francerz / access-manager
A PSR-15 based Access Manager handler.
v0.1.3
2024-05-16 17:18 UTC
Requires
- fig/http-message-util: ^1.0
- psr/http-factory: ^1.0
- psr/http-server-middleware: ^1.0
Requires (Dev)
- francerz/http: ^0.3 || ^0.4
- phpunit/phpunit: ^9.6
This package is auto-updated.
Last update: 2024-10-16 18:07:56 UTC
README
The francerz\access-manager
library provides a PSR-15 middleware class that
manages access control to routes based on granted permissions.
Installation
You can install the library via Composer. Run the following command:
composer require francerz/access-manager
Usage
Using Slim Framework
-
Create an
UserGrantsProviderInterface
implementation to retrieve current user grants.use Francerz\AccessManager\UserGrantsProviderInterface; class CurrentUserGrantsProvider implements UserGrantsProviderInterface { public function getUserGrants(): string { // Returns the current user grants. return $_SESSION['user_grants']; } }
-
Configure the access middleware in your Slim\App routing:
use Francerz\AccessManager\AccessMiddleware; use Slim\Routing\RouteCollectorProxy; $app = new \Slim\App(); // A PSR-17 ResponseFactory implemenation $responseFactory = new \GuzzleHttp\Psr7\HttpFactory(); $userPermissionProvider = new CurrentUserGrantsProvider(); $accessMiddleware = new AccessMiddleware($userPermissionProvider, $responseFactory); $app->get('[/]', [HomeController::class, 'indexGet']) ->addMiddleware($accessMiddleware->allow('user')); $app->group('/admin', function(RouteCollectorProxy $route) { // Restricted admin routes. $route->get('[/]', [AdminController::class, 'indexGet']); })->addMiddleware($accessMiddleware->allow('admin'));
Permission Syntax
The allow
method accept a permission string with a syntax similar to boolean
logic:
- Use space to separate individual permissions; each space acts as an
AND
operator. - Use character
|
to represent anOR
operator, e.g.,'read | write'
.
License
This library is licensed under the MIT License. see the LICENSE file for details.