README

该库提供了一种灵活的方式来向 CakePHP 3.x 添加基于角色的访问控制管理

灵感来源于 Laravel Permission

快速示例

//Creats a role
$role = Role::create('editor');
 
//Givs a permission to the role
$role->givePermission('edit article');

//Adds the role to the user 
$user->assignRole($role); 
// You can also give it directly by its name
$user->assignRole('editor');

//Checks whether the user has the permission
var_dump($user->hasPermission('edit article')) //output "true"

安装

1. 通过 composer 安装

composer require slince/cakephp-permission

1. 在 config/bootstrap.php 中加载插件

// Load the plugin.
Plugin::load('Slince/CakePermission');

1. 将以下配置添加到您的 app.php

'Permission' => [

    'tableNameMap' => [
        /**
         * Your users table, remember to modify it
         */
        'users' => 'your users table name',

        /**
         * Your roles table;If you want to use the default configuration. you don't need to change.
         */
        //'roles' => 'roles',

        /**
         * Your permissions table;If you want to use the default configuration. you don't need to change.
         */
        //'permissions' => 'permissions',

        /**
         * The join table between users and roles;If you want to use the default configuration. you don't need to change.
         */
        //'users_roles' => 'users_roles',

        /**
         * The join table between roles and permissions;If you want to use the default configuration. you don't need to change.
         */
        //'roles_permissions' => 'roles_permissions',
    ],

    'tableClassMap' => [
        /**
         * The Users model class, remember to modify it
         */
        'Users' => App\Model\Table\YourUsersTable::class,

        /**
         * The Roles model class;If you want to use the default configuration. you don't need to change.
         */
        //'Roles' => Slince\CakePermission\Model\Table\RolesTable::class,

        /**
         * The Permissions model class;If you want to use the default configuration. you don't need to change.
         */
        //'Permissions' => Slince\CakePermission\Model\Table\PermissionsTable::class
    ]
]

1. 生成权限迁移

./cake permission_migrate

如果正常，现在运行迁移命令

./cake migrations migrate

使用方法

模型

打开您的 User 实体，使用 UserTrait 如此

namespace App\Model\Entity;

use Cake\ORM\Entity;
use Slince\CakePermission\Model\Entity\UserTrait;

class User extends Entity
{
    use UserTrait; //Use trait provied by CakePermission

    protected $_accessible = [
        '*' => true,
        'id' => false
    ];
    
    // ...
}

打开您的 UsersTable，使用 UserTableTrait 如此

namespace App\Model\Table;

use Cake\ORM\Table;
use Slince\CakePermission\Model\Table\UsersTableTrait;

class UsersTable extends Table
{
    use UsersTableTrait;  // Use `UsersTableTrait`

    public function initialize(array $config)
    {
        parent::initialize($config);

        $this->setTable('users');
        $this->setDisplayField('id');
        $this->setPrimaryKey('id');

        $this->buildPermissionRelationship(); // Creats the relationship
    }
    
    // ...
}

使用权限

使用 PermissionTrait::create 或 PermissionTrait::findOrCreate 创建权限

$addPermission = Permission::findOrCreate('add article');

$editPermission = Permission::create('edit article');

使用角色和权限

使用 RoleTrait::create 或 RoleTrait::findOrCreate 在数据库中创建角色

$role = Role::create('editor');

//You can also use the following method. 
$role = Role::findOrCreate('editor');

将权限分配给角色；您必须确认该权限存在。

$role->givePermission($addPermission);
$role->givePermission($editPermission);

//You can also directly give them by thier name
$role->givePermission('add article');
$role->givePermission('edit article');

//You can also give multiple permissions at once
$role->givePermission(['add article', 'edit article']);

获取角色的所有权限

$role->getAllPermissions();

检查角色是否有执行某事的权限

$role->hasPermission('edit article'); //true

$role->hasPermission(['edit artic;e', 'add article']); //true

$role->hasPermission(['edit article', 'drop article']); // false

$role->hasAnyPermission('edit article', 'drop article'); // true

移除权限

$role->revokePermission($addPermission);
 
//Or by its name
$role->revokePermission('add article'); 

//Revokes all permissions
$role->revokeAllPermissions();

用户的角色和权限

将角色添加到用户

$user->assignRole($role);

$user->assignRole('editor');

//You can also assign multiple roles at once
$user->assignRole(['editor', 'other role']);

获取用户的所有角色

$user->getAllRoles();

获取用户的所有权限

$user->getAllPermissions();

检查用户是否有执行某事的权限

$user->hasPermission('edit article'); //true

$user->hasPermission(['edit artic;e', 'add article']); //true

$user->hasPermission(['edit article', 'drop article']); // false

$user->hasAnyPermission('edit article', 'drop article'); // true

移除用户的角色

$user->removeRole('editor');

//Or removes all roles of the user
$user->removeAllRoles(); 

扩展

您可以扩展所有现有的实体或表。不要忘记修改您的 app.php 中的默认配置。

要求

• CakePHP >=3.4
• PHP 5.5.9+

授权协议

MIT 协议。请参阅 MIT