NEW VERSION Sylius 2 is officially here. Check the release!
https://sylius.com/blog/access-granting-in-a-sylius-way-rbac-plugin-is-finally-here/
en
https://sylius.com/fr/
fr
https://sylius.com/de/
de
https://sylius.com/pl/
pl
3 min. read
Categories: News Technical
Access granting in a Sylius’ way – RBAC plugin is finally here!
Access granting in a Sylius’ way – RBAC plugin is finally here!

Warning! Our RBAC Plugin described below has been deprecated.

We focus on developing advanced user permissions within Sylius Plus.

Hello everyone! Today I’m going to discuss one of the most crucial tasks from Sylius Roadmap which turned out to become an official open source Sylius plugin. According to our community feedback, role-based access control in the administration panel was considered one of the biggest Sylius missing features. Well, to put things straight – it’s not a missing feature anymore – here comes RBAC Plugin!

 

What is RBAC Plugin?

RBAC Plugin is the newest Sylius open source extension delivered by the Sylius Core Team. Its feature list is listed below:

  • Creating administration roles in the admin panel
  • Choosing read and write (including update) permissions for each section in the admin panel while creating a role
  • Assigning an administration role to an administrator (one-to-many relation)
  • Choosing the root administrator from the command line
  • Plugin setup command assigning No Sections Access role to all administrators except the root
  • Being able to add custom admin panel sections to the plugin’s configuration

How does it work code-wise?

Since the main plugin goal is to provide role-based access control in the administration panel, the Sylius Resource that needed to be extended wasis AdminUser. In order to make a relationship between AdminUser and AdministrationRole possible in your Sylius-based project, the plugin delivers AdministrationRoleAwareInterface and AdministrationRoleTrait – a piece of code that makes your AdminUser entity implement the required interface. Your overridden entity using the mentioned trait and implementing AdministrationRoleAwareInterface would look like this:

One would ask how does the plugin decide whether an administrator that is currently logged in should be able to access a given section or not. First of all, we’ve implemented a Symfony KernelEvent listener that checks if the requested path is prefixed with admin-related keywords. If so, depending on the request method, the plugin determines if the administrator wants to have their read or write access granted. Then, using the route name, it checks whether a currently logged administrator has the access to a given section.

 

If the KernelEvent passes all mentioned constraints, the access for operating with a given section is granted to the administrator. Otherwise, the administrator is redirected to the previously visited page and informed that the access cannot be granted.

How to get it?

I bet that it is not surprising that the plugin is free, open source and available on GitHub. However, there’s still something to add here. The RBAC Plugin delivered by the Sylius Core Team offers just a basic set of solutions for common RBAC-related problems. 

Alternatives

The team at BitBag, one of our fantastic Solution Partners, has developed a paid plugin, which takes a bit different approach to the management of the roles and permissions. It allows for hierarchical permission and roles management. We encourage to you to check it out as well. You can do so by going to their shop here.

Happy access granting!

Tags: e-commerce ecommerce news PHP plugin rbac Sylius Symfony symfony 4
Share:
More from our blog
Cloud 3 min read 17.06.2024
We are thrilled to announce that we just signed a strategic partnership with Platform.sh, and as a result, we are extending our offer with Sylius Cloud powered by Platform.sh. Platform.sh is a modern Platform-as-a-Service (PaaS) solution that allows businesses to leverage the cloud environment without losing access to the code… Read More
Technical 3 min read 11.06.2024
Abstract 1.12 released in Q4 2022 1.13 on Apr 23rd, 2024 (a year later than we anticipated while releasing 1.12) 3859 commits 23 contributors A stabilized Sylius API powered by API Platform It’s been a long and bumpy road. Having it behind our backs was a highway that led Sylius… Read More
Business Ecosystem News 3 min read 06.06.2024
Welcome to the May summary! As an open-source eCommerce framework, Sylius continues to evolve with significant contributions from our vibrant community and valuable product updates. Apart from describing the technical changes, we will also quickly summarize the Sylius Technical Fundamentals & Sylius Polish Community Meetup and eCommerce Day Kaunas, as… Read More
Comments
Subscribe to our newsletter
And be the first to know about Sylius news
Made with ♥️ in