PHP download

Download the PHP package alichry/laminas-authorization without Composer

On this page you can find all versions of the php package alichry/laminas-authorization. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download alichry/laminas-authorization
More information about alichry/laminas-authorization
Files in alichry/laminas-authorization

Vendor alichry
Package laminas-authorization
Short Description Authorization for Laminas
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of alichry/laminas-authorization

Informations about the package laminas-authorization

laminas-authorization

Out of the box, Laminas's authentication module provides interfaces and services for authenticating users and saving their identities in a session storage. This module provides an authorization service by transparently redirecting unauthorized users accessing a certain resource, with the support of defining multiple authorization links forming an authorization chain. You can configure the list of controller/method authorization statuses (policies) by creating annotations on top of your methods or setting it in the configuration.

Installation

Install using composer, run

Add the modules AliChry\Laminas\AccessControl and AliChry\Laminas\Authorization to config/modules.config.php

Prerequisites

This module is not concerned with authenticating users, rather, its only intent is to check the authorization status of the (authenticated) identity. To create an authorization link, we require:

An AuthenticationServiceInterface: You can use doctrine/doctrine-module to configure an authentication service easily.
An AccessControlListInterface: alichry/laminas-accesscontrol provides configurable services. By default, this module configures an IdentityAccessControlList instance using AnnotatedResourceManager as a dependency alongside passed identities implementing IdentityInterface.

Quick start

The fastest path to create a Laminas application with authorization support is through Doctrine ORM integration. If you're unfamiliar with Doctrine ORM, please check the doctrine project website and doctrine/doctrine-orm-module

Let your identity type class implement IdentityInterface. The methods to implement are hasPermission and hasRole, in an ORM environment where the associations are already defined, it is easy to implement such methods.
The authorization service requires an authentication service, configure Doctrine\Authentication to quickly deploy an authentication service based on your identity type.
Configure this module by defining a "global" authorization link:

The authorization service is now configured, you can define annotations on top of your methods to indicate authorization policies.

Defining method policy using annotations

On top of your controller's method or class docblock, you can define @Authorization annotations, indicating:

The target link name.
The policy: Allow, Reject, Authenticate or Authorize.
The permission: if the specified policy is Authorize, permission should also be specified.

You can define multiple annotations, each with a different link name. Additionally, you can omit the link name and it will be treated as the fallback.

Example:

Authorization Link

An Authorization Link can infer whether an (authenticated) identity is authorized to access a controller or a controller's action.

This is achieved by relying on AuthenticationService (for authentication status) and a AccessControlListInterface from alichry/laminas-accesscontrol that implies the accessibility or authorization level of a controller or a controller's method.

Eventually, an Authorization Link can imply whether an (authenticated) identity is granted access to a certain resource (controller/action) and will return the result.

Authorization Chain

An Authorization Chain is built from one or more Authorization Links which the authorization result is aggregated using a specified binary operator (OR/AND). While most applications generally utilize only one link, this is primarily related to the design.

If you are building an administrative end for your application, you may end up using a different Authentication Service, therefore additional Authorization Link and ACL. Alternatively, you may use the same Authentication Serivce and assign each identity with a user or admin role/permission (or the like...)

Redirection of unauthorized users

We perform authorization during the MVC lifecycle and prior dispatching requests for restful controllers. In Laminas MVC architecture, the target method to call for an action-based controller is retrievable prior dispatch by listening on the MVC dispatch event. For restful controllers, however, the target method cannot be retrieved prior dispatch. We provide EigenRestfulController as an ad-hoc solution. Simply extend your controller from EigenRestfulController instead of AbstractRestfulController.

During authorization, whether on the MVC-level or executed by EigenRestfulController, we redirect unauthorized requests to a configured route.

Configuration

See config.md

How to help ?

It would be nice to star this repository. It would help attract more contributors, and makes me happy to receive a star ! :)

All versions of laminas-authorization with dependencies

PHP Build Version

Package Version

Version 0.4.2 Release 26. Aug 2020
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of laminas-authorization from vendor alichry

Requires php Version ^7.2
laminas/laminas-authentication Version ^2.7
laminas/laminas-servicemanager Version ^3.4
alichry/laminas-accesscontrol Version ^1.0.0
laminas/laminas-session Version ^2.9
laminas/laminas-mvc Version 3.1.1
doctrine/annotations Version ^1.10
doctrine/common Version ^2.0
alichry/laminas-build-delegator Version ^0.1.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package alichry/laminas-authorization contains the following files

Loading the files please wait ....