Download the PHP package geggleto/psr7-acl without Composer
On this page you can find all versions of the php package geggleto/psr7-acl. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package psr7-acl
geggleto-acl
Provides a ACL repository and Middleware using Zend/Permissions/Acl library PSR-7 Compliant
- Blog post on this package
- https://glenneggleton.com/page/psr-7-permissions
How it works
- Resources are end-points
- Roles are a group of resources
- You can either allow or deny those roles.
The roles a user has are loaded into the AclRepo on every request. I suggest loading them into a session variable rather than pulling them from storage everytime (usage case depending).
The current route is then inspected and compared to the list of accessable resources in a middleware. a 401 is returned if a user is not allowed. If the user is allowed the application is allowed to continue.
By default no message body is provided on the 401, and if you require a page to be rendered then you will need to write your own middleware.
Usage Example
Dynamic Routes
In the case where your resource changes, it is possible to still correctly match by setting a resources with a Route Pattern. By default the system will inspect the $request's 'route' attribute and this Object should return the route pattern with ->getPatter(); Out of the box this will work with Slim 3 routes if you have turned on the 'determineRouteBeforeAppMiddleware' => true option.
Example Config:
If this does not fit your usage, feel free to override the default handler by setting your own via setHandler(callable)
Middleware
You can use the repo class directly which contains this code block... or modify this code block to suit your needs.
White listing
You may add a URI path for white listing. The whitelisting is based upon strpos()
so you may use a URI fragment to whitelist a whole class of URIs.
With this it is possible to whitelist URIs by accident.
Example:
In this example any URI with /api
will be whitelisted.
/api/*
/myexample/api/*