sil/route-security-bundle
Composer 安装命令:
composer require sil/route-security-bundle
包简介
Provide a way to secure accesses to all routes of an symfony application.
README 文档
README
SilRouteSecurityBundle
This bundle provide a way to secure accesses to all routes of your application and adapt the view according to the logged user.
Principle
- The bundle generate roles for all configured routes.
- The bundle listen the
kernel.requestevent and retrieve the requested route. - If the route is configure to be secured, the bundle check if the current user has the appropriate role. If not, an AccessDeniedException from Symfony security component is throw. You will see above how to modify this behaviour.
For all routes configured in access control, the user must be authenticated and implement the UserInterface of Symfony security component.
Installation
Composer
composer require sil/route-security-bundle
Register the bundle
<?php // app/AppKernel.php public function registerBundles() { $bundles = array( // ... new Sil\RouteSecurityBundle\SilRouteSecurityBundle(), // ... ); }
Add routes configuration
Routes are only required if you want to use the Javascript part of this bundle.
# app/config/routes/sil_route_security.yaml sil_route_security: resource: "@SilRouteSecurityBundle/Resources/config/routing.yaml"
Configuration
You can configure the bundle under the sil_route_security key.
Options
Enable access control
By default, the access control is disable.
sil_route_security: enable_access_control: true
List of secured routes
You can define a list of secured routes :
sil_route_security: secured_routes: [app_user_list, app_user_add]
Secured routes format
In addition or instead of secured routes list, you can define a regex format to configure a set of routes to be secured :
sil_route_security: secured_routes_format: "/^app_/"
List of ignored routes
You can define a list of ignored routes :
sil_route_security: ignored_routes: [app_home, app_login, app_logout]
Ignored routes format
In addition or instead of ignored routes list, you can define a regex format to configure a set of routes to be not secured :
sil_route_security: ignored_routes_format: "/^app_[a-z]*_api/"`
Naming strategy
By default, to generate a role for route, the bundle convert the route name to ROLE_.strtoupper($route_name). If you want a different format, you can make your hown converter. Just create a service that implement the NamingStrategyInterface and configure the bundle option with your service identifier.
sil_route_security: naming_strategy: my_own_route_to_role_converter
Roles provider
All generated roles is accessible through the sil_route_security.roles_provider service.
<?php // Controller ... $rolesProvider = $this->get('sil_route_security.roles_provider'); $generatedRoles = $rolesProvider->getRoles(); ...
For exemple, you can inject this service into your UserFormType to configure the associates roles to an user.
Adapt template view
The bundle expose :
- Twig functions that allow you to generate view according to the roles of user.
- Javascript object that allow you to generate view according to the roles of user.
Twig
hasUserAccessToRoute
- Check if the user has access to the given route
- Exemple :
{% if hasUserAccessToRoute(app.user, 'app_user_add') %}
<a href="{{ path('app_user_add') }}">Add user</a>
{% endif %}
hasUserAccessAtLeastOneRoute
- Check if the user has access at least to one route
- Exemple :
{% if hasUserAccessAtLeastOneRoute(app.user, ['app_user_add', 'app_user_edit']) %}
<span class="dropdown-title">User management</span>
<ul class="dropdown-item">
{% if hasUserAccessToRoute(app.user, 'app_user_add') %}
<li>
<a href="{{ path('app_user_add') }}">Add user</a>
</li>
{% endif %}
{% if hasUserAccessToRoute(app.user, 'app_user_edit') %}
<li>
<a href="{{ path('app_user_edit') }}">Edit user</a>
</li>
{% endif %}
</ul>
{% endif %}
hasUserAccessToRoutes
- Check if the user has access to all given routes
- Exemple :
{% if hasUserAccessToRoutes(app.user, ['app_user_add', 'app_user_edit']) %}
<a href="{{ path('app_user_add') }}">Add user</a>
<a href="{{ path('app_user_edit') }}">Edit user</a>
{% endif %}
Javascript
Installation
To load it globally, add the following line to your template:
<script type="text/javascript" src="{{ asset('bundles/silroutesecurity/js/sil_route_security.min.js') }}"></script> <script src="{{ path('sil_route_security.export_js_secured_routes') }}"></script>
Usage
if (SilRouteSecurity.hasUserAccessToRoute('name_of_route')) { console.log('Current authenticated user has access to route') } if (SilRouteSecurity.hasUserAccessToRoutes(['name_of_route_1', 'name_of_route_2'])) { console.log('Current authenticated user has access to all routes') } if (SilRouteSecurity.hasUserAccessAtLeastOneRoute(['name_of_route_1', 'name_of_route_2'])) { console.log('Current authenticated user has access to one of this routes') }
Access denied behavior
When user access to secured route and does not have the right, an AccessDeniedException is throw. The framework will convert it to a 403 response.
Just before that, the event AccessDeniedToRouteEvent is dispatch.
You can listen it and implement your hown behaviour, logging the action for exemple, return a custom response, redirect, whatever...
sil/route-security-bundle 适用场景与选型建议
sil/route-security-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 8.83k 次下载、GitHub Stars 达 7, 最近一次更新时间为 2017 年 04 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「symfony」 「route」 「security」 「bundle」 「access」 「control」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 sil/route-security-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 sil/route-security-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 sil/route-security-bundle 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
The bundle for easy using json-rpc api on your project
Write down your routing mapping at one place
A Laravel-like router for the WordPress Rewrite API
It's a barebone security class written on PHP
A Laravel helper to detect if the current route/path is active.
Bundle Symfony DaplosBundle
统计信息
- 总下载量: 8.83k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 7
- 点击次数: 4
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2017-04-12