0 user Sign-in to change your status

This new security system is database-based and has no security dependencies.

• Download package

Developers

License

'''IT'S FREE'''

Releases for sf 1.0

Join this plugin team

Other releases

Release 0.0.2 - 31/10/2007

Release 0.0.1 - 31/10/2007

sfDbBasedSecurityPlugin

This plugin overrides the security implemented in Symfony. It is database-based. The idea is to create groups and associate possible actions to that groups. Then, you relate the groups to application users.

Requirements

This plugin requires the sfUIPlugin.

Installation

1. Install the plugin

   symfony plugin-install http://plugins.symfony-project.com/sfDbBasedSecurityPlugin

2. In the app.yml file, put the following lines

   all: new_sec: is_secure: on class: User id: id text: last_name order_by: last_name

is_secure turns on/off the sfDbBasedSecurityPlugin class the class used as the app user id the id field text the text name fields (for listing the users) order_by how to order the user list

1. To make the links more readable, you can put these routing rules in routing.yml (optional)

   URL's for sfDbBasedSecurityPlugin

   list_groups: url: /groups param: { module: sfNewSecurityGroups, action: index }

   list_permissions: url: /permissions param: { module: sfNewSecurityPermissions, action: index }

   show_group: url: /group/show/:id param: { module: sfNewSecurityGroups, action: show }

   create_group: url: /group/create param: { module: sfNewSecurityGroups, action: create }

   new_group: url: /group/new param: { module: sfNewSecurityGroups, action: new }

   edit_group: url: /group/edit/:id param: { module: sfNewSecurityGroups, action: edit }

   edit_permission: url: /permission/edit/:id param: { module: sfNewSecurityPermissions, action: edit }

   update_group: url: /group/update param: { module: sfNewSecurityGroups, action: update }

   update_permission: url: /permission/updatebeing param: { module: sfNewSecurityPermissions, action: update }

   delete_group: url: /group/delete/:id param: { module: sfNewSecurityGroups, action: delete }

2. Open the settings.yml file and put the sfNewSecurityGroups and sfNewSecurityPermissions into the enabled modules parameter

   all: .settings: enabled_modules: sfNewSecurityGroups, sfNewSecurityPermissions

3. Turn off the symfony default security in the security file (apps/myapp/config/security.yml).

   default: is_secure: off

4. Run the symfony propel-build-all command

5. Clear the cache (symfony cc)

Usage

Be sure you turned off the symfony default security. The plugin creates two modules: sfNewSecurityGroups and sfNewSecurityPermissions. If you are using the optional routing rules, the modules are groups and permissions. Basically, you have two steps: 1. Create a Group Go to sfNewSecurityGroups (or groups) and create a group. There are three fields to enter: group name, group description and group actions. group name and group description are self explained. group actions lists all your modules and actions (even those in the actionNameAction.class.php format) and you can choose what actions this group can access. 2. Relate Groups to Users Go to sfNewSecurityPermissions (or permissions and do the relations between groups and users. The user will only have access to the actions of the group. A user can be part of several groups.

Todo

• Rename entire plugin modules
• Paginate the permissions list
• The user class can have more than one field as id
• Implement the superuser
• Make fixtures for superuser