README

PHP 的简单 ACL 控制

安装

composer require paliari/php-acl

使用方法

您可以为命名空间、控制器甚至特定的方法设置权限

$user_permissions = [
    'customers' => [
        'products' => [
            'index' => true,
            'show' => true
        ],
        'services' => true
    ],
    'admin' => true
];
$acl = new Paliari\PhpAcl\Acl($user_permissions);


// With permission
$callable = 'Customers\\Products:index';
$response = $acl->allowed(Paliari\PhpAcl\AclOperator::keys($callable));
var_export($response); // true


// Without permission
$callable = 'Customers\\Products:destroy';
$response = $acl->allowed(Paliari\PhpAcl\AclOperator::keys($callable));
var_export($response); // false

作为 Slim 框架中的中间件使用

<?php

namespace Middlewares;

use Slim\Http\Response,
    Slim\Http\Request,
    Paliari\PhpAcl\Acl,
    Paliari\PhpAcl\AclOperator;

class AclMiddleware
{
    public function __invoke(Request $request, Response $response, $next)
    {
        // Set the "route" and "user" in a previous middleware
        
        $route = $request->getAttribute('route');
        $callable = $route->getCallable();
        $user = $request->getAttribute('user');
        $acl = new Acl($user->permissions);
        if (!$acl->allowed(AclOperator::keys($callable))) {
            return $response->withJson(['error' => 'Permission denied'], 403);
        }

        return $next($request, $response);
    }
}

定义白名单以跳过特定方法的 acl 检查

$user_permissions = [
    'customers' => [
        'products' => [
            'show' => true
        ],
    ],
];
$acl = new Paliari\PhpAcl\Acl($user_permissions);

$callable = 'Customers\\Products:index';
\Paliari\PhpAcl\AclWhiteList::setKey($callable, true);
$response = \Paliari\PhpAcl\AclWhiteList::isSkip($callable) || $acl->allowed(Paliari\PhpAcl\AclOperator::keys($callable));
var_export($response); // true