symnedi/security
最新稳定版本:v0.3.0
Composer 安装命令:
composer require symnedi/security
包简介
Voters and Firewall features from Symfony\Security integration to Nette.
README 文档
README
Install
composer require symnedi/security
Register the extension:
# app/config/config.neon extensions: - Symnedi\Security\DI\SecurityExtension - Symnedi\EventDispatcher\DI\EventDispatcherExtension
Usage
Voters
First, read Symfony cookbook
Then create new voter implementing Symfony\Component\Security\Core\Authorization\Voter\VoterInterface
and register it as service in config.neon:
services: - App\SomeModule\Security\Voter\MyVoter
Then in place, where we need to validate access, we'll just use AuthorizationChecker:
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; class Presenter { /** * @var AuthorizationCheckerInterface */ private $authorizationChecker; public function __construct(AuthorizationCheckerInterface $authorizationChecker) { $this->authorizationChecker = $authorizationChecker; } /** * @param PresenterComponentReflection $element */ public function checkRequirements($element) { if ($this->authorizationChecker->isGranted('access', $element) === FALSE) { throw new ForbiddenRequestException; } } }
Firewalls
Original Symfony firewalls pretty simplified and with modular support by default.
All we need to create is a matcher and a listener.
Request Matcher
This service will match all sites in admin module - urls starting with /admin:
use Symfony\Component\HttpFoundation\Request; use Symnedi\Security\Contract\HttpFoundation\RequestMatcherInterface; class AdminRequestMatcher implements RequestMatcherInterface { /** * {@inheritdoc} */ public function getFirewallName() { return 'adminSecurity'; } /** * {@inheritdoc} */ public function matches(Request $request) { $url = $request->getPathInfo(); return strpos($url, '/admin') === 0; } }
Firewall Listener
It will ensure that user is logged in and has 'admin' role, otherwise redirect.
use Nette\Application\AbortException; use Nette\Application\Application; use Nette\Application\Request; use Nette\Security\User; use Symnedi\Security\Contract\Http\FirewallListenerInterface; class LoggedAdminFirewallListener implements FirewallListenerInterface { /** * @var User */ private $user; public function __construct(User $user) { $this->user = $user; } /** * {@inheritdoc} */ public function getFirewallName() { return 'adminSecurity'; } /** * {@inheritdoc} */ public function handle(Application $application, Request $applicationRequest) { if ( ! $this->user->isLoggedIn()) { throw new AbortException; } if ( ! $this->user->isInRole('admin')) { throw new AbortException; } } }
Then we register both services.
services: - AdminRequestMatcher - LoggedAdminFirewallListener
That's it!
Testing
composer check-cs # see "scripts" section of composer.json for more details
vendor/bin/phpunit
Contributing
Rules are simple:
- new feature needs tests
- all tests must pass
- 1 feature per PR
We would be happy to merge your feature then!
symnedi/security 适用场景与选型建议
symnedi/security 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 5.45k 次下载、GitHub Stars 达 8, 最近一次更新时间为 2015 年 05 月 18 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 symnedi/security 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 symnedi/security 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 5.45k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 8
- 点击次数: 16
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2015-05-18