Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message

Relay Authorization Bundle Laravel Package

dbp/relay-authorization-bundle

View on GitHub
Deep Wiki
Context7

Configuration

For this create config/packages/dbp_relay_authorization.yaml in the app.

If you were using the DBP API Server Template as template for your Symfony application, then the configuration file should have already been generated for you.

For more info on bundle configuration see https://symfony.com/doc/current/bundles/configuration.html.

Here is the content of an example config file:

    dbp_relay_authorization:
      database_url: 'mysql://%env(AUTHORIZATION_DATABASE_USER)%:%env(AUTHORIZATION_DATABASE_PASSWORD)%@%env(AUTHORIZATION_DATABASE_HOST)%:%env(AUTHORIZATION_DATABASE_PORT)%/%env(AUTHORIZATION_DATABASE_DBNAME)%?serverVersion=mariadb-10.3.30'
      create_groups_policy: 'user.get("ROLE_ADMIN")'
      resource_classes:
        - identifier: VendorMyAppMyResource
          manage_resource_collection_policy: 'user.get("ROLE_GROUP_CREATOR")'
      dynamic_groups:
          -  # user whose user attribute 'ROLE_ADMIN' evaluates to true are member of 'admins'
          - identifier: resourceFooWriters
            is_user_group_member: 'user.get("ROLE_ADMIN") || user.get("ROLE_WRITER")'

database_url (required)

The bundle has one required setting database_url that you can specify in your app, either by hardcoding it, or by referencing environment variables.

  database_url: 'mysql://db:secret@mariadb:3306/db?serverVersion=mariadb-10.3.30'
  # database_url: 'mysql://%env(AUTHORIZATION_DATABASE_USER)%:%env(AUTHORIZATION_DATABASE_PASSWORD)%@%env(AUTHORIZATION_DATABASE_HOST)%:%env(AUTHORIZATION_DATABASE_PORT)%/%env(AUTHORIZATION_DATABASE_DBNAME)%?serverVersion=mariadb-10.3.30'

create_groups_policy (optional)

To define who is initially allowed to create new groups you need to define the create_groups_policy, which is condition in the form of a Symfony expression. Read the chapter on Access Control Policies to learn how to write policies.

resource_classes (optional)

Like for groups, you can define policies on who is initially allowed to manage a resource collection. This entails the rights to

  • create new resource instances (i.e. POST to resource collection)
  • issue resource collection grants to other users/groups

Read the chapter on Access Control Policies to learn how to write policies.

  • identifier is the fully qualified resource class name you are using to register and query a resource
  • manage_resource_collection_policy is the condition which the logged-in user must fulfill in order to have 'manage' permissions on the resource collection

dynamic_groups (optional)

See Dynamic Groups and Access Control Policies for information on how to write policies.

  • identifier is the fully qualified resource class name you are using to register and query a resource
  • is_user_group_member is the condition which the logged-in user must fulfill in order to be member of the dynamic group
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
yandex/translate-api
voku/simple_html_dom
league/flysystem-vfs
bkwld/upchuck
filament/spatie-laravel-tags-plugin
capell-app/block-library
axium/identity
cetria/laravel-dummy-models
cetria/reflection-helper
agropredict/sso-auth-bundle
evolvestudio/spam-protection
datacore/hub-sdk
develia/commons
cuci/prototurk-sdk
cuci/prototurk-sdk-symfony
develia/geo-bundle
dreamzy/livewire-charts
touchestate-sdk/php-sdk
22h/doctrine-garbage-collection-bundle
agtp/agtp-php