Download the PHP package srigi/ipub-security without Composer

On this page you can find all versions of the php package srigi/ipub-security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package ipub-security

srigi/ipub-security

Build Status Latest Stable Version Composer Downloads

ACL permissions setter & checker for Nette Framework.

srigi/ipub-security is a library that allows easy configuration of Nette Framework ACL system. It supports roles & resources inheritance and also permission assertions are supported.

Installation

The best way to install srigi/ipub-security is by using Composer. To get the latest version of the library run this command at the root of your project:

Or you can specify dependency by hand:

Setup

After installation you need to register the DI extension. If your'e using Nette 2.3, you can do that by configuration:

I case of Nette 2.2 register extension in your bootstrap.php:

The ACL system 101

Nette ACL system brings some terminology you should know befor continuing. First there are resources that one (a role) wants to access (privilege). This forms a permission. Example is the best teacher:

resources - intranet, salesModule, serversDashboard, databaseServersDashboard

roles - admininstrator, guest, authenticated, employee, sales, engineer

privileges - access, powerOn, powerOff, reboot

permission - this is just abstract concept when you combine above three entities:

resources and roles can inherit from each other and create hierarchies:

If there is a permission (combination of resource, role and privilege) registered, this inherits down. In our little example engineer can access the intranet because is inheriting this permission from authenticated.

More on this can be found in access control chapter of Nette Framework documentation.

Creating permissions

Permission is represented by instance of IPub\Security\Entities\IPermission. Such instance is providing a IPub\Security\Entities\IResource resource instance, a privilege (defined as string) and assertion (defined as callable). All three components of the permission are optional.

Permissions definitions must be provided by service implementing IPub\Security\Providers\IPermissionsProvider. Library srigi/ipub-security have example implementation of such provider you can use in your project. Or you can write your own.

Defining set of permissions with our PermissionsProvider is very easy:

Now just register your permission provider:

Creating roles & assigning permissions

Similarly as permission also roles have its own interface and needs a provider service. This provider should also assign permissions to the role:

Don't forget to register your roles provider:

Now your'e set!

Checking permissions

Library provide a PHP trait, which enables pleasant quering Nette ACL system we've just configured. Please note that traits are available from PHP 5.4, for older versions of PHP you must copy/paste trait contents. This trait is effective only in presenter(s).

Using annotations

You can fine-tune checking logic by this set of annotations:

@Secured

This annotation instruct security system that presenter is subject to the permissions check. Without it permission checking will be skipped completely!

@Secured\User

This annotation accept value loggedIn or guest. Access to any resource and any privilege is controled only by login state of the current user.


Next annotations are working over Nette\Security\User roles assigned during login process.

@Secured\Resource

Access is granted only if role is allowed to access specified resource.

@Secured\Privilege

This grand access only if role is allowed to access specified privilege.

@Secured\Permission

Combination of above two - access is granted only if role have resource: privilege permission.

@Secured\Role

Grand access only to specified role.

On every place where *_NAME applies, you can specify multiple names separated by comma.

Using in presenters, components, models, etc.

Permission check can be performed also manually. You just need Nette\Security\User instance on which you call:

TRUE of FALSE is returned respecively.

Using in Latte

In latte you can use two special macros.

Macro ifAllowed is very similar to annotations definitions. You can use here one or all of available parameters: user, resource, privilege, permission or role.

This macro can be also used as n: macro:

And second special macro is for links:

Macro n:allowedHref is expecting only valid link and in case user doesn't have permission to that resource, link isn't displayed.

Redirect to login page

If user is not logged-in and tries to access secured resource a default action is throwing the Nette\Application\ForbiddenRequestException. However if you configure so called redirectUrl, request will be redirected to this url (login page) when this situation occurs.

Also all parameters of the original request will be stored. That way you are able to restore original request and be redirected to secured resource after successful login. To configure redirectUrl add this to your configuration:

To restore the original request prepare persistent param backlink in the presenter and use it in login procedure (callback)

TODO

History

License

New BSD License or the GNU General Public License (GPL) version 2 or 3, see license.md.


All versions of ipub-security with dependencies

PHP Build Version
Package Version
Requires php Version >=5.4
nette/application Version ~2.2
nette/bootstrap Version ~2.2
nette/di Version ~2.2
nette/utils Version ~2.2
nette/security Version ~2.2
latte/latte Version ~2.2
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package srigi/ipub-security contains the following files

Loading the files please wait ....