Download the PHP package mattyg/fb-privacy-auth without Composer

On this page you can find all versions of the php package mattyg/fb-privacy-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package fb-privacy-auth

FB Privacy Auth

This library lets you implement an authorization system in your application using the same style that Facebook uses for content. Each resource has a defined list of users and groups that are allowed access to the resource, and a defined list of users and groups that are not allowed access to the resource.

To use the library, construct an instance of \MattyG\FBPrivacyAuth\AuthChecker, passing it two arrays. The first is an array where the keys are the identifiers of each group, and the values are arrays of usernames that are part of each group. The second is an array where the keys are the identifiers of each resource, and the values are an array that describes who is allowed access to each resource. You can see an example of the expected structure in the "resources.json" file in the tests folder.

When you want to test whether or not a particular user has access to a particular resource, call the check() function, passing it the identifier of the given resource, and the username in question. It will then perform the following checks, in this order:

  1. Is this user specifically denied from accessing this resource? If so, DENY.
  2. Is this user specifically allowed to access this resource? If so, ALLOW.
  3. Is this user a member of a group that is specifically denied from accessing this resource? If so, DENY.
  4. Is this user a member of a group that is specifically allowed to access this resource? If so, ALLOW. If the user does not match any of the above rules, DENY.

As you can see, the above logic means your application will default towards being more secure rather than less secure. It is better for a user to be accidentally locked out of a system than it is to accidentally allow an unwanted visitor access to the system.

The AuthChecker class also provides a convenient method for retrieving the identifiers of all resources that a particular user has access to. It does this by iterating over all resources and checking them one by one with the above logic. To utilise this, call the getAllowedResourceIds() method and pass it a username.

Why should you use this, instead of much more established and well-known solutions such as the Zend Acl or Symfony Security packages? Simplicity. Before I built this, I evaluated these and a few other potential solutions. I decided to build my own because of all the things I didn't want out of an authorization system:

I was unable to find an existing solution that fit all of these criteria before building this.

This software is released into the public domain without any warranty.

All versions of fb-privacy-auth with dependencies

PHP Build Version
Package Version
Requires php Version ~5.6.0|~7.0.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mattyg/fb-privacy-auth contains the following files

Loading the files please wait ....