casbin/casbin-client

PHP client for Casbin Server.

v0.1 2018-11-14 15:39 UTC

This package is auto-updated.

Last update: 2022-09-24 15:30:07 UTC


README

Latest Stable Version Total Downloads License Gitter

Casbin-client is PHP's client for Casbin-Server. Casbin-Server is the Access Control as a Service (ACaaS) solution based on Casbin.

Prerequisites

  • php 5.5 or above, 7.0 or above
  • gRPC PHP extension

This guide gets you started with gRPC in PHP with a simple working example:gRPC in PHP.

Installation

composer require casbin/casbin-client

Examples

Client

require_once './vendor/autoload.php';

use Proto\CasbinClient;
use Proto\NewEnforcerRequest;
use Proto\NewAdapterRequest;
use Proto\EnforceRequest;

$client = new CasbinClient('localhost:50051', [
    'credentials' => Grpc\ChannelCredentials::createInsecure(),
]);

AdapterRequest

$newAdapterRequest = new NewAdapterRequest();
$newAdapterRequest->setDriverName('file');
$newAdapterRequest->setConnectString('path/to/rbac_policy.csv');

list($newAdapterReply, $status) = $client->NewAdapter($newAdapterRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}
	
$adapterHandle = $newAdapterReply->getHandler();

EnforcerRequest

$newEnforcerRequest = new NewEnforcerRequest();
$newEnforcerRequest->setModelText(<<<EOT
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
EOT
        );
$newEnforcerRequest->setAdapterHandle($adapterHandle);

list($newEnforcerReply, $status) = $client->NewEnforcer($newEnforcerRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}

EnforceRequest

$enforceRequest = new EnforceRequest();
$enforceRequest->setEnforcerHandler($newEnforcerReply->getHandler());
$enforceRequest->setParams(['alice', 'data1', 'read']);

list($enforceReply, $status) = $client->Enforce($enforceRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}

if ($enforceReply->getRes()) {
    // permit alice to read data1
} else {
    // deny the request, show an error
}

License

This project is under Apache 2.0 License. See the LICENSE file for the full license text.