jstewmc / authorize-group
Authorize access-control-list (ACL) group
v1.0.0
2016-08-13 22:19 UTC
Requires
- php: ^7.0
Requires (Dev)
- jstewmc/test-case: ^1.0
This package is auto-updated.
Last update: 2024-10-29 04:25:37 UTC
README
Authorize a group to perform an action on a resource.
Terminology
This library uses the following terminology:
- A user is a person.
- A resource is a thing, typically a model name. By convention, resources are plural and lower-case (e.g.,
'users'
). - An action is something done to a resource, typically a CRUD operation. By convention, actions are singular, present-tense, and lower-case (e.g.,
'create'
). - A permission is the right to perform an action on a resource (e.g.,
'create'
+'users'
). - A role is a named set of permissions. By convention, roles are singular and lower-cased (e.g.,
'administrator'
) - A group is a set of users with a unique name. By convention, groups are plural and lower-case (e.g.,
'administrators'
).
Methodology
This library's methodology is rather simple:
- A user is assigned to a group.
- A group is assigned one or more roles.
- A role is granted one or more permissions.
- A permission allows an action on a resource.
While users are assigned one or more groups in the database, a group is assigned a role and a role is assigned permissions in a configuration array.
Example
Finally (haha):
use Jstewmc\AuthorizeGroup; // grant permissions to roles $roles = [ // the "administrator" role... 'administrator' => [ // for the "users" resource... 'users' => [ // has the "create" action 'create' ] ] ]; // assign roles to groups $groups = [ // the "administrators" group... 'administrators' => [ // has the "administrator" role 'administrator' ] ]; // implement a group named "administrators" $group = new class implements Group { public function getName(): string { return 'administrators'; } } // create our authorization service $authorizer = new Authorize($groups, $roles); // is the group authorized to create users? (yes) $authorizer($group, 'create', 'users'); // is the group authorized to delete users? (no) $authorizer($group, 'delete', 'users');
That's about it!
License
Author
Version
1.0.0, August 16, 2016
- Major release
- Fix
composer.json
- Cleanup a few comments
0.1.0, August 3, 2016
- Initial release