1. Go to this page and download the library: Download tobento/service-acl library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
tobento / service-acl example snippets
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\Authorizable;
use Tobento\Service\Acl\AuthorizableAware;
use Tobento\Service\Acl\Role;
// User class example.
class User implements Authorizable
{
use AuthorizableAware;
public function __construct(
protected string $name,
) {}
}
// Create Acl.
$acl = new Acl();
// Adding rules.
$acl->rule('articles.read')
->title('Article Read')
->description('If a user can read articles');
$acl->rule('articles.create');
$acl->rule('articles.update');
// Create role.
$guestRole = new Role('guest');
// Adding permissions on role.
$guestRole->addPermissions(['articles.read']);
// Create and set user role.
$user = (new User('Nick'))->setRole($guestRole);
// Adding permissions on user.
// If permissions are set on user, role permissions will not count anymore.
$user->addPermissions(['articles.read']);
// Set current user.
$acl->setCurrentUser($user);
// Adding additional permissions for the current user only.
$acl->addPermissions(['articles.create']);
// Check permissions for current user.
if ($acl->can('articles.read')) {
// user has permission to read articles.
}
// check permission for specific user.
if ($acl->cant(key: 'articles.read', user: $user)) {
// user has not permission to read articles.
}
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\RuleInterface;
// Create Acl.
$acl = new Acl();
// Add default rule.
$acl->rule('articles.read');
// Add custom rule.
$acl->addRule(RuleInterface $rule);
// Get rules.
foreach($acl->getRules() as $rule)
{
$key = $rule->getKey();
$inputKey = $rule->getInputKey();
$title = $rule->getTitle();
$description = $rule->getDescription();
$area = $rule->getArea();
}
// get specific rules
$rule = $acl->getRule('articles.read');
use Tobento\Service\Acl\Acl;
// Create Acl.
$acl = new Acl();
$acl->rule('articles.read');
$acl->rule('articles.update');
// Create role.
$role = new Role('guest');
// Create and set user role.
$user = (new User('Nick'))->setRole($role);
// Adding permissions on acl, only for current user.
$acl->addPermissions(['articles.read']);
// Adding permissions on role.
$role->addPermissions(['articles.read']);
// Adding permissions on user.
// If permissions are set on user, role permissions will not count anymore.
// Only acl and user specific permissions.
$user->addPermissions(['articles.read']);
use Tobento\Service\Acl\Acl;
// Create Acl.
$acl = new Acl();
$acl->rule('articles.read', 'frontend');
$acl->rule('articles.update', 'backend');
// Guest Role taking only frontend rules into account,
// ignoring any permission from backend rules even if permission is given.
$role = new Role('guest', ['frontend']);
// Editor can have frontend and backend rules.
$role = new Role('editor', ['frontend', 'backend']);
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\Authorizable;
use Tobento\Service\Acl\AuthorizableAware;
use Tobento\Service\Acl\Role;
// User class example.
class User implements Authorizable
{
use AuthorizableAware;
public function __construct(
protected string $name,
) {}
}
// Article class example
class Article
{
public function __construct(
protected string $name,
protected array $roles = [],
protected null|Authorizable $user = null
) {}
public function getName(): string
{
return $this->name;
}
public function getUser(): null|Authorizable
{
return $this->user;
}
public function getRoles(): array
{
return $this->roles;
}
}
// Create Acl.
$acl = new Acl();
// Rule to check if user is allowed to access a specific resource.
$acl->rule('resource')
->needsPermission(false)
->handler(function(Authorizable $user, null|Authorizable $resourceUser): bool {
if (is_null($resourceUser)) {
return false;
}
return $user === $resourceUser;
});
// Rule to check if user has role for a specific resource.
$acl->rule('has_role')
->needsPermission(false)
->handler(function(Authorizable $user, array $roles = []) {
if (empty($roles)) {
return true;
}
return in_array($user->role()->key(), $roles);
});
$user = (new User('Nick'))->setRole(new Role('editor'));
$acl->setCurrentUser($user);
$article = new Article('About us', ['editor'], $user);
// Check resource access.
if ($acl->can('resource', [$article->getUser()])) {
// user can access about page.
}
// Check resource role access.
if ($acl->can('has_role', [$article->getRoles()])) {
// user has the right role to access this resource.
}
/**
* RuleInterface
*/
interface RuleInterface
{
/**
* Get the key.
*
* @return string The key such as 'user.create'.
*/
public function getKey(): string;
/**
* Get the input key. May be used for form input.
*
* @return string The key such as 'user_create'.
*/
public function getInputKey(): string;
/**
* Get the title.
*
* @return string The title
*/
public function getTitle(): string;
/**
* Get the description.
*
* @return string The description
*/
public function getDescription(): string;
/**
* Get the area.
*
* @return string
*/
public function getArea(): string;
/**
* If the rule
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\AclInterface;
use Tobento\Service\Acl\RuleInterface;
use Tobento\Service\Acl\Authorizable;
use Tobento\Service\Acl\AuthorizableAware;
use Tobento\Service\Acl\Role;
// Custom rule
class CustomRule implements RuleInterface
{
public function __construct(
protected string $key,
protected string $area,
) {}
public function getKey(): string
{
return $this->key;
}
public function getInputKey(): string
{
return $this->key;
}
public function getTitle(): string
{
return $this->key;
}
public function getDescription(): string
{
return '';
}
public function getArea(): string
{
return $this->area;
}
public function ole()->areas())) {
return false;
}
return true;
}
}
// User class example.
class User implements Authorizable
{
use AuthorizableAware;
public function __construct(
protected string $name,
) {}
}
// Create Acl.
