crisu83/overseer

框架无关的RBAC实现

维护者

详细信息

github.com/crisu83/overseer

源代码

问题

安装次数: 47,909

依赖者: 1

建议者: 0

安全性: 0

星标: 18

关注者: 4

分支: 5

开放问题: 1

0.4.3 2018-05-24 23:37 UTC

Requires (Dev)

MIT 0d31b444c0954344b85e3721da67d3787694819a

  • Christoffer Niska <christofferniska.woop@gmail.com>

This package is auto-updated.

Last update: 2024-08-29 03:41:58 UTC

README

Overseer是一个PHP中的框架无关的RBAC实现。

Overseer与其他实现有何不同?

Overseer使用PHP OOP最佳实践进行开发,并符合PHP-FIG标准。它不仅框架无关,而且存储无关,允许您与您喜欢的库一起使用。

特性

  • 角色继承
  • 权限业务规则
  • 基于资源的权限
  • 可配置

开发中

  • 单元测试
  • 重构
  • README

用法

Overseer附带一个适用于非生产使用的运行时存储实现。如果您计划在生产中使用Overseer,我们建议您实现持久存储和缓存以改进性能。

示例

以下脚本演示了用法(您可以在示例文件夹中找到其余代码)

<?php

require(__DIR__ . '/../vendor/autoload.php');

require(__DIR__ . '/User.php');
require(__DIR__ . '/HasAuthor.php');
require(__DIR__ . '/Book.php');
require(__DIR__ . '/AuthorRule.php');

use Crisu83\Overseer\Entity\Assignment;
use Crisu83\Overseer\Entity\Permission;
use Crisu83\Overseer\Entity\Role;
use Crisu83\Overseer\Overseer;
use Crisu83\Overseer\Runtime\AssignmentStorage;
use Crisu83\Overseer\Runtime\PermissionStorage;
use Crisu83\Overseer\Runtime\RoleStorage;

$roleStorage       = new RoleStorage;
$permissionStorage = new PermissionStorage;
$assignmentStorage = new AssignmentStorage;

$overseer = new Overseer($roleStorage, $permissionStorage, $assignmentStorage);

$myUser = new User(1); // subject
$myBook = new Book(1); // resource

$writer = new Role('writer');
$editor = new Role('editor');

$write  = new Permission('book.write', 'book');
$author = new Permission('book.author', 'book');
$read   = new Permission('book.read', 'book');

$author->addRule(new AuthorRule);

$writer->addPermission('book.write');
$writer->addPermission('book.author');
$editor->addPermission('book.read');

$overseer->saveRole($writer);
$overseer->saveRole($editor);

$overseer->savePermission($read);
$overseer->savePermission($write);
$overseer->savePermission($author);

$overseer->saveAssignment(new Assignment(1, ['writer', 'editor']));

echo "My permissions: " . PHP_EOL;
echo "  " . implode(', ', $overseer->getPermissions($myUser)) . PHP_EOL;

echo "My permissions to the book: " . PHP_EOL;
echo "  " . implode(', ', $overseer->getPermissions($myUser, $myBook)) . PHP_EOL;

if ($overseer->hasPermission('book.author', $myUser, $myBook)) {
    echo "I am the author of the book." . PHP_EOL;
} else {
    echo "I am not the author of the book" . PHP_EOL;
}

以下是该脚本的输出

My permissions:
  book.read, book.write
My permissions to the book:
  book.read, book.write, book.author
I am the author of the book.