/slim-acl

ACL middleware for slim, using Zend\Permissions\Acl

Primary LanguagePHPMIT LicenseMIT

slim-acl

ACL middleware for slim, using Zend\Permissions\Acl

Coverage Status Code Climate Build Status

Configuration passed into the middleware constructor should look like:

[
    'default_role' => 'guest',
    'roles' => [
        'guest' => [],
        'user'  => ['guest'],
        'admin' => ['user']
    ],
    /*
     * just a list of generic resources for manual checking
     * specified here so can be used in the code if needs be
     */
     'resources' => [
         'banana' => null,
         'orange' => null,
     ],
    // where we specify the guarding!
    'guards' => [
        /*
         * list of resource to roles to permissions
         * optional
         * if included all resources default to deny unless specified.
         */
        'resources' => [
            ['banana', ['user'], ['peel']],
            ['banana', ['admin']],
            ['orange', ['guest'], ['peel']],
            ['orange', ['user'], ['eat']],
        ],
        /*
         * list of literal routes for guarding.
         * optional
         * if included all routes default to deny unless specified.
         * Similar format to resource 'resource' route, roles, 'permission' action
         * ['route', ['roles'], ['methods',' methods1']]
         */
        'routes' => [
            ['/home',       ['user'],  ['get']],
            ['/user',       ['admin'], ['get', 'post']], // $app->map(['POST', 'PUT'], '/user', ...);
            ['/user/{id}',  ['user'],  ['get']], // $app->map(['GET'], '/user/{id}', ...);
        ],
        /*
         * list of callables to resolve against
         * optional
         * if included all callables default to deny unless specified.
         * 'permission' section is combined into the callable section
         * ['callable', ['roles']]
         */
        'callables' => [
            ['App\Controller\UserController',           ['user']], // $app->map(['GET'], '/user',      'App\Controller\UserController'); class with __invoke
            ['App\Controller\UserController:getAction', ['user']], // $app->map(['GET'], '/user/{id}', 'App\Controller\UserController:getAction'); class and method
        ]
    ]
]

Important: The route should be determined before the app middlewares are being fired by:

$app = new Slim\App([
    'settings'  => [
        'determineRouteBeforeAppMiddleware' => true,
    ]
]);