francerz/access-manager

A PSR-15 based Access Manager handler.

v0.1.3 2024-05-16 17:18 UTC

This package is auto-updated.

Last update: 2024-10-16 18:07:56 UTC


README

The francerz\access-manager library provides a PSR-15 middleware class that manages access control to routes based on granted permissions.

Installation

You can install the library via Composer. Run the following command:

composer require francerz/access-manager

Usage

Using Slim Framework

  1. Create an UserGrantsProviderInterface implementation to retrieve current user grants.

    use Francerz\AccessManager\UserGrantsProviderInterface;
    
    class CurrentUserGrantsProvider implements UserGrantsProviderInterface
    {
        public function getUserGrants(): string
        {
            // Returns the current user grants.
            return $_SESSION['user_grants'];
        }
    }
  2. Configure the access middleware in your Slim\App routing:

    use Francerz\AccessManager\AccessMiddleware;
    use Slim\Routing\RouteCollectorProxy;
    
    $app = new \Slim\App();
    
    // A PSR-17 ResponseFactory implemenation
    $responseFactory = new \GuzzleHttp\Psr7\HttpFactory();
    
    $userPermissionProvider = new CurrentUserGrantsProvider();
    $accessMiddleware = new AccessMiddleware($userPermissionProvider, $responseFactory);
    
    $app->get('[/]', [HomeController::class, 'indexGet'])
        ->addMiddleware($accessMiddleware->allow('user'));
    
    $app->group('/admin', function(RouteCollectorProxy $route) {
        // Restricted admin routes.
        $route->get('[/]', [AdminController::class, 'indexGet']);
    })->addMiddleware($accessMiddleware->allow('admin'));

Permission Syntax

The allow method accept a permission string with a syntax similar to boolean logic:

  • Use space to separate individual permissions; each space acts as an AND operator.
  • Use character | to represent an OR operator, e.g., 'read | write'.

License

This library is licensed under the MIT License. see the LICENSE file for details.