zunnu/enforcer

Enforcer is a simple lightweight acl plugin for CakePHP

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 1

Forks: 0

Open Issues: 0

Type:cakephp-plugin

1.3 2021-10-24 13:59 UTC

This package is auto-updated.

Last update: 2021-11-24 14:11:45 UTC


README

Enforcer is a simple lightweight acl plugin for CakePHP 3.x

Requirements

  • CakePHP 3.x
  • PHP 7.2 >

Installing Using Composer

cd to the root of your app folder (where the composer.json file is) and run the following command:

composer require zunnu/enforcer

Then load the plugin by using CakePHP's console:

./bin/cake plugin load Enforcer

Next create the tables:

./bin/cake migrations migrate -p Enforcer

Usage

You will need to modify your src/Controller/AppController.php and load the Enforcer component in the initialize() function

$this->loadComponent('Enforcer.Enforcer', [
    'unauthorizedRedirect' => [
        'plugin' => false,
        'controller' => 'Users',
        'action' => 'login',
        'prefix' => false
    ],
    'protectionMode' => 'everything' // everything | filters
]);

The unauthorizedRedirect will tell Enforcer where to redirect if the user has permission error. The protectionMode will tell Enforcer how to handle permissions.

protectionModes README
everything Enforcer will automaticly try to protect all public controller function
filters Enforcer will protect the controllers where the protection is called from the beforeFilter()

If the protectionMode filters is enabled you need to add the

public function beforeFilter(Event $event) {
    parent::beforeFilter($event);
    
    // permission load
    return $this->Enforcer->hasAccess($this->request, $this->Auth->user());
}

Permissions

The migrations will create tree different groups. You can add, modify or delete groups by going to http://app-address/enforcer/admin/groups/index

Groups README
admin All powerfull
user Default user group
guest Site visitors

The default admin group should be able to access the permissions page. You should be able to access the page using this url http://app-url/enforcer/admin/permissions Enforcer permissions
Enforcer permissions

If the request is ajax the permission error will look like this: Enforcer permissions

Todos

  • User specific permissions
  • Groupped controllers. Like the user only has access to billing

License

Licensed under The MIT License.