1. Go to this page and download the library: Download carrooi/security library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
carrooi / security example snippets
namespace App\Model;
use Carrooi\Security\Authorization\IResourceAuthorizator;
use Carrooi\Security\User\User;
/**
* @author David Kudera
*/
class Books implements IResourceAuthorizator
{
/**
* @return array
*/
public function getActions()
{
return [
'view', 'add', 'edit', 'delete',
];
}
/**
* @param \Carrooi\Security\User\User $user
* @param string $action
* @param mixed $data
* @return bool
*/
public function isAllowed(User $user, $action, $data = null)
{
if ($action === 'view') {
return true;
}
if ($action === 'add' && $user->isLoggedIn()) {
return true;
}
if (in_array($action, ['edit', 'delete']) && $user->isInRole('admin')) {
return true;
}
return false;
}
}
namespace App\Presenters;
use Nette\Application\BadRequestException;
use Nette\Application\ForbiddenRequestException;
/**
* @author David Kudera
*/
class BooksPresenter extends BasePresenter
{
// ...
/**
* @param int $id
* @throws \Nette\Application\BadRequestException
* @throws \Nette\Application\ForbiddenRequestException
*/
public function actionEdit($id)
{
$this->book = $this->books->findOneById($id);
if (!$this->book) {
throw new BadRequestException;
}
if (!$this->getUser()->isAllowed($this->book, 'edit')) {
throw new ForbiddenRequestException;
}
}
}
// ...
class Books implements IResourceAuthorizator
{
// ...
public function isAllowed(User $user, $action, $data = null)
{
// ...
if (
in_array($action, ['edit', 'delete']) &&
$data instanceof Book &&
(
$user->isInRole('admin') ||
$data->getAuthor()->getId() === $user->getId()
)
) {
return true;
}
return false;
}
}
class Books implements IResourceAuthorizator
{
public function isAllowed(User $user, $action, $data = null)
{
return false;
}
public function isEditAllowed(User $user, $data = null)
{
return true;
}
}
class BasePresenter extends Nette\Application\UI\Presenter
{
use Carrooi\Security\Authorization\TPresenterAuthorization;
public function checkRequirements($element)
{
if ($element instanceof Nette\Reflection\Method) {
if (!$this->checkMethodRequirements($element)) {
throw new Nette\Application\ForbiddenRequestException;
}
}
}
}
class BookPresenter extends BasePresenter
{
/**
* @resource(book)
* @action(view)
*/
public function actionDefault()
{
}
}
class BasePresenter extends Nette\Application\UI\Presenter
{
use Carrooi\Security\Authorization\TPresenterAuthorization;
public function checkRequirements($element)
{
// ...
}
protected function createComponent($name)
{
$this->checkComponentRequirements($name);
return parent::createComponent($name);
}
}
class BookPresenter extends BasePresenter
{
/**
* @action(edit)
*/
protected function createComponentEditForm()
{
}
/**
* @action(default, detail)
*/
protected function createComponentFavoriteButton()
{
}
/**
* @action(*)
*/
protected function createComponentReadLaterButton()
{
}
}
namespace App\DI;
use Carrooi\Security\DI\ITargetResourcesProvider;
use Nette\DI\CompilerExtension;
/**
* @author David Kudera
*/
class AppExtension extends CompilerExtension implements ITargetResourcesProvider
{
/**
* @return array
*/
public function getTargetResources()
{
return [
'App\Model\Book' => 'book',
];
}
}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.