This bundle provides Symfony services for checking user security roles.
This bundle is tested with Symfony 2.7+, but it should be compatible with Symfony 2.3+
The RoleChecker service doesn't emulate an user authentication. It mean that if the authentication process modify user rights, the service can detect roles updates.
Install extension using composer:
{
"require": {
"jdecool/security-role-checker-bundle": "~1.0"
}
}
Enable the extension in your application AppKernel
:
<?php
public function registerBundles()
{
$bundles = [
// ...
new JDecool\Bundle\SecurityRoleCheckerBundle\JDecoolSecurityRoleCheckerBundle(),
];
// ...
return $bundles;
}
You can check role by accessing jdecool.security.role_checker
service :
class MyController
{
public function myAction()
{
$roleChecker = $this->get('jdecool.security.role_checker');
var_dump($role->hasRole('ROLE_USER')); // checking role for current user
$userWithRole = $this->getDoctrine()->getRepository(/* ... */)->find(1);
var_dump($role->hasRole('ROLE_USER', $userWithRole)); // true
$userWithoutRole = $this->getDoctrine()->getRepository(/* ... */)->find(2);
var_dump($role->hasRole('ROLE_USER', $userWithoutRole)); // false
// ...
}
}
You can also check role in a Twig template (even if it's not a best practice) :
{{ has_role('ROLE_USER') ]} # Check role for current user
{{ has_role('ROLE_USER', other_user) ]}
This library is published under MIT license