1. Go to this page and download the library: Download managur/rick-role library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
managur / rick-role example snippets
use RickRole\Rick;
use RickRole\Configuration;
use RickRole\Voter\DoctrineDefaultVoter;
use Doctrine\DBAL\DriverManager;
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\ORMSetup;
// Set up Doctrine with SQLite (simplest setup)
$paths = [__DIR__ . '/src/Entity'];
$isDevMode = true;
$dbParams = [
'driver' => 'pdo_sqlite',
'path' => __DIR__ . '/database.sqlite',
];
$doctrineConfig = ORMSetup::createAttributeMetadataConfiguration($paths, $isDevMode);
$connection = DriverManager::getConnection($dbParams, $doctrineConfig);
$entityManager = new EntityManager($connection, $doctrineConfig);
// Configure Rick with a default voter
$rickConfig = new Configuration();
$rickConfig->addVoter(new DoctrineDefaultVoter($entityManager));
$rick = new Rick($rickConfig);
// Check if a user is allowed to create a post
$userId = 123; // This is just the user ID from your application
$permission = 'create post';
$post = new BlogPost();
if ($rick->allows($userId, $permission, $post)) {
echo "Permission granted!";
} else {
echo "Access denied!";
}
$reasons = null;
$allowed = $rick->allows(userId: 123, to: 'edit post', onThis: $post, because: $reasons);
//--------- More on these ☝️ named parameters later! ---------//
echo $reasons->permission; // 'edit post'
echo $reasons->userId; // 123
echo $reasons->subject; // $post object
echo $reasons->voter; // Voter class name
echo $reasons->decision; // 'ALLOW', 'DENY', or 'ABSTAIN'
echo $reasons->message; // Human-readable reason
// Access the complete decision chain
$current = $reasons;
while ($current) {
echo "Voter: " . $current->voter . " - " . $current->message;
$current = $current->previous;
}
use RickRole\Configuration;
use RickRole\Rick;
use RickRole\Voter\DoctrineDefaultVoter;
use RickRole\Strategy\DenyWinsStrategy;
use Monolog\Logger;
use Monolog\Handler\StreamHandler;
$config = new Configuration();
$entityManager = YOUR_DOCTRINE_ENTITY_MANAGER_SETUP_CODE;
// Add voters to the stack
$config->addVoter(new DoctrineDefaultVoter($entityManager));
// Configure strategy (optional - DenyWinsStrategy is default)
$config->setStrategy(new DenyWinsStrategy());
// Configure logging (optional - NullLogger is used by default)
$logger = new Logger('rick-role');
$logger->pushHandler(new StreamHandler('php://stdout', Logger::INFO));
$config->setLogger($logger);
$rick = new Rick($config);
use Doctrine\DBAL\DriverManager;
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\ORMSetup;
$paths = [__DIR__ . '/src/Entity'];
$isDevMode = true;
$dbParams = [
'driver' => 'pdo_sqlite',
'path' => __DIR__ . '/database.sqlite',
];
$config = ORMSetup::createAttributeMetadataConfiguration($paths, $isDevMode);
$connection = DriverManager::getConnection($dbParams, $config);
$entityManager = new EntityManager($connection, $config);
// Simple permission check
if ($rick->allows($userId, 'view dashboard')) {
// Show dashboard
}
// Permission check with subject context
if ($rick->allows($userId, 'edit post', $post)) {
// Allow editing this specific post
}
// Inverse check
if ($rick->disallows($userId, 'delete user')) {
// User cannot delete users
}
// Not using named arguments
if ($rick->allows($userId, $permission, $post)) {
echo "Permission granted!";
}
// Using named arguments
if ($rick->allows(userId: $userId, to: $permission, onThis: $post)) {
echo "Permission granted!";
}
// Mixing named arguments
if ($rick->allows($userId, to: $permission, onThis: $post)) {
echo "Permission granted!";
}
// Mixing named arguments further
if ($rick->allows($userId, $permission, onThis: $post)) {
echo "Permission granted!";
}
use RickRole\Voter\VoterInterface;
use RickRole\Voter\VoteResult;
class BusinessHoursVoter implements VoterInterface
{
public function vote(
string|int $userId,
string $permission,
mixed $subject = null
): VoteResult {
// Only allow access during business hours
$hour = (int) date('H');
if ($hour >= 9 && $hour <= 17) {
return VoteResult::allow('Access granted during business hours');
}
return VoteResult::deny('Access denied outside business hours');
}
}
// Add to configuration
$config->addVoter(new BusinessHoursVoter());
// Check multiple permissions
$canManageUsers = $rick->allows(userId: $userId, to: 'manage users');
$canDeleteUsers = $rick->allows(userId: $userId, to: 'delete user', onThis: $targetUser);
if ($canManageUsers && $canDeleteUsers) {
// User can delete this specific user
}
// Get detailed reasoning for debugging
$reasons = null;
$canEdit = $rick->allows(userId: $userId, to: 'edit post', onThis: $post, because: $reasons);
if ($canEdit === false) {
logPermissionDenial($reasons);
}
use Monolog\Logger;
use Monolog\Handler\StreamHandler;
$logger = new Logger('rick-role');
$logger->pushHandler(new StreamHandler('php://stdout', Logger::INFO));
$config = new Configuration();
$config->setLogger($logger);
use RickRole\Rick;
use RickRole\Configuration;
class CustomPermission implements Stringable {
public function __toString(): string {
return 'custom-permission';
}
}
$config = new Configuration();
$rick = new Rick($config);
$permission = new CustomPermission();
if ($rick->allows(123, $permission)) {
// User has the custom permission
}
use Monolog\Logger;
use Monolog\Handler\StreamHandler;
use Monolog\Handler\RotatingFileHandler;
// Create logger with multiple handlers
$logger = new Logger('rick-role');
// Log all levels to rotating file for debugging
$logger->pushHandler(new RotatingFileHandler(
__DIR__ . '/logs/rick-role.log',
30, // Keep 30 days of logs
Logger::DEBUG
));
// Log only INFO and above to stdout for production
$logger->pushHandler(new StreamHandler('php://stdout', Logger::INFO));
$config = new Configuration();
$config->setLogger($logger);
$rick = new Rick($config);
// Now all permission checks will be logged
$rick->allows(123, 'create post', $post);
bash
# Run migrations
vendor/bin/doctrine-migrations migrate --configuration=migrations.php
bash
# Check migration status
vendor/bin/doctrine-migrations status --configuration=migrations.php
# Run migrations
vendor/bin/doctrine-migrations migrate --configuration=migrations.php
# Generate migration diff (shows SQL changes)
vendor/bin/doctrine-migrations diff --configuration=migrations.php
[2025-01-15 10:30:45] rick-role.DEBUG: Voter decision {"user_id":123,"permission":"create post","voter":"RickRole\\Voter\\DefaultVoter","decision":"allow","message":"User has permission through role: editor"}
[2025-01-15 10:30:45] rick-role.INFO: Permission check completed {"user_id":123,"permission":"create post","subject":"Post#123","decision":"allow","allowed":true,"duration_ms":2.45,"voter_count":1,"strategy":"RickRole\\Strategy\\DenyWinsStrategy","reason":"No deny votes found - User has permission through role: editor"}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.