This library provides RBAC (Role-Based Access Control) library. It is used in Yii Framework but is supposed to be usable separately.
composer require yiisoft/rbac
$manager = new Manager($storage, new ClassNameRuleFactory());
In the directory config will contain permissions and rules.
$manager->addPermission(new Permission('createPost'));
$manager->addPermission(new Permission('readPost'));
$manager->addPermission(new Permission('deletePost'));
After executing this code, this configuration will be saved in ../config/items.php
$manager->addRule(new Role('author'));
$manager->addRule(new Role('reader'));
$manager->addChild(
$manager->getRole('reader'),
$manager->getPermission('readPost')
);
$manager->addChild(
$manager->getRole('author'),
$manager->getPermission('createPost')
);
$manager->addChild(
$manager->getRole('author'),
$manager->getRole('reader')
);
$manager->assign($manager->getRole('author'), 100);
After executing this code, this configuration will be saved in ../config/assignments.php
if ($manager->userHasPermission(100, 'createPost')) {
echo 'author has permission createPost';
}
$manager->addRule(new ActionRule());
$manager->addPermission(
(new Permission('viewList'))->withRuleName('action_rule')
);
The role will also support the rules.
class ActionRule extends Rule
{
public function __construct()
{
parent::__construct('action_rule');
}
public function execute(string $userId, Item $item, array $parameters = []): bool
{
return isset($parameters['action']) && $parameters['action'] === 'home';
}
}
if (!$manager->userHasPermission(103, 'viewList', ['action' => 'home'])) {
echo 'reader not has permission index';
}
Storage | Description |
---|---|
PhpStorage | PHP file storage |