Download the PHP package mouf/security.rightsservice without Composer

On this page you can find all versions of the php package mouf/security.rightsservice. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package security.rightsservice

Managing rights with Mouf

The Mouf framework is only an IOC framework. As such, it does not provide any means for managing access rights for users. Hopefully, the Mouf team provides this "rightsservice" package that can do help you with user management. This package does rely on the "userservice" package for providing users management and will add access rights management to it.

The "rightsservice" package

This package can be found in the "security" directory. This package provides components you can use to implement user authorization. This is not an "out-of-the-box" package. In order to use this package, you will have to develop some components on your side. This package will provide utility functions to know if a user has the rights to perform some action or not, .... This package does not provide any way to add or remove rights for a user. You will have to take care of this in your developments. The package contains these classes and interfaces:

The one thing you must remember when using the "rightsservice" package is this: You provide the "rightsservice" package with a DAO that will help it know the rights for a user, and the userservice will help you manage the rights and access those efficiently by caching them in session.

Note: if a user is not logged, we will have no rights. This package does not allow rights for unlogged people.

In Mouf, a right can be anything from displaying a button to accessing a web-page, etc... Rights can optionally have a scope. If they have a scope, the user can have a right only in that scope. For instance, in a project management application, there can be several project, and maybe the user as rights to manage only one project. So the "AdminProject" right might be restricted to that particular project.

The MoufRightService component

This component has 3 required properties that must be wired using the Mouf User Interface:

The MoufRightService contains these methods:

You will use the isAllowed method to know if the current user has rights or not. You can use the isUserAllowed variant if you want to know the rights of a user that is not the current user. The flushRightsCache method will let you flush the rights cache for the current user (in order to save on database calls, the list of rights for a user is cached in session). Finally, the redirectNotAuthorized functions will check if the user has the right authorization, and will redirect the user to the 403 page ($errorPageUrl) if he is not allowed to view the page.

For the RightsService to work, you will need to provide a RightsDao implementing this interface:

The RightsDao provides return objects representing Rights. A right is an object that has a name (the right's name) and a an array of scopes the right applies to. A scope can be anything from a string to an object, but it must be serializable (to be stored in session). These "Right" objects will need to implement the RightInterface interface:

The "rightsservice" package provides the MoufRight class that is a default implementation of the RightInterface. You can use it by making sure the RightsDao you will code returns objects from the MoufRight class.


All versions of security.rightsservice with dependencies

PHP Build Version
Package Version
Requires php Version ^8
mouf/security.userservice Version ^3.0
mouf/mouf-validators-interface Version ~2.0
mouf/utils.constants.secret Version ^1.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mouf/security.rightsservice contains the following files

Loading the files please wait ....