Download the PHP package gobline/acl without Composer
On this page you can find all versions of the php package gobline/acl. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Package acl
Short Description ACL component
License BSD-3-Clause
Homepage https://github.com/gobline
Informations about the package acl
ACL (Access Control List) component
ACL's allow an application to control access to its protected areas, files, operations and objects from requests.
- a resource represents an area or element to which access is controlled.
- a role represents a user, users' group or object that may request access to a resource.
- a privilege is an access right (or permission) for a resource, such as read and write permissions to a file.
Why Another ACL Component?
The ACL component was primarily written to add support for defining rules on path resources. You will find the basic usage in the following sections but by then, if you are already a little familiar to ACL, you can already have a look at the quick excerpt below demonstrating the utility and advantage of the component.
In a web application, this is particularly useful to control access on the application's areas through the URL path.
Creating an ACL
Adding Roles to the ACL
or
Defining Access Controls
After adding the relevant roles, rules can be established that define how resources may be accessed by roles.
To define a rule applied to all resources, the special resource named "*" can be used:
To define a rule with all privileges, the special privilege named "*" can be used:
Querying the ACL
After adding the rules, we can query the ACL to check if a role has been given permission or not.
You will note that by default, until a developer specifies an allow rule, denies access to every privilege upon every resource by every role.
Resources
As you might have noticed in the examples above, the resources are registered when defining the rules, while the roles must have previously been added to the ACL.
The reason for this is because the resources can not only just be a name or identifier, but also a pattern or regex, or even a custom object implementing the method of the interface.
The most straightforward example demonstrating the use of matchers, would be implementing an ACL managing access rights to files.
Another example:
Roles Inheritance
Roles can inherit from other roles, and consequently inherit their rules.
The example above also demonstrates the use of (because one might wonder what is the purpose of having a method if anything is denied by default anyway). The moderators inherit the view privilege from the guest role and the create and edit privileges from the member role. However, we don't want to allow a moderator to be able to create new pages, but only moderate existing pages. To achieve this, we simply add a deny rule overriding the inherited rule that granted create persmission, as shown above.
Sharing Roles among Multiple ACL Instances
There are cases where you might need to have multiple ACL instances. For instance, you might need to define rules for path resources, and rules for different resources in your application. To avoid mixing different type of resources in your ACL, you can create multiple ACL instances and share a unique role registry.
Installation
You can install the ACL component using the dependency management tool Composer. Run the require command to resolve and download the dependencies: