xillion/授权

PHP的Xillion授权策略框架

维护者

详细信息

github.com/xillion-project/authorization

主页

源代码

问题

安装: 11

依赖: 0

建议者: 0

安全: 0

星标: 3

关注者: 3

分支: 0

公开问题: 0

v1.0.0 2016-01-29 09:01 UTC

Requires

Requires (Dev)

MIT 1e0ffd546634e3fe431edd892380ff2986188781

  • Joost Faassen <j.faassen.woop@linkorb.com>

authorizationsecurityPolicyxrnarn

This package is auto-updated.

Last update: 2024-08-25 22:11:55 UTC

README

什么是Xillion授权?

Xillion授权是基于亚马逊IAM和资源策略的授权策略框架。

它允许进行去中心化、高度灵活的安全访问控制。

这是一个正在进行中的项目。请参阅test/以获取使用示例。

使用示例

use Xillion\Core\Resource;
use Xillion\Authorization\Action;
use Xillion\Authorization\PolicySerializer\JsonPolicySerializer;
use Xillion\Authorization\PolicyLoader\JsonPolicyLoader;


// The authorization context keeps track of policies, and can perform authorization checks
$context = new Context();

// What action is going to be performed?
$action = new Action('s3', 'ListBucket');

// Who is going to perform the action?
$identity = new Identity('AWS', 'xrn:aws:iam::AWS-account-ID:user/bob');

// What resource is the action going to be performed on?
$resource = new Resource('xrn:aws:s3:eu-west-1:12345:some-bucket');


// Load policies from a file
$loader = new JsonPolicyLoader();
$policy = $loader->load(__DIR__ . '/resource-policy1.json');

// Add the loaded policy to the context
$context->addResourcePolicy($resource, $policy);

// Check if the identity is allowed to perform the action on the resource
if ($context->isAllowed($identity, $resource, $action))) {
    echo "Action is allowed on this resource by this identity";
} else {
    echo "Action is denied on this resource by this identity";
}

许可证

MIT (请参阅LICENSE)

由LinkORB工程团队提供


请访问我们的其他项目:linkorb.com/engineering.

顺便说一下,我们正在招聘!