casbin / hyperf-permission
An authorization library that supports access control models like ACL, RBAC, ABAC in Hyperf.
Requires
- php: >=7.2
- ext-swoole: >=4.5
- casbin/casbin: ~3.21
- hyperf/config: ~2.0.0
- hyperf/db-connection: ^2.0
This package is auto-updated.
Last update: 2024-10-28 13:35:42 UTC
README
An authorization library that supports access control models like ACL, RBAC, ABAC in Hyperf..
Installing
Require this package in the composer.json
of your Hyperf project. This will download the package.
$ composer require casbin/hyperf-permission -vvv
To publish the config, run the vendor publish command:
$ php bin/hyperf.php vendor:publish casbin/hyperf-permission
This will create a new model config file named config/autoload/casbin-rbac-model.conf
, a new permission config file named config/autoload/permission.php
and new migrate file named 2020_07_22_213202_create_rules_table.php
.
To migrate the migrations, run the migrate command:
$ php bin/hyperf.php migrate
This will create a new table named rules
.
Usage
Quick start
Once installed you can do stuff like this:
use Hyperf\Permission\Casbin; $casbin = new Casbin(); // adds permissions to a user $casbin->addPermissionForUser('eve', 'articles', 'read'); // adds a role for a user. $casbin->addRoleForUser('eve', 'writer'); // adds permissions to a rule $casbin->addPolicy('writer', 'articles', 'edit');
You can check if a user has a permission like this:
// to check if a user has permission if ($casbin->enforce('eve', 'articles', 'edit')) { // permit eve to edit articles } else { // deny the request, show an error }
Using Enforcer Api
It provides a very rich api to facilitate various operations on the Policy:
Gets all roles:
Enforcer::getAllRoles(); // ['writer', 'reader']
Gets all the authorization rules in the policy.:
Enforcer::getPolicy();
Gets the roles that a user has.
Enforcer::getRolesForUser('eve'); // ['writer']
Gets the users that has a role.
Enforcer::getUsersForRole('writer'); // ['eve']
Determines whether a user has a role.
Enforcer::hasRoleForUser('eve', 'writer'); // true or false
Adds a role for a user.
Enforcer::addRoleForUser('eve', 'writer');
Adds a permission for a user or role.
// to user Enforcer::addPermissionForUser('eve', 'articles', 'read'); // to role Enforcer::addPermissionForUser('writer', 'articles','edit');
Deletes a role for a user.
Enforcer::deleteRoleForUser('eve', 'writer');
Deletes all roles for a user.
Enforcer::deleteRolesForUser('eve');
Deletes a role.
Enforcer::deleteRole('writer');
Deletes a permission.
Enforcer::deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).
Deletes a permission for a user or role.
Enforcer::deletePermissionForUser('eve', 'articles', 'read');
Deletes permissions for a user or role.
// to user Enforcer::deletePermissionsForUser('eve'); // to role Enforcer::deletePermissionsForUser('writer');
Gets permissions for a user or role.
Enforcer::getPermissionsForUser('eve'); // return array
Determines whether a user has a permission.
Enforcer::hasPermissionForUser('eve', 'articles', 'read'); // true or false
See Casbin API for more APIs.
Contributing
You can contribute in one of three ways:
- File bug reports using the [issue tracker](https://github.com/php-casbin/hyperf-permission/issues).
- Answer questions or fix bugs on the [issue tracker](https://github.com/php-casbin/hyperf-permission/issues).
- Contribute new features or update the wiki.
The code contribution process is not very formal. You just need to make sure that you follow the PSR-0, PSR-1, and PSR-2 coding guidelines. Any new code contributions must be accompanied by unit tests where applicable.
License
Apache-2.0