHelper $aclHelper)\n    {\n        $this-\u003eaclHelper = $aclHelper;\n    }\n    \n    public function postAction(TestObject $object)\n    {\n        $manager = $this-\u003egetDoctrine()-\u003egetManager();\n        $manager-\u003epersist($object);\n        \n        $aclManager = $this-\u003eaclHelper-\u003ecreateAclManager();\n        \n        // The current user needs to be the owner\n        // The ROLE_ADMIN must have view, edit, delete permissions\n        // ROLE_USER users should be able to view\n        $aclManager-\u003eaclFor($object)\n            -\u003einsertObjectAce(UserSecurityIdentity::fromAccount($this-\u003egetUser()), MaskBuilder::MASK_OWNER)\n            -\u003einsertObjectAce(\n                new RoleSecurityIdentity('ROLE_ADMIN'),\n                MaskBuilder::MASK_VIEW | MaskBuilder::MASK_EDIT | MaskBuilder::MASK_DELETE\n            )\n            -\u003einsertObjectAce(new RoleSecurityIdentity('ROLE_USER'), MaskBuilder::MASK_VIEW)\n            -\u003esave()\n        ;\n        \n        return $this-\u003eview(null, 201);\n    }\n}\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcuriosity26%2Faclhelper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcuriosity26%2Faclhelper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcuriosity26%2Faclhelper/lists"}