Download the PHP package dereuromark/cakephp-expose without Composer
On this page you can find all versions of the php package dereuromark/cakephp-expose. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download dereuromark/cakephp-expose
More information about dereuromark/cakephp-expose
Files in dereuromark/cakephp-expose
Package cakephp-expose
Short Description CakePHP Expose Plugin to expose entities through UUIDs instead of AIIDs
License MIT
Homepage https://github.com/dereuromark/cakephp-expose/
Informations about the package cakephp-expose
CakePHP Expose plugin
Exposes UUIDs as public identifiers for your entities instead of numeric AIID (Auto Increment ID) primary keys.
This branch is for use with CakePHP 5.0+. For details see version map.
Key Goals
Cloaking/Obfuscation
- True randomness, so you cannot determine order or count of records per time-frame.
Security
- Mass assignment and marshalling does not allow setting this exposed field - it are hidden by default just as the primary key.
Robustness
- Must work with also more complex queries and use cases, including the atomic
updateAll()
,deleteAll()
. - Speed should be similar to default approach.
Simplicity
- Code changes from AIID exposure to UUID lookup should be minimal for all public endpoints.
- The default shortener provided makes the UUIDs also only 22 chars long concise strings.
Why AIID and UUID as combination?
See Motivation for details.
Demo
See sandbox examples.
Installation
You can install this plugin into your CakePHP application using Composer.
The recommended way to install is:
Then load the plugin with the following command:
Usage
See Docs for details.
Quick Start for adding to existing records
Faster than the speed of light:
- Add the behavior and run
bin/cake add_exposed_field PluginName.ModelName {MigrationName}
to generate a migration for adding the field. - Execute the migration and then populate existing records using
bin/cake populate_exposed_field PluginName.ModelName
- Re-run
bin/cake add_exposed_field PluginName.ModelName {MigrationName}
to get a non-nullable field migration for your new field. - After also executing that migration all new records will automatically have their exposed field stored as well.
You are done and can now adjust your public actions to query by exposed field only and hide the primary key completely.
Using Superimpose
behavior on top of Expose
means that you actually might not even have to modify any code.
Should work out of the box.
More migration tips in Migrating section.