Coder Social home page Coder Social logo

lambelcebur-rbac's Introduction

lambelcebur-rbac

Extended RBAC with Doctrine ORM

See

Installation

Installation of this module uses composer. For composer documentation, please refer to getcomposer.org.

composer require lambelcebur/rbac

Then add LamBelcebur\Rbac to your config/application.config.php.

Default Config

<?php
use Laminas\Http\PhpEnvironment\Response;use LamBelcebur\Rbac\Module;use LamBelcebur\Rbac\Resource\RbacManager;return [
    Module::CONFIG_KEY => [
        'access_filter' => [
            'options' => [
                'mode' => 'restrictive', // permissive
                'filter_identity' => static function ($identity) {
                    return $identity; // Customize your identity to compare with config
                },
            ],
        ],
        'assertions' => [
            // YOUR_CUSTOM_ASSERTION_CLASS,
            // YOUR_OTHER_CUSTOM_ASSERTION_CLASS,
        ],
        'redirect' => [
            RbacManager::AUTH_REQUIRED => [
                'name' => '',
                'params' => [],
                'options' => [],
                'http_status_code' => Response::STATUS_CODE_302,
            ],
            RbacManager::ACCESS_DENIED => [
                'name' => '',
                'params' => [],
                'options' => [],
                'http_status_code' => Response::STATUS_CODE_303,
            ],
        ],
    ],
];
?>

Config

Default Const

<?php
    use LamBelcebur\Rbac\Module;Module::RBAC_PUBLIC_ACCESS = [
        'actions' => '*',
        'allow' => '*',
        'methods' => '*',
    ];


    Module::RBAC_LOGGED_IN_ACCESS = [
        'actions' => '*',
        'allow' => '@',
        'methods' => '*',
    ];
?>

Examples

<?php
use Application\Controller\ApiController;use Application\Controller\DashboardController;use Application\Controller\IndexController;use Application\Controller\PublicController;use LamBelcebur\Rbac\Module;return [
    Module::CONFIG_KEY => [
        'access_filter' => [
            'options' => [
                'mode' => 'restrictive' // restrictive o permissive
            ],
            'controllers' => [
                IndexController::class => [
                    // Allow anyone to visit "index" and "about" actions
                    ['actions' => ['index', 'about'], 'allow' => '*'], // ONLY GET method
                    // Allow authorized users to visit "settings" action
                    ['actions' => ['settings'], 'allow' => '@', 'methods'=>'*'], // All methods
                    // Allow authorized users to visit "settings" action
                    Module::RBAC_PUBLIC_ACCESS, // Other Public access
                ],
                DashboardController::class => [
                    Module::RBAC_LOGGED_IN_ACCESS,
                ],
                PublicController::class => [
                    Module::RBAC_PUBLIC_ACCESS,
                ],
                // \Laminas\Mvc\Controller\AbstractRestfulController
                ApiController::class => [  
                    ['actions' => null, 'methods' => ['GET','DELETE','POST'], 'allow' => '@'],
                    ['actions' => null, 'methods' => ['PUT'], 'allow' => [
                        '@' =>[1,2,3,4,5], // Users 1,2,3,4,5 
                        '+' =>['a','b'] // Roles a and b 
                    ]],
                ],
            ]
        ],
    ]
];
?>

Entities

  • LamBelcebur\Rbac\Entity\Permission
  • LamBelcebur\Rbac\Entity\Role

Entity Traits

Use with your User Entity

  • LamBelcebur\Rbac\EntityTrait\UserRole

ViewHelper

<?php 
/** @var Access $access */
use LamBelcebur\Rbac\View\Helper\Access;$access=$this->access();
if (!$access('profile.own.view', ['user'=>$user])) {
    return $this->redirect()->toRoute('not-authorized');
}
?>

PluginController

<?php 
/** @var AccessPlugin $access */
use LamBelcebur\Rbac\Controller\Plugin\AccessPlugin;$access=$this->access();
if (!$access('profile.own.view', ['user'=>$user])) {
    return $this->redirect()->toRoute('not-authorized');
}  
?>

lambelcebur-rbac's People

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.