README

Cheka: 基于 Route 的 ACL，适用于 Aura\Route 和 Radar\Adr

安装

composer install jnjxp/cheka

使用

Jnjxp\Cheka\Config 将在 Aura\Router\RouterContainer 上调用 setRouteFactory() 以使用 Jnjxp\Cheka\Route\RadarRoute。

它还将服务 jnjxp/cheka:acl 设置为 Zend\Permissions\Acl\Acl 的实例，并将其传递给 Jnjxp\Cheka\AuthorizedRule。

Jnjxp\Cheka\AuthorizedRule 将附加到 Aura\Router\Rule\RuleIterator。

$adr = $boot->adr(
    //...,
    Jnjxp\Cheka\Config::class,
    MyConfig::class
);

您需要配置您的 Acl。 Jnjxp\Cheka\Acl\Config 可能会提供帮助。

use Jnjxp\Cheka\Acl\Config as AclConfig;
use Zend\Permissions\Acl\Acl;

class MyConfig extends AclConfig
{
    protected $resources = ['resource'];
    protected $roles = ['guest', 'user'];

    protected function init(Acl $acl)
    {
        foreach ($this->resources as $resource) {
            $acl->addResource($resource);
        }

        foreach ($this->roles as $role) {
            $acl->addRole($role);
        }

        $acl->allow('guest', 'resource', 'read');
        $acl->allow('user', 'resource');
    }
}

在定义路由时，您可以指定一个 '资源' 和一个 '权限'。

$adr->get('Action\Resource\Read', '/resource/{id}', Resource\Service\Read::class)
    ->resource('resource')
    ->privilege('read');

$adr->patch('Action\Resource\Edit', '/resource/{id}', Resource\Service\Edit::class)
    ->resource('resource')
    ->privilege('edit');

// note, under the hood these values are only stored in the `extras` property
// The following has the same effect, assuming you have not changed the keys
// under which these values are stored.

$adr->patch('Action\Resource\Edit', '/resource/{id}', Resource\Service\Edit::class)
    ->extras(['resource' => 'resource', 'privilege' => 'edit']);

您还需要将 RoleHandler 添加到中间件堆栈中。此外，此功能旨在与 Aura\Auth 一起使用，因此您可能需要如下所示的内容

$adr->middle(Vperyod\AuthHandler\AuthHandler::class);
// By default, the RoleHandler assumes there's an Aura\Auth object available in
// the request, so add the AuthHandler first, or modify it.
$adr->middle(Jnjxp\Cheka\RoleHandler::class);