symnedi/security

Voters and Firewall features from Symfony\Security integration to Nette.

Friday, December 2, 2016
by Tomáš Votruba
Repository
3 Watchers
9 Stars
3,868 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
1 Open issues
12 Versions
1 % Grown

The README.md

Symnedi/Security

, _(*1)

Install

composer require symnedi/security

# app/config/config.neon
extensions:
    - Symnedi\Security\DI\SecurityExtension
    - Symnedi\EventDispatcher\DI\EventDispatcherExtension

Usage

Voters

First, read Symfony cookbook, _(*3)

Then create new voter implementing Symfony\Component\Security\Core\Authorization\Voter\VoterInterface and register it as service in config.neon:, _(*4)

services:
    - App\SomeModule\Security\Voter\MyVoter

Then in place, where we need to validate access, we'll just use AuthorizationChecker:, _(*5)

use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;


class Presenter
{

    /**
     * @var AuthorizationCheckerInterface
     */
    private $authorizationChecker;


    public function __construct(AuthorizationCheckerInterface $authorizationChecker)
    {
        $this->authorizationChecker = $authorizationChecker;
    }


    /**
     * @param PresenterComponentReflection $element
     */
    public function checkRequirements($element)
    {
        if ($this->authorizationChecker->isGranted('access', $element) === FALSE) {
            throw new ForbiddenRequestException;
        }
    }

}

Firewalls

Original Symfony firewalls pretty simplified and with modular support by default., _(*6)

All we need to create is a matcher and a listener., _(*7)

Request Matcher

This service will match all sites in admin module - urls starting with /admin:, _(*8)

use Symfony\Component\HttpFoundation\Request;
use Symnedi\Security\Contract\HttpFoundation\RequestMatcherInterface;


class AdminRequestMatcher implements RequestMatcherInterface
{

    /**
     * {@inheritdoc}
     */
    public function getFirewallName()
    {
        return 'adminSecurity';
    }


    /**
     * {@inheritdoc}
     */
    public function matches(Request $request)
    {
        $url = $request->getPathInfo();
        return strpos($url, '/admin') === 0;
    }

}

Firewall Listener

It will ensure that user is logged in and has 'admin' role, otherwise redirect., _(*9)

use Nette\Application\AbortException;
use Nette\Application\Application;
use Nette\Application\Request;
use Nette\Security\User;
use Symnedi\Security\Contract\Http\FirewallListenerInterface;


class LoggedAdminFirewallListener implements FirewallListenerInterface
{

    /**
     * @var User
     */
    private $user;


    public function __construct(User $user)
    {
        $this->user = $user;
    }


    /**
     * {@inheritdoc}
     */
    public function getFirewallName()
    {
        return 'adminSecurity';
    }


    /**
     * {@inheritdoc}
     */
    public function handle(Application $application, Request $applicationRequest)
    {
        if ( ! $this->user->isLoggedIn()) {
            throw new AbortException;
        }

        if ( ! $this->user->isInRole('admin')) {
            throw new AbortException;
        }
    }

}

Then we register both services., _(*10)

services:
    - AdminRequestMatcher
    - LoggedAdminFirewallListener

That's it!, _(*11)

Testing

composer check-cs # see "scripts" section of composer.json for more details 
vendor/bin/phpunit

Contributing

Rules are simple:, _(*12)

new feature needs tests
all tests must pass
1 feature per PR

We would be happy to merge your feature then!, _(*13)

The Versions

02/12 2016

dev-master

9999999-dev

Voters and Firewall features from Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

02/12 2016

v0.3.0

0.3.0.0

Voters and Firewall features from Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

30/12 2015

v0.2.1

0.2.1.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

10/10 2015

v0.2.0

0.2.0.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

05/06 2015

v0.1.6

0.1.6.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

04/06 2015

v0.1.5

0.1.5.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

04/06 2015

v0.1.4

0.1.4.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

03/06 2015

v0.1.3

0.1.3.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

01/06 2015

v0.1.2

0.1.2.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

26/05 2015

v0.1.0

0.1.0.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

26/05 2015

v0.1.1

0.1.1.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

by Tomáš Votruba

security symfony nette

19/05 2015

v0.0.1

0.0.1.0

Symfony\Security integration to Nette.

Sources Download

MIT

The Requires

The Development Requires

nette/bootstrap ~2.3

by Tomáš Votruba

security symfony nette

library security

Voters and Firewall features from Symfony\Security integration to Nette.