trejjam/authorization

授权,认证,访问控制列表(ACL)

维护者

详细信息

github.com/Trejjam/Authorization

源代码

问题

安装: 859

依赖项: 0

建议者: 0

安全: 0

星标: 0

关注者: 3

分支: 0

开放问题: 0

v0.10.1 2015-09-26 23:07 UTC

Requires

Requires (Dev)

Suggests

MIT 6fb3c1d5b6d974e50534acab3a9eaf559c9e295f

  • Jan Trejbal

authorizationAuthenticationnetteacl

This package is auto-updated.

Last update: 2024-09-05 18:38:48 UTC

README

Latest stable

用于

  • 授权
  • 角色
  • 资源
在 [Nette](http://nette.org) 中使用数据库

安装

安装 Trejjam/Authorization 的最佳方法是使用 Composer

$ composer require trejjam/authorization

配置

.neon

extensions:
	authorization: Trejjam\Authorization\DI\AuthorizationExtension

authorization:
	tables:
		users:
			table	 : users__users
			id	    : id #column name
			status    : 
				accept : enable 
				options:
					enable
					disable
			activated : 
				accept: yes    
				options:
					yes
					no
			username  : 
				match  : '/^[a-zA-Z_]+$/' #email is special value (validate by Nette\Utils\Validators:isEmail)
				length : 60
			items:
				- id
				- status
				- activated
				- username
				- password
				dateCreated: date_created
		roles:
			table    : users__roles
			id       : id #column name
			parentId : parent_id #column name, foreign key to role.id
			roleName : name #column name
			info     : info #column name, value FALSE disable usage        
		userRoles:
			table  : users__user_role
			id     : id #column name
			userId : user_id #column name, foreign key to users.id
			roleId : role_id #column name, foreign key to roles.id
		resource : 
			table          : users__resources
			id             : id #column name
			roleId         : role_id #column name, foreign key to role.id
			resourceName   : name #column name
			resourceAction : action #column name, default ALL
	reloadChangedUser: true
	cache : 
		use     : true
		name    : authorization
		timeout : 10 minutes    
	debugger:false #not implemented yet
	
services:
	- Browser

配置

配置的最佳方法是使用 Kdyby/Console

$ composer require kdyby/console

阅读如何安装 Kdyby/Console

php index.php

安装成功后显示

Available commands:
Auth
	Auth:install    Install default tables
	Auth:resource   Edit resource
	Auth:role       Edit role
	Auth:user       Edit user
	help            Displays help for a command
	list            Lists commands

配置数据库

创建默认表

php index.php Auth:install

配置角色

添加角色

php index.php Auth:role -c [-r] roleName [parentRole [info]]

将角色移动到其他父角色

php index.php Auth:role -m [-r] roleName [parentRole]

删除角色:选项 -f 删除所有子角色及其资源

php index.php Auth:role -d [-f] roleName

列出所有角色

php index.php Auth:role -r

配置资源

添加资源

php index.php Auth:resource -c [-r] resourceName[:resourceAction] parentRole

将资源移动到其他角色

php index.php Auth:resource -m [-r] resourceName[:resourceAction] parentRole

删除资源

php index.php Auth:resource -d resourceName[:resourceAction]

列出所有资源

php index.php Auth:resource -r

配置用户

添加用户

php index.php Auth:user -c username password

更改密码

php index.php Auth:user -p username password

设置用户状态

php index.php Auth:user -s status username

默认状态值 [启用|禁用]

设置用户激活状态

php index.php Auth:user -a activated username

默认激活值 [是|否]

显示用户角色

php index.php Auth:user -r username

添加用户角色

php index.php Auth:user [-r] -t roleName username

移除用户角色

php index.php Auth:user [-r] -d roleName username

用法

演示者

	/**
	* @var \Trejjam\Authorization\Acl @inject
	*/
	public $acl;
	/**
	* @var \Trejjam\Authorization\UserManager @inject
	*/
	public $userManager;
	/**
	* @var \Trejjam\Authorization\UserRequest @inject
	*/
	public $userRequest;
	
	function renderDefault() {
		dump($this->acl->getTrees()->getRootRoles()); //get all roles without parent
		dump($this->acl->getTrees()->getRoles()); //get all roles
		dump($this->acl->getTrees()->getResources()); //get all resource
		
		$this->acl->createRole($name, $parent, $info);
		$this->acl->deleteRole($name);
		$this->acl->moveRole($name, $parent);
		
		dump($this->acl->getRoleByName($roleName)); //return AclRole with "name"
	
		$this->acl->createResource($name, $action, $roleName);
        $this->acl->deleteResource($name, $action);
        $this->acl->moveResource($name, $action, $roleName);
        
        dump($this->acl->getResourceById($id)); //return AclResource
        
        dump($this->acl->getUserRoles($userId)); //return AclRole[] 
        $this->acl->addUserRole($userId, $roleName);
        $this->acl->removeUserRole($userId, $roleName);
        
        //--------------userManager--------------
        
        $this->userManager->add($username, $password);
        $this->userManager->changePassword($username, $password, $type = "username"); //$type could be username|id
        $this->userManager->setUpdated($username, $type = "username"); //next user request user session will be reload (if "reloadChangedUser: true")
        $this->userManager->setStatus($username, $status, $type = "username"); //$status could be enable|disable - if user with disable status try login, login function return exception
        $this->userManager->setActivated($username, $activated = NULL, $type = "username"); //$activated could be yes|no - if user with 'no' activated try login, login function return exception
        dump($this->userManager->getUserId($username)); //return id of user
        $this->userManager->getUserInfo($username, $type = "auto"); //return all information about user except password
        $this->userManager->getUsersList(); //return getUserInfo[] for all users
        
        //--------------userRequest--------------
        
        dump($this->userRequest->generateHash($userId, $type)); //return hash for public usage, $type could be activate|lostPassword 
        dump($this->userRequest->getType($userId, $hash, $invalidateHash = FALSE)); //return TRUE - hash was used|$type|FALSE - user hasn't this hash, $invalidateHash=TRUE - disable future hash usage
	}