Simple and lightweight User bundle for Symfony 3 projects. Provides user and role functionalities with ACL support.
If u need help with 1.* branch, visit v1.x documentation.
Required the bundle with composer:
$ php composer.phar require app-verk/user-bundle
Register the bundle in your AppKernel.php
// ./app/AppKernel.php
public function registerBundles()
{
$bundles = [
...
new AppVerk\UserBundle\UserBundle(),
...
];
}
Add a new config file, for example user.yml
#./app/config/user.yml
user:
entities:
user_class: #E.g. AppBundle\Entity\User
acl:
enabled: #true|false defines to use or not to use ACL
access_denied_path: #route bame where user should be redirect when he dont have privileges to action
Import user.yml file to config.yml
imports:
...
- { resource: user.yml }
Next create two entities in your bundle (E.g. AppBundle\Entity):
- User
<?php
namespace AppBundle\Entity;
use AppVerk\UserBundle\Entity\User as AbstractUser;
use Doctrine\ORM\Mapping as ORM;
/**
*
* @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository")
*/
class User extends AbstractUser implements EntityInterface
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
}
You can use configuration format which you prefer (yml, xml, php or annotation)
Run
php bin/console doctrine:schema:update --force
Now You can create admin user with command line:
php bin/console user:create:admin <username> <email> <password>
Enable ACL
#./app/config/user.yml
user:
acl
enabled: true
access_denied_path: #route name
Use annotation to define protected action
// ./src/AppBundle/Controller/DefaultController.php
...
use AppVerk\UserBundle\Annotation\AVSecurity;
...
/**
* ...
* @AVSecurity(allow={"ROLE_ADMIN"}, disallow={"ROLE_X"}, name="list", group="default")
*/
public function listAction()
{
return $this->render('@App/controller/user/list.html.twig');
}
In some cases u need to create your own logic to decide about access to action. In that case u just need to create custom accessResolver and put your logic
// ./src/AppBundle/Security/CustomAccessResolver.php
...
use AppVerk\UserBundle\Security\AccessResolverInterface;
...
class SimpleAccessResolver implements AccessResolverInterface
{
public function resolve(RoleableInterface $user, $action): bool
{
// your own logic
}
}
Insert new resolver to configuration file:
#./app/config/user.yml
user:
entities:
user_class: #E.g. AppBundle\Entity\User
acl:
enabled: #true|false defines to use or not to use ACL
access_denied_path: #route bame where user should be redirect when he dont have privileges to action
access_resolver_class: AppBundle\Security\CustomAccessResolver