legalthings/permission-matcher

A permission matcher for PHP

0.1 2017-01-13 14:18 UTC

This package is auto-updated.

Last update: 2024-12-11 20:34:19 UTC


README

With the permission matcher library, you can check whether a user is allowed to have access to specific resources. Specifying resources and access control levels is up to the client of the library.

Requirements

Required PHP extensions are marked by composer

Installation

The library can be installed using composer.

composer require legalthings/permission-matcher

How it works

The library exposes one function with which you can get a list of privileges for matching authz groups. Authz groups can be anything you want, in the example below resource URIs are used, but you could also use a string of any format. In the example we have a user that has certain permissions attached to him. We can then ask the PermissionMatcher class to extract the permissions of the users for a given authz group. Note that you can use wildcards *. You can also invert a permission by placing a ! in front of the authz group.

$matcher = new PermissionMatcher();

$permissionsThatSomeUserHas = [
    '/organizations/0001' => ['full-access'],
    '/organizations/0002?list=all' => 'list',
    '/organizations/0003/*/foo' => ['read', 'write']
];

echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0001']);
// outputs ['full-access']

echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0001', '/organizations/0003/random/foo']);
// outputs ['full-access', 'read', 'write']

echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0002']);
// outputs []

echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0002?list=all']);
// outputs ['list']

echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/*']);
// outputs ['full-access', 'read', 'write']