Download the PHP package hanaboso/acl-bundle without Composer
On this page you can find all versions of the php package hanaboso/acl-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package acl-bundle
Hanaboso AclBundle
Installation
- Download package via composer
Resources
All resources & actions protected by ACL must by registered via enum and symfony parameters Configuration below shows registration of both Resource and Action enum, together with marking db documents beloging to given resources.
acl_use_cache allows caching with redis so that rules doesn't have to be loaded from db every time.
resource_actions is option parameter that allows extending default ['read', 'write', 'delete'] actions. Only up to 32 different actions is allowed.
Rules
Rules are defined in two separate groups. Standard and Owner's rules.
Owner rules are applied only if object contains owner property and it's Id matches with logged user.
Rules set under fixture_groups are global and apply to all instances regardless of ownership. Each rule has:
- level: priority of group. If ACL rules and groups are editable from users, each user can edit only itself & lower priorities (protects superadmin from admin with lower priority)
- extends: includes rules from specified groups
- users: pre-generated users
- rules: specifies each resource with all rules allowed for given group
Entities/Documents
AclBundle is dependant on UserBundle and both it's entities/documents must be registered to doctrine.
ORM mappings
ODM mappings
Usage in code
Checking rules for given user is done via AccessManager's method isAllowed(string $action, string $resource, UserInterface $user, $object = NULL)
Request action & resource is validated against enums registered above. UserInterface is taken from UserBundle and represents logged user. Object is optional parameter of object or it's Id.
Examples
Usages of object parameter:
-
NULL -> check if $user has permission for Write or GroupPermission for Read & Delete isAllowed(ActionEnum::READ, ResourceEnum::Node, $loggedUser); returns TRUE if allowed or throws an exception
-
string -> id of desired entity isAllowed(ActionEnum::READ, ResourceEnum::Node, $loggedUser, '1258'); returns desired entity if found and user has permission for asked action or throws an exception
-
object -> check permission for given entity isAllowed(ActionEnum::READ, ResourceEnum::Node, $loggedUser, $something); returns back given object or throws an exception
- other formats like array or int will only throws an exception
Generation of groups & rules
All required entities/documents are generated via fixtures. After creating a new rule, it can be added with fixtures as well as it checks uniqueness.
