README

Yii Access

This package provides an interface for checking if certain user has certain permission. Optional parameters could be passed for fine-grained access checks. Additionally, DenyAll and AllowAll implementations are available out of the box.

Requirements

• PHP 7.4 or higher.

Installation

The package could be installed with composer:

composer require yiisoft/access --prefer-dist

General usage

An access checker such as RBAC implements the interface. A user identity may use it then for checking access:

namespace App;

use Yiisoft\Access\AccessCheckerInterface;

class UserService
{
    private AccessCheckerInterface $accessChecker;
    
    public function __construct(AccessCheckerInterface $accessChecker)
    {
        $this->accessChecker = $accessChecker;
    }
    
    public function can(string $permissionName, array $parameters = []): bool
    {
        return $this->accessChecker->userHasPermission(
            $this
                ->getCurrentUser()
                ->getId(),
            $permissionName,
            $parameters
        );
    }
    
    public function getCurrentUser(): User
    {
        // ...
    }
}

In the handler it may look like the following:

public function actionList(UserService $userService)
{
    if (!$userService->can('list_posts')) {
        // access denied
    }

    // list posts
}

Testing

Unit testing

The package is tested with PHPUnit. To run tests:

./vendor/bin/phpunit

Mutation testing

The package tests are checked with Infection mutation framework with Infection Static Analysis Plugin. To run it:

./vendor/bin/roave-infection-static-analysis-plugin

Static analysis

The code is statically analyzed with Psalm. To run static analysis:

./vendor/bin/psalm

License

The Yii Access is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.

Support the project

Follow updates