Download the PHP package ride/lib-security without Composer
On this page you can find all versions of the php package ride/lib-security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download ride/lib-security
More information about ride/lib-security
Files in ride/lib-security
Package lib-security
Short Description Security library of the Ride framework
License MIT
Informations about the package lib-security
Ride: Security Library
Security abstraction library of the PHP Ride framework.
This library implements a role-based access control. Read more about this on Wikipedia.
What's In This Library
SecurityModel
The SecurityModel interface is the facade to the data source of the security implementation. It provides users, roles and permissions.
User
The User interface represents a user which can identify him or herself to the application. You can attach roles to the user to grant him or her access to specific parts of the application. The User interface is implemented by the security model.
Role
The Role interface represents a specific set of allowed actions through granted permissions and allowed paths. By attaching a role to a user, you grant the user access to specific parts of the application. The Role interface is implemented by the security model.
Permission
The Permission interface is used to grant or deny a single action.
To secure a part of your application, you should always check for a granted permission in the application code. Don't check if the current user is a specific user, or if the current user has a specific role. You will work against the flexibility of the security model.
The Permission interface is implemented by the security model.
Authenticator
The Authenticator interface decides the mechanism of authentication and keeps the state of the current user.
GenericAuthenticator
The GenericAuthenticator offers a default or generic implementation of the authenticator.
You can turn on unique sessions. This feature is used when a user performs a login from another client, the original client will be logged out.
It also supports the switch user functionality.
ChainAuthenticator
You can use the ChainAuthenticator to chain different authenticators together. Use this to offer different authentication mechanisms simultaneously.
PathMatcher
The PathMatcher has the responsibility to match path regular expressions, or rules, to a provided path and method.
GenericPathMatcher
The GenericPathMatcher offers a default or generic implementation of the path matcher.
There are 3 special tokens which you can use in a rule:
- *: match a single path token
- **: match everything
- !: prefix a path with an exclamation mark to negative (not) it
Optionally, you can define one or multiple methods between square brackets.
All rules will be checked and it will happen in the sequence they are provided. This is needed for the not function.
For example, assume the following rules:
These rules will match all requests starting with /admin and /sites except a GET request for the content of every page of my-site.
Voter
The Voter interface is used to check granted permissions and allowed paths.
ModelVoter
The ModelVoter performs it's checks against the security model. It uses the current user and it's roles to obtain granted permissions and allowed paths.
ChainVoter
The ChainVoter is used to combine different voters in a chain. This can be used to catch special cases or some exotic edge case.
You have 3 different strategies:
- affirmative: This strategy grants access as soon as one voter grants access. This is the default strategy.
- consensus: This strategy grants access when there is a majority of voters who grant access.
- unanimous: This strategy grants access when all voters grant access.
SecurityManager
The SecurityManager class is the facade to this library. It glues the other components together to an easy to use interface. Use an instance of this class to handle your security.
Code Sample
Check this code sample to see some possibilities of this library:
Note: some classes used in this example are taken from from ride/lib-security-generic, ride/web-security or ride/web-security-generic.
Implementations
For more examples, you can check the following implementations of this library:
- ride/cli-security
- ride/lib-security-generic
- ride/lib-security-oauth
- ride/web-security
- ride/web-security-generic
- ride/web-security-oauth
- ride/web-security-orm
Installation
You can use Composer to install this library.
All versions of lib-security with dependencies
ride/lib-event Version ^1.0.0
ride/lib-http Version ^1.0.0
ride/lib-log Version ^1.0.0