Symfony security role checker

This bundle provides Symfony services for checking user security roles.

Compatibility

This bundle is tested with Symfony 2.7+, but it should be compatible with Symfony 2.3+

Warning

The RoleChecker service doesn't emulate an user authentication. It mean that if the authentication process modify user rights, the service can detect roles updates.

Documentation

Install it

Install extension using composer:

{
    "require": {
        "jdecool/security-role-checker-bundle": "~1.0"
    }
}

Enable the extension in your application AppKernel:

<?php

public function registerBundles()
{
    $bundles = [
        // ...
        new JDecool\Bundle\SecurityRoleCheckerBundle\JDecoolSecurityRoleCheckerBundle(),
    ];

    // ...

    return $bundles;
}

Use it

You can check role by accessing jdecool.security.role_checker service :

class MyController
{
    public function myAction()
    {
        $roleChecker = $this->get('jdecool.security.role_checker');
        
        var_dump($role->hasRole('ROLE_USER')); // checking role for current user
        
        $userWithRole = $this->getDoctrine()->getRepository(/* ... */)->find(1);
        var_dump($role->hasRole('ROLE_USER', $userWithRole)); // true
        
        $userWithoutRole = $this->getDoctrine()->getRepository(/* ... */)->find(2);
        var_dump($role->hasRole('ROLE_USER', $userWithoutRole)); // false
        
        // ... 
    }
}

You can also check role in a Twig template (even if it's not a best practice) :

{{ has_role('ROLE_USER') ]} # Check role for current user
{{ has_role('ROLE_USER', other_user) ]}

License

This library is published under MIT license