krubio / perfect-rbac
RBAC - Role Based Access
Requires
- ext-pdo: *
- krubio/perfect-database: ^0.1.0
- nunomaduro/phpinsights: ^2.8
Requires (Dev)
- codeception/codeception: ^5.0
- codeception/module-asserts: *
- phpstan/phpstan: ^1.10
- vimeo/psalm: ^5.12
This package is auto-updated.
Last update: 2024-10-15 20:41:35 UTC
README
RBAC Authorization Service Documentation
The RBAC (Role-Based Access Control) Authorization Service provides a simple and effective way to implement role-based access control in your PHP application. This documentation will guide you on how to use the RBAC classes and their methods to perform user role authorization and permission checks.
Prerequisites
Before using the RBAC Authorization Service, make sure you have the following:
- PHP installed on your system
- PDO extension enabled (for database connectivity)
- A database with the required tables (user_roles, roles, role_permissions, and permissions) populated with relevant data
Class Overview
The RBAC Authorization Service consists of the following classes:
AuthorizationService
: Provides methods to check if a user role is authorized based on a set of allowed roles.PermissionsRepository
: Handles the retrieval of permissions for user roles from the database.UserRolesRepository
: Handles the retrieval of user roles from the database.
Getting Started
To start using the RBAC Authorization Service, follow these steps:
- Include the necessary RBAC classes in your PHP file:
use PerfectApp\RBAC\AuthorizationService; use PerfectApp\RBAC\PermissionsRepository; use PerfectApp\RBAC\UserRolesRepository;
- Create an instance of the
PDO
class with the appropriate database connection details.
$pdo = new PDO('mysql:host=localhost;dbname=your_database', 'username', 'password');
- Create instances of the
PermissionsRepository
andUserRolesRepository
classes, passing thePDO
instance to their constructors.
$permissionsRepository = new PermissionsRepository($pdo); $userRolesRepository = new UserRolesRepository($pdo);
- Create an instance of the
AuthorizationService
class, passing theUserRolesRepository
instance to its constructor.
$authorizationService = new AuthorizationService($userRolesRepository);
- You are now ready to use the RBAC Authorization Service in your application.
Checking User Role Authorization
The AuthorizationService
class provides the isUserRoleAuthorized
method to check if a user role is authorized based on a set of allowed roles.
/** * @param int $userId * @param array<mixed> $allowedRoles * @return bool */ public function isUserRoleAuthorized(int $userId, array $allowedRoles): bool
Parameters
$userId
(integer): The ID of the user whose role needs to be checked.$allowedRoles
(array): An array of allowed roles. The user's role will be compared against these roles.
Return Value
true
if the user's role matches any of the allowed roles, indicating authorization.false
if the user's role does not match any of the allowed roles or an error occurs.
Example Usage
$userId = 1; $allowedRoles = ['admin', 'editor']; if ($authorizationService->isUserRoleAuthorized($userId, $allowedRoles)) { echo "User is authorized."; } else { echo "User is not authorized."; }
Checking User Role Permissions
The PermissionsRepository
class provides the userRoleHasPermission
method to check if a user role has a specific permission.
/** * @param int $userId * @param string $requiredPermission * @return bool */ public function userRoleHasPermission(int $userId, string $requiredPermission): bool
Parameters
$userId
(integer): The ID of the user whose role's permission needs to be checked.$requiredPermission
(string): The name of the required permission.
Return Value
- `
true` if the user's role has the required permission.
false
if the user's role does not have the required permission or an error occurs.
Example Usage
$userId = 1; $requiredPermission = 'edit_post'; if ($permissionsRepository->userRoleHasPermission($userId, $requiredPermission)) { echo "User has the required permission."; } else { echo "User does not have the required permission."; }
Conclusion
You have now learned how to use the RBAC Authorization Service to perform user role authorization and permission checks in your PHP application. By following the provided instructions and examples, you can easily integrate RBAC functionality into your application to control access based on user roles and permissions.