README

Casbin-client是PHP对Casbin-Server的客户端。Casbin-Server是基于Casbin的Access Control as a Service (ACaaS)解决方案。

先决条件

• php 5.5或更高版本，7.0或更高版本
• gRPC PHP扩展

本指南将使用一个简单的示例使您开始使用PHP中的gRPC：PHP中的gRPC。

安装

composer require casbin/casbin-client

示例

客户端

require_once './vendor/autoload.php';

use Proto\CasbinClient;
use Proto\NewEnforcerRequest;
use Proto\NewAdapterRequest;
use Proto\EnforceRequest;

$client = new CasbinClient('localhost:50051', [
    'credentials' => Grpc\ChannelCredentials::createInsecure(),
]);

AdapterRequest

$newAdapterRequest = new NewAdapterRequest();
$newAdapterRequest->setDriverName('file');
$newAdapterRequest->setConnectString('path/to/rbac_policy.csv');

list($newAdapterReply, $status) = $client->NewAdapter($newAdapterRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}
	
$adapterHandle = $newAdapterReply->getHandler();

EnforcerRequest

$newEnforcerRequest = new NewEnforcerRequest();
$newEnforcerRequest->setModelText(<<<EOT
[request_definition]
r = sub, obj, act

[policy_definition]
p = sub, obj, act

[role_definition]
g = _, _

[policy_effect]
e = some(where (p.eft == allow))

[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
EOT
        );
$newEnforcerRequest->setAdapterHandle($adapterHandle);

list($newEnforcerReply, $status) = $client->NewEnforcer($newEnforcerRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}

EnforceRequest

$enforceRequest = new EnforceRequest();
$enforceRequest->setEnforcerHandler($newEnforcerReply->getHandler());
$enforceRequest->setParams(['alice', 'data1', 'read']);

list($enforceReply, $status) = $client->Enforce($enforceRequest)->wait();

if (0 !== $status->code) {
    throw new \Exception($status->details, $status->code);
}

if ($enforceReply->getRes()) {
    // permit alice to read data1
} else {
    // deny the request, show an error
}

许可证

本项目受Apache 2.0许可证保护。有关完整许可证文本，请参阅LICENSE文件。