How to use the security bundle of Symfony in my SaaS ERP?
In my SaaS ERP, there are takeaways below:
- Both the User and Role modules are compliant with the core infrastructure, supporting editing, listing and viewing.
- A user can have more than one roles. At the same time, a role can be assigned to more than one user.
- The permissions of a user depends on all roles assigned to him. The common permissions accross all roles determine the user's actual authorization.
- When determining whether a user has a permission, a simple funtion can be invoked.
Key points of Security Bundle:
-
User Entity
You can create your own User class instead of doctrine class. However, I have to say that using doctrine bundle is an easier way. -
User Provider
If your User class comes from Doctrine entity, UserProvider will be created by Symfony and it is unnecessary to create by yourself. -
Firewall
The firewall decides whether a resource can be accessed or not. The Firewall is configured in Security.yaml.
Steps:
-
Create User class implementing UserInterface and PasswordAuthenticatedUserInterface
-
Create UserProvider implementing UserProviderInterface
Tips:
If your User class comes from Doctrine entity, UserProvider will be created by Symfony and it is unnecessary to create by yourself.
浙公网安备 33010602011771号