1. Go to this page and download the library: Download gburtini/acl library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
gburtini / acl example snippets
class SimpleAuthenticator extends Authenticator {
private $users;
public function __construct($userpasses) {
$this->users = $userpasses;
}
public function authenticate($user, $password, $roles=null) {
if($this->users[$user] === $password)
return ['id' => $user, 'roles' => $roles]; // in reality, you want to pick/confirm roles for this user.
return false;
}
}
$acl = new ACL();
$acl->addRole("administrator");
$acl->addRole("manager");
$acl->addRole("client");
$acl->addRole("guest");
// or, $acl->addRole("administrator", ["manager"]);, indicating that administrator inherits manager's permissions.
$acl->addResource("files");
$acl->addResource("client_lists");
$acl->deny("guest", ["files", "client_lists"]);
$acl->allow(['administrator', 'manager'], ['files', 'client_lists'], ['read', 'write'], function($acl, $testing_role, $testing_resource, $testing_privilege) {
// this function is an assertion that returns true/false if the rule should apply.
$arguments = $acl->getQueriedOtherArguments();
if($arguments['user_id'] == 4) // we can pass in user ID and indeed file/list ID via the other arguments system.
return false;
}));
// provide HMAC and AES keys... note that as of PHP 5.6 invalid length AES keys are not acceptable.
// we use the WordPress Secret Key API to generate the HMAC key: https://api.wordpress.org/secret-key/1.1/salt/
// if you wish and trust me, you can generate keys here: http://giuseppe.ca/aes.php - pass ?size=12 to force a particular size (bytes) output key.
$user = new User('SNgsHsd#T$DaN R*Ol~O6z+a+[v}@3)6%-X0nHH|%#ag+hYV 5f|zs}6;T|wM?3+', 'ALPHb92wzIamFw39VHLTiv6rY8i6EiEU8Plghvbhu547iPlgqlHSy76F');
$user->setAuthenticator(new SimpleAuthenticator([
'johnny' => 'apples33d',
'thelma' => 'J!JHndmTivE'
]));
$user->setExpiration("30 days");
$user->setACL($acl); // from our previous set up
// if the user is not signed in, his only role is 'guest' and his ID is null.
// but you can check with $user->isLoggedIn(), $user->whoAmI() or $user->roles()
// if the user has a login stored in his cookies, he will be already authenticated. If he weren't, you can try to authenticate him with $user->login($username, $password); -- this will throw an exception if the login fails.
if($user->can("files", "view", 1)) {
echo "I'm allowed to view file #1";
}
`
$key = openssl_random_pseudo_bytes($length_bytes, $boolean);
if($boolean === false) die("This is not a good key. Something bad happened.");
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.