search
Ctrlk
githubEdit

Symfony Architecture

hashtag
Bundles

Chamilo 2.0 is structured into three Symfony bundles:

hashtag
CoreBundle (src/CoreBundle/)

The largest bundle, handling all platform-wide concerns:

  • Users and authentication — User entity, roles, JWT tokens, OAuth2 providers

  • Resource system — ResourceNode and ResourceFile (the unified content abstraction)

  • Platform settings — settings schemas in src/CoreBundle/Settings/ covering every configurable aspect

  • Administration — Admin controllers for user, course, session, and plugin management

  • AI providers — Factory pattern for OpenAI, Gemini, Mistral, DeepSeek, Grok

  • File storage — Flysystem-based storage adapters (local, S3, Azure, GCS)

  • Security — Voters, access control, role hierarchy

  • Tools — course tool definitions registered through the tool system

hashtag
CourseBundle (src/CourseBundle/)

Everything specific to course content:

  • Content entities — 101 entities for documents, exercises, learning paths, forums, glossaries, surveys, attendance, blogs, assignments, and more

  • Course copy — Import/export with Common Cartridge 1.3 and Moodle format support

  • Course settings — Course-level setting schemas

hashtag
LtiBundle (src/LtiBundle/)

LTI 1.3 standard implementation:

  • Platform and tool registration — Manage external tool connections

  • Launch handling — LTI launch flow controllers

  • Grade passback — Return grades from external tools to Chamilo

hashtag
Service Container

Chamilo uses Symfony's dependency injection container. Services are configured in:

  • config/services.yaml — Global service definitions

  • Each bundle's DependencyInjection/ directory — Bundle-specific services

hashtag
Security Architecture

The security system is configured in config/packages/security.yaml:

  • Password hashing — Supports bcrypt (default), with migration from legacy SHA1 and MD5

  • Role hierarchy — 18 roles organized hierarchically (ROLE_GLOBAL_ADMIN > ROLE_ADMIN > ROLE_TEACHER > ROLE_STUDENT > ROLE_USER; additional roles include ROLE_HR, ROLE_INVITEE, ROLE_STUDENT_BOSS, ROLE_SESSION_MANAGER, ROLE_QUESTION_MANAGER)

  • Context-sensitive roles — Course-level roles (ROLE_CURRENT_COURSE_TEACHER, ROLE_CURRENT_COURSE_STUDENT) are computed per-request based on enrollment

  • Firewall — JWT authentication for API, session-based for web interface

  • Voters — Resource-level access control through Symfony voters

hashtag
Legacy Code

Some features still use legacy PHP code in public/main/:

  • Exercise rendering and interaction

  • Learning path player

  • Some admin tools

These are progressively being migrated to the Symfony+Vue architecture. Legacy pages are served through a compatibility layer that bootstraps the Symfony kernel.

PreviousBackendNextEntities and Doctrine

Last updated

Was this helpful?