phalcon / incubator-acl
Phalcon Incubator Access Control List
Fund package maintenance!
phalcon
Open Collective
Requires
- php: >=7.2
- ext-phalcon: ^4.0
Requires (Dev)
- codeception/codeception: ^4.1
- codeception/module-asserts: ^1.0.0
- mongodb/mongodb: ^1.6
- phalcon/ide-stubs: ^4.0
- phpstan/phpstan: ^0.12.18
- squizlabs/php_codesniffer: 3.5.1
- vimeo/psalm: ^4.1
This package is auto-updated.
Last update: 2024-11-30 00:50:58 UTC
README
Usage examples of the adapters available here:
Database
This adapter uses a database to store the ACL list:
use Phalcon\Incubator\Acl\Adapter\Database as AclDb; use Phalcon\Db\Adapter\Pdo\Sqlite; $connection = new Sqlite( [ 'dbname' => 'sample.db', ] ); $acl = AclDb( [ 'db' => $connection, 'roles' => 'roles', 'rolesInherits' => 'roles_inherits', 'resources' => 'resources', 'resourcesAccesses' => 'resources_accesses', 'accessList' => 'access_list', ] );
This adapter uses the following table to store the data:
CREATE TABLE `roles` ( `name` VARCHAR(32) NOT NULL, `description` TEXT, PRIMARY KEY(`name`) ); CREATE TABLE `access_list` ( `roles_name` VARCHAR(32) NOT NULL, `resources_name` VARCHAR(32) NOT NULL, `access_name` VARCHAR(32) NOT NULL, `allowed` INT(3) NOT NULL, PRIMARY KEY(`roles_name`, `resources_name`, `access_name`) ); CREATE TABLE `resources` ( `name` VARCHAR(32) NOT NULL, `description` TEXT, PRIMARY KEY(`name`) ); CREATE TABLE `resources_accesses` ( `resources_name` VARCHAR(32) NOT NULL, `access_name` VARCHAR(32) NOT NULL, PRIMARY KEY(`resources_name`, `access_name`) ); CREATE TABLE `roles_inherits` ( `roles_name` VARCHAR(32) NOT NULL, `roles_inherit` VARCHAR(32) NOT NULL, PRIMARY KEY(roles_name, roles_inherit) );
Using the cache adapter:
// By default the action is deny access $acl->setDefaultAction( \Phalcon\Acl\Enum::DENY ); // You can add roles/resources/accesses to list or insert them directly in the tables // Add roles $acl->addRole( new \Phalcon\Acl\Role('Admins') ); // Create the resource with its accesses $acl->addResource( 'Products', [ 'insert', 'update', 'delete', ] ); // Allow Admins to insert products $acl->allow('Admin', 'Products', 'insert'); // Do Admins are allowed to insert Products? var_dump( $acl->isAllowed('Admins', 'Products', 'update') );
MongoDB
TODO
Redis
TODO