1. Go to this page and download the library: Download popphp/pop-acl library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
popphp / pop-acl example snippets
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$admin = new Role('admin');
$editor = new Role('editor');
$reader = new Role('reader');
$page = new Resource('page');
$acl->addRoles([$admin, $editor, $reader]);
$acl->addResource($page);
$acl->allow('admin', 'page') // Admin can do anything to a page
->allow('editor', 'page', 'edit') // Editor can only edit a page
->allow('reader', 'page', 'read'); // Reader can only read a page
var_dump($acl->isAllowed($admin, $page, 'add')); // true
var_dump($acl->isAllowed($editor, $page, 'edit')); // true
var_dump($acl->isAllowed($editor, $page, 'add')); // false
var_dump($acl->isAllowed($reader, $page, 'edit')); // false
var_dump($acl->isAllowed($reader, $page, 'read')); // true
use Pop\Acl\AclRole as Role;
$admin = new Role('admin');
$admin->id = 1; // Define the role ID
$admin->user_id = 2; // Define the current user ID
use Pop\Acl\AclResource as Resource;
$page = new Resource('page');
$page->id = 1; // Define the role ID
$page->user_id = 2; // Define the page owner user ID
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$admin = new Role('admin');
$editor = new Role('editor');
$page = new Resource('page');
$acl->addRoles([$admin, $editor]);
$acl->addResource($page);
$acl->allow($admin, $page) // Admin can do anything to a page
->allow($editor, $page, 'edit'); // Editor can edit a page
var_dump($acl->isAllowed($admin, $page, 'add')); // bool(true)
var_dump($acl->isAllowed($editor, $page, 'add')); // bool(true)
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$admin = new Role('admin');
$editor = new Role('editor');
$page = new Resource('page');
$acl->addRoles([$admin, $editor]);
$acl->addResource($page);
$acl->allow($admin, $page) // Admin can do anything to a page
->allow($editor, $page, 'edit'); // Editor can edit a page
$acl->deny($editor, $page, 'add');
var_dump($acl->isAllowed($admin, $page, 'add')); // bool(true)
var_dump($acl->isAllowed($editor, $page, 'add')); // bool(false)
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$acl->setStrict();
$admin = new Role('admin');
$editor = new Role('editor');
$page = new Resource('page');
$acl->addRoles([$admin, $editor]);
$acl->addResource($page);
$acl->allow($admin, $page) // Admin can do anything to a page
->allow($editor, $page, 'edit'); // Editor can edit a page
var_dump($acl->isAllowed($admin, $page, 'add')); // bool(true)
var_dump($acl->isAllowed($editor, $page, 'add')); // bool(false)
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$admin = new Role('admin');
$editor = new Role('editor');
$page = new Resource('page');
$acl->addRoles([$admin, $editor])
->addResource($page);
$acl->allow('admin', 'page') // Admin can do anything to a page
->allow('editor', 'page', 'edit') // Editor can only edit a page
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$editor = new Role('editor');
$reader = new Role('reader');
// Add the $reader role as a child role of $editor.
// The role $reader will now inherit the access rules
// of the role $editor, unless explicitly overridden.
$editor->addChild($reader);
$page = new Resource('page');
$acl->addRoles([$editor, $reader]);
$acl->addResource($page);
// Neither the editor or reader can add a page
$acl->deny('editor', 'page', 'add');
// The editor can edit a page
$acl->allow('editor', 'page', 'edit');
// Both the editor or reader can read a page
$acl->allow('editor', 'page', 'read');
// Over-riding deny rule so that a reader cannot edit a page
$acl->deny('reader', 'page', 'edit');
var_dump($acl->isAllowed('editor', 'page', 'add')); // false
var_dump($acl->isAllowed('reader', 'page', 'add')); // false
var_dump($acl->isAllowed('editor', 'page', 'edit')); // true
var_dump($acl->isAllowed('reader', 'page', 'edit')); // false
var_dump($acl->isAllowed('editor', 'page', 'read')); // true
var_dump($acl->isAllowed('reader', 'page', 'read')); // true
use Pop\Acl\Acl;
use Pop\Acl\AclRole;
use Pop\Acl\AclResource;
use Pop\Acl\Assertion\AssertionInterface;
class UserCanEditPage implements AssertionInterface
{
public function assert(
Acl $acl, AclRole $role,
AclResource $resource = null,
$permission = null
)
{
// Check that the resource owner (user_id) is the same as the current role user (user_id)
return ((null !== $resource) && ($resource->user_id == $role->user_id));
}
}
use Pop\Acl\Acl;
use Pop\Acl\AclRole as Role;
use Pop\Acl\AclResource as Resource;
$acl = new Acl();
$admin = new Role('admin');
$editor = new Role('editor');
$page = new Resource('page');
$admin->id = 1001;
$editor->id = 1002;
$page->user_id = 1001;
$acl->addRoles([$admin, $editor]);
$acl->addResource($page);
// Define the assertion(s) to use in the 4th parameter of the allow/deny method
$acl->allow('admin', 'page', 'add')
->allow('admin', 'page', 'edit', new UserCanEditPage())
->allow('editor', 'page', 'edit', new UserCanEditPage())
// Returns true because the assertion passes,
// the admin's ID matches the page's user ID
if ($acl->isAllowed('admin', 'page', 'edit')) { }
// Although editors can edit pages, this returns false
// because the assertion fails, as this editor's ID
// does not match the page's user ID
if ($acl->isAllowed('editor', 'page', 'edit')) { }
use Pop\Acl\Acl;
use Pop\Acl\AclRole;
use Pop\Acl\AclResource;
class User extends AclRole
{
use Pop\Acl\Policy\PolicyTrait;
public function __construct($name, $id, $isAdmin)
{
parent::__construct($name, ['id' => $id, 'isAdmin' => $isAdmin]);
}
public function create(User $user, AclResource $page)
{
return (($user->isAdmin) && ($page->getName() == 'page'));
}
public function update(User $user, AclResource $page)
{
return ($user->id === $page->user_id);
}
public function delete(User $user, AclResource $page)
{
return (($user->isAdmin) || ($user->id === $page->user_id));
}
}
// Returns true, because the user is an admin
var_dump($acl->isAllowed('admin', 'page', 'create'));
// Returns false, because the user is an editor (not an admin)
var_dump($acl->isAllowed('editor', 'page', 'create'));
// Returns false, because the admin doesn't "own" the page
var_dump($acl->isAllowed('admin', 'page', 'update'));
// Returns true, because the editor does "own" the page
var_dump($acl->isAllowed('editor', 'page', 'update'));
// Returns true, because the user is an admin
var_dump($acl->evaluatePolicy('create', 'admin', 'page'));
// Returns false, because the user is an editor (not an admin)
var_dump($acl->evaluatePolicy('create', 'editor', 'page'));
// Returns false, because the admin doesn't "own" the page
var_dump($acl->evaluatePolicy('update', 'admin', 'page'));
// Returns true, because the editor does "own" the page
var_dump($acl->evaluatePolicy('update', 'editor', 'page'));
var_dump($admin->can('create', $page)); // true, because the user is an admin
var_dump($editor->can('create', $page)); // false, because the user is an editor (not an admin)
var_dump($admin->can('update', $page)); // false, because the admin doesn't "own" the page
var_dump($editor->can('update', $page)); // true, because the editor does "own" the page
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.