bearsunday / acl-resource
1.x-dev
2018-01-22 04:57 UTC
Requires
- php: >=7.0.0
- bear/resource: ^1.9
- ray/role-module: ^0.1.0
Requires (Dev)
- bear/qatools: ^1.4.7
This package is auto-updated.
Last update: 2024-12-07 07:23:33 UTC
README
An ACL embedded resources module for BEAR.Sunday
This module embeds the app resource corresponding to the ACL in the specified page resource.
Whereas the @Embedded
annotation hard-codes and embeds app resources, this module embeds resources based on configuration.
You can change the resource tree of page without changing the source code.
Install
Composer install
$ composer require bearsunday/acl-resource 1.x-dev
Module install
use Ray\Di\AbstractModule; use Ray\TestDouble\TestDoubleModule; use Ray\RoleModule\RoleProviderInterface; class DevRoleProvider implements RoleProviderInterface { // provide role public function get() { return 'guest'; } } class AppModule extends AbstractModule { protected function configure() { // configure ACL $acl = new Acl(); $roleGuest = new Role('guest'); $acl->addRole($roleGuest); $acl->addRole(new Role('owner'), $roleGuest); $acl->addResource(new Resource('app://self/entries')); $acl->addResource(new Resource('app://self/users')); $acl->addResource(new Resource('app://self/comments')); $acl->allow('guest', ['app://self/entries', 'app://self/comments']); $acl->allow('admin', 'app://self/friends'); // configure embedded resource list $resources = [ 'page://self//blog' => [ 'app://self/entries', 'app://self/comments', 'app://self/friends' ], 'page://self//admin/setting' => [ 'app://self/user{?id}', 'app://self/freinds?user_id={id}' ] ]; // define provider $roleProviderClass = DevRoleProvider::class; // install module $this->install(new AclResourceModule($acl, $resources, $roleProviderClass)); } }
$acl
has an ACL (access control list) of Zend\Permaissions\Acl Specify.addResource
all the URI path of theapp
resources available for$acl
and specify an app resource that is accessible / impossible to the role with theallow()
/disallow()
method.$resources
is a list of which app resources can be embedded by each page resource.$roleProviderClass
specifies the class name to return the current user's role (eg from login status). You need to implementRoleProviderInterface
.
In the example above, when accessing the /blog
page with guest
authority, request objects of app://self/entries
and app://self/comments
are set to $body['entries']
, $body['comments]
.