$acl = new Acl();
// Adding default rules.
$acl->addRule(new CustomRule('articles.read', 'frontend'));
$acl->addRule(new CustomRule('articles.create', 'frontend'));
// Create role.
$role = new Role('guest');
// Adding permissions on role does has no effect.
$role->addPermissions(['articles.read']);
// Create and set user role.
$user = (new User('Nick'))->setRole($role);
$user->addPermissions(['articles.create']);
// Set current user.
$acl->setCurrentUser($user);
if ($acl->can('articles.create')) {
// user has permission to read articles.
}
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\Permissionable;
use Tobento\Service\Acl\Authorizable;
// Create Acl.
$acl = new Acl();
// Set all permissions.
$acl->setPermissions(['user.create', 'user.update']);
// Adding more permissions.
$acl->addPermissions(['user.delete']);
$permissions = $acl->getPermissions(); // ['user.create', 'user.update', 'user.delete']
// Has any permissions at all.
$hasPermissions = $acl->hasPermissions();
// Removing permissions.
$acl->removePermissions(['user.delete']);
// Has specific permission.
$hasPermission = $acl->hasPermission('user.update');
use Tobento\Service\Acl\Acl;
// Create Acl.
$acl = new Acl();
// Check permissions for current user.
if ($acl->can('articles.read')) {
// user has permission to read articles.
}
// Check permission for specific user.
if ($acl->cant(key: 'articles.read', user: $user)) {
// user has not permission to read articles.
}
// You can check multiple permissions too.
if ($acl->can('articles.create|articles.update')) {
// user has permission to create and update articles.
}
// Multiple permissions with parameters.
if ($acl->can('articles.create|resource', ['resource' => [$article->getUser()]])) {
// user has permission to create and access the specific article.
}
use Tobento\Service\HelperFunction\Functions;
use Psr\Container\ContainerInterface;
use Tobento\Service\Di\Container;
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\AclInterface;
use Tobento\Service\Acl\Authorizable;
use Tobento\Service\Acl\AuthorizableAware;
use Tobento\Service\Acl\Role;
// create container.
$container = new Container();
// Set up Helper Function acl() for supporting
// checking permission directly on Authorizable objects.
$functions = new Functions();
$functions->set(ContainerInterface::class, $container);
// Register Acl functions.
$functions->register('dir/to/acl/functions.php');
// User class example.
class User implements Authorizable
{
use AuthorizableAware;
public function __construct(
protected string $name,
) {}
}
// Create Acl.
$acl = new Acl();
// Add Acl to container.
$container->set(AclInterface::class, $acl);
// Adding rules.
$acl->rule('articles.read');
// Create role.
$guestRole = new Role('guest');
// Adding permissions on role.
$guestRole->addPermissions(['articles.read']);
// Create and set user role.
$user = (new User('Nick'))->setRole($guestRole);
// Check permissions on user.
if ($user->can('articles.read')) {
// user has permission to read articles.
}
// check permission for specific user.
if ($user->cant('articles.read')) {
// user has not permission to read articles.
}
use Tobento\Service\Acl\Acl;
use Tobento\Service\Acl\Role;
use Tobento\Service\Acl\RoleInterface;
use Tobento\Service\Acl\Roles;
use Tobento\Service\Acl\RolesInterface;
// Create Acl.
$acl = new Acl();
// Set roles on acl for later reusage if needed.
$acl->setRoles([
new Role('guest'),
new Role('editor'),
]);
// or
$acl->setRoles(new Roles(
new Role('guest'),
new Role('editor'),
));
// Get roles:
$roles = $acl->roles();
var_dump($roles instanceof RolesInterface);
// bool(true)
// Iterate roles:
foreach($acl->roles() as $role) {
$key = $role->key();
$active = $role->active();
$areas = $role->areas();
$name = $role->name();
}
// Get Specific role:
$role = $roles->get('editor');
$role = $acl->getRole('editor'); // or
// null|RoleInterface
// Check if role exists:
var_dump($roles->has('editor'));
var_dump($acl->hasRole('editor')); // or
// bool(true)
// Sort roles returning a new instance:
$roles = $roles->sort(fn(RoleInterface $a, RoleInterface $b): int => $a->name() <=> $b->name());
// Filter roles returning a new instance:
$roles = $roles->filter(fn(RoleInterface $role): bool => $role->active());
// Filter by area roles returning a new instance:
$roles = $roles->area('frontend');
// Filter (in)active roles returning a new instance:
$roles = $roles->active();
$roles = $roles->active(false);
// Returns a new instance only the roles specified:
$roles = $roles->only(['editor']);
// Returns a new instance except the roles specified:
$roles = $roles->except(['editor']);
// Add a role returning a new instance:
$roles = $roles->add(new Role('admin'));
// Remove a role returning a new instance:
$roles = $roles->remove('editor');
// Get first role:
$role = $roles->first();
// null|RoleInterface
// Get all roles:
$roles = $roles->all();
$roles = $acl->getRoles(); // or
// array<string, RoleInterface>
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.