require_once '../../src/Nix/loader.php'; use Nix\Debugging\Debugger, Nix\Permissions\Permission, Nix\Permissions\PermissionAssertion, Nix\Permissions\User, Nix\Permissions\IUserHandler, Nix\Permissions\Identity, Nix\Permissions\Resource; Debugger::init(true); Debugger::setLogPath(__DIR__ . '/../temp/'); class PostsResource extends Resource { public $user_id; protected $name = 'posts'; } class UserPostsAssertion extends PermissionAssertion { public function assert(Permission $acl, $resource, $action) { echo '<pre>'; var_dump($acl); var_dump($resource); var_dump($action); echo '</pre>'; } } $acl = new Permission(); $acl->addRole('author', 'guest'); $acl->addResource('posts'); $acl->allow('guest', 'posts'); $acl->deny('guest', 'posts', 'edit'); $acl->allow('author', 'posts', 'edit', new UserPostsAssertion()); $posts = new PostsResource(); $posts->user_id = 1234; echo "<br>allowed: " . ($acl->isAllowed('guest', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('author', $posts, 'edit') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('author', $posts, 'view') ? "allowed" : "denied");
Debugger::init(true); Debugger::setLogPath(__DIR__ . '/../temp/'); $acl = new Permission(); # roles $acl->addRole('member', 'guest'); $acl->addRole('admin', 'member'); $acl->addRole('superadmin', 'admin'); # resource $acl->addResource('comments'); $acl->addResource('posts'); # privilegies $acl->allow('guest', array('posts', 'comments'), 'view'); $acl->allow('member', 'comments', 'add'); $acl->allow('admin', 'posts', array('add', 'edit', 'delete')); $acl->allow('superadmin', '*', '*'); echo "<br>allowed: " . ($acl->isAllowed('guest', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('guest', 'comments', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('member', 'comments', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('admin', 'comments', 'add') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('admin', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('superadmin', 'posts', 'delete') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('superadmin', 'comments', 'delete') ? "allowed" : "denied"); echo "<br>"; echo "<br>denied: " . ($acl->isAllowed('guest', 'comments', 'add') ? "allowed" : "denied"); echo "<br>denied: " . ($acl->isAllowed('guest', 'posts', 'add') ? "allowed" : "denied"); echo "<br>denied: " . ($acl->isAllowed('member', 'comments', 'delete') ? "allowed" : "denied"); echo "<br>denied: " . ($acl->isAllowed('admin', 'comments', 'delete') ? "allowed" : "denied"); echo "<br>"; echo "<br>allowed: " . ($acl->isAllowed('member', 'comments') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('guest', 'comments') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('superadmin', 'comments') ? "allowed" : "denied");