Configuring Access Control

Overview of configuration options for the Nette Security.

You can define a list of users in the configuration to create a simple authenticator (Nette\Security\SimpleAuthenticator). Because passwords are readable in the configuration, this solution is for testing purposes only.

security:
	# shows user panel in Tracy Bar?
	debugger: ...  # (bool) defaults to true

	users:
		# name: password
		johndoe: secret123

		# name, password, role and other data available in the identity
		janedoe:
			password: secret123
			roles: [admin]
			data: ...

You can also define roles and resources to create a basis for authorizer (Nette\Security\Permission):

security:
	roles:
		guest:
		registered: [guest]  # registered inherits from guest
		admin: [registered]  # and admin inherits from registered

	resources:
		article:
		comment: [article]   # resource inherits from article
		poll:
version: 4.0 3.x 2.x