alsbury/chiphpotle-rest

Library to interact SpiceDB REST API

Maintainers

Details

github.com/alsbury/chiphpotle-rest

Source

Issues

Installs: 1 763

Dependents: 0

Suggesters: 0

Security: 0

Stars: 7

Watchers: 3

Forks: 0

Open Issues: 0

v0.7.0 2024-04-19 18:28 UTC

Requires

Requires (Dev)

MIT caaf8576dbb48a41ca7471ff8b563fd675f6d5e9

  • David Alsbury <david.woop@alsbury.com>
  • Michael O'Connell <wundbread.woop@gmail.com>

phprestapisdkopenapiSpiceDB

This package is auto-updated.

Last update: 2024-04-19 18:32:32 UTC

README

PHP REST API Client for SpiceDB

SpiceDB is a database for creating and managing security-critical application permissions. Chiphpotle is a PHP client for their rest API. For more information, please visit https://github.com/authzed/api.

Requirements

Supports PHP 8.1 and newer, and supports SpiceDB 1.30 and above.

Installation with Composer

composer require alsbury/chiphpotle-rest

Getting Started

Initialize Client

<?php
require_once(__DIR__ . '/vendor/autoload.php');

$apiClient = Client::create('http://spicedb:8443/', 'mysecret');

$request = new CheckPermissionRequest(
    SubjectReference::create('user', 'bob'),
    'view',
    ObjectReference::create('document', 'topsecret1'),
);
try {
    $response = $apiClient->checkPermission($request);
    if ($response->getPermissionship() == Permissionship::HAS_PERMISSION) {
        echo 'You may Pass!'
    }
} catch (Exception $e) {
    echo 'Exception when calling PermissionsServiceApi->permissionsServiceCheckPermission: ', $e->getMessage(), PHP_EOL;
}

Experimental APIs

Included in the client are three experimental APIs. Though SpiceDB advertised these APIs im 1.25 and earlier, they did not work in the http gateway. This had been fixed, in versions 1.26 and above. In SpiceDB 1.30 the check bulk permissions graduated and the experimental api was deprecated.

Tests

copy .env.dist to .env and adjust the BASE_URL and API_KEY. Spicedb must be running on the url specified, we recommend running using the serve-testing mode.

To run the tests, start use:

composer install
spicedb serve-testing --http-enabled
vendor/bin/phpunit

Code Generation

This client was created by starting with an auto-generated client from the open-api json schema provided by spicedb using jane-openapi.

Once SpiceDB is running, you can regenerate all the classes and client to pick up any new spicedb apis by running:

vendor/bin/jane-openapi generate

This generates the client in a generated directory which then can be cleaned up and moved over to the src directory. To get a good start run PHP CS Fixer to format things more consistently.

vendor/bin/php-cs-fixer fix