require_once '../../src/Nix/loader.php'; use Nix\Debugging\Debugger, Nix\Permissions\Permission, Nix\Permissions\PermissionAssertion, Nix\Permissions\User, Nix\Permissions\IUserHandler, Nix\Permissions\Identity, Nix\Permissions\Resource; Debugger::init(true); Debugger::setLogPath(__DIR__ . '/../temp/'); class PostsResource extends Resource { public $user_id; protected $name = 'posts'; } class UserPostsAssertion extends PermissionAssertion { public function assert(Permission $acl, $resource, $action) { echo '<pre>'; var_dump($acl); var_dump($resource); var_dump($action); echo '</pre>'; } } $acl = new Permission(); $acl->addRole('author', 'guest'); $acl->addResource('posts'); $acl->allow('guest', 'posts'); $acl->deny('guest', 'posts', 'edit'); $acl->allow('author', 'posts', 'edit', new UserPostsAssertion()); $posts = new PostsResource(); $posts->user_id = 1234; echo "<br>allowed: " . ($acl->isAllowed('guest', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('author', $posts, 'edit') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('author', $posts, 'view') ? "allowed" : "denied");
Debugger::init(true); Debugger::setLogPath(__DIR__ . '/../temp/'); class UserHandler implements IUserHandler { public function authenticate($username, $password) { return new Identity(6, 'admin', array('name' => 'jan')); } public function updateIdentity($id) { return new Identity(6, 'member', array('name' => 'new jan\'s name')); } } $acl = new Permission(); $acl->addResource('administration'); $acl->addRole('member'); $acl->addRole('admin'); $acl->allow('admin', 'administration'); $user = new User(); $user->setUserHandler('UserHandler'); $user->setAcl($acl); if (isset($_GET['login'])) { $user->authenticate('test', 'test'); header('location: index.php'); } elseif (isset($_GET['logout'])) { $user->signOut(); header('location: index.php'); } elseif (isset($_GET['update'])) { $user->updateIndentity(); header('location: index.php'); }
<?php # loader Nix libraries require_once '../../src/Nix/loader.php'; use Nix\Debugging\Debugger, Nix\Permissions\Permission, Nix\Permissions\User, Nix\Permissions\IUserHandler, Nix\Permissions\Identity; Debugger::init(true); Debugger::setLogPath(__DIR__ . '/../temp/'); $acl = new Permission(); # roles $acl->addRole('member', 'guest'); $acl->addRole('admin', 'member'); $acl->addRole('superadmin', 'admin'); # resource $acl->addResource('comments'); $acl->addResource('posts'); # privilegies $acl->allow('guest', array('posts', 'comments'), 'view'); $acl->allow('member', 'comments', 'add'); $acl->allow('admin', 'posts', array('add', 'edit', 'delete')); $acl->allow('superadmin', '*', '*'); echo "<br>allowed: " . ($acl->isAllowed('guest', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('guest', 'comments', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('member', 'comments', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('admin', 'comments', 'add') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('admin', 'posts', 'view') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('superadmin', 'posts', 'delete') ? "allowed" : "denied"); echo "<br>allowed: " . ($acl->isAllowed('superadmin', 'comments', 'delete') ? "allowed" : "denied"); echo "<br>"; echo "<br>denied: " . ($acl->isAllowed('guest', 'comments', 'add') ? "allowed" : "denied"); echo "<br>denied: " . ($acl->isAllowed('guest', 'posts', 'add') ? "allowed" : "denied"); echo "<br>denied: " . ($acl->isAllowed('member', 'comments', 'delete') ? "allowed" : "denied");