legalthings / permission-matcher
A permission matcher for PHP
Requires
- php: >=5.6.0
- ext-pcre: *
Requires (Dev)
- legalthings/php-code-quality: ^0.1.2
This package is auto-updated.
Last update: 2024-12-11 20:34:19 UTC
README
With the permission matcher library, you can check whether a user is allowed to have access to specific resources. Specifying resources and access control levels is up to the client of the library.
Requirements
- PHP >= 5.6.0
Required PHP extensions are marked by composer
Installation
The library can be installed using composer.
composer require legalthings/permission-matcher
How it works
The library exposes one function with which you can get a list of privileges for matching authz groups.
Authz groups can be anything you want, in the example below resource URIs are used, but you could also use a string of any format.
In the example we have a user that has certain permissions attached to him. We can then ask the PermissionMatcher
class to extract the permissions of the users for a given authz group.
Note that you can use wildcards *
. You can also invert a permission by placing a !
in front of the authz group.
$matcher = new PermissionMatcher(); $permissionsThatSomeUserHas = [ '/organizations/0001' => ['full-access'], '/organizations/0002?list=all' => 'list', '/organizations/0003/*/foo' => ['read', 'write'] ]; echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0001']); // outputs ['full-access'] echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0001', '/organizations/0003/random/foo']); // outputs ['full-access', 'read', 'write'] echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0002']); // outputs [] echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/0002?list=all']); // outputs ['list'] echo $matcher->match($permissionsThatSomeUserHas, ['/organizations/*']); // outputs ['full-access', 'read', 'write']