https://github.com/loremipsum/permission-checker-bundle
Symfony bundle to handle authorization, i.e. check permission to perform action on a resource.
https://github.com/loremipsum/permission-checker-bundle
Last synced: 3 months ago
JSON representation
Symfony bundle to handle authorization, i.e. check permission to perform action on a resource.
- Host: GitHub
- URL: https://github.com/loremipsum/permission-checker-bundle
- Owner: loremipsum
- License: mit
- Created: 2018-12-27T09:21:10.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2025-11-11T10:00:20.000Z (8 months ago)
- Last Synced: 2025-11-11T10:21:01.747Z (8 months ago)
- Language: PHP
- Size: 40 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# PermissionChecker bundle
Symfony bundle to handle authorization, i.e. check permission to perform action on a resource.
This bundle is similar to the symfony voter but uses permission objects.
## Configuration
```yaml
# config/packages/lorem_ipsum_permission_checker.yaml
lorem_ipsum_permission_checker:
roles:
admin: ROLE_ADMIN
super_admin: ROLE_SUPER_ADMIN
default_permission: \App\Security\Permission\AppPermission
```
`default_permission` is used by `hasActionPermission` twig function.
## Permission example
Usage example:
Check if the current user has permission to update an existing user. Call `mustHave` or `has`
on the `PermissionChecker` instance with the `UserPermission`.
`mustHave` throws an exception if the permission is not granted, whereas `has` just returns a boolean.
```php
/** @var LoremIpsum\PermissionCheckerBundle\PermissionChecker $permissionChecker **/
$permissionChecker->mustHave(new UserPermission(UserPermission::UPDATE, $user));
```
`AppPermission` example:
```php
getAction()) {
case self::SETTINGS:
return $this->checker->isAdmin();
}
throw new InvalidPermissionException($this, "Invalid action '{$this->getAction()}'");
}
}
```
`UserPermission` example:
```php
user = $user;
}
public function isGranted(): bool
{
switch ($this->getAction()) {
case self::READ:
// All users can view other users
return true;
case self::CHANGE_PASSWORD:
// Admins can change passwords, users can change their own password
return $this->checker->isAdmin() || $this->checker->getUser() === $this->user;
case self::CREATE:
case self::UPDATE:
case self::DELETE:
// Admins can create/update/delete users
return $this->checker->isAdmin();
}
throw new InvalidPermissionException($this, "Invalid action '{$this->getAction()}'");
}
}
```