coresky/acl
最新稳定版本:0.545
Composer 安装命令:
composer require coresky/acl
包简介
Production ware for ACL
README 文档
README
Production ware. Use this product if your application require access control manager.
CUD operation logging configurable at the ware installation stage.
Simple mode: Create/Read/Update/Delete for users profile allow objects. User's groups and single user_id do not used for ACL.
Extended mode: Create/Read/Update/Delete = C/R/U/D for user_profile, user_groups, user_id allow/deny for objects OR object_ID
User to Profiles is one to many relation. Users to Groups is many to many relation.
| Essence | Brief Info |
|---|---|
| Version | 0.899 |
| Installer class | present (acl\ware) |
| w3 classes | 2 (Acl (console), ACM) |
| Controllers | 1, has optional tune |
| Models | 3 |
| Jet templates | 8, tunable |
| Tables in the database | 5, tunable names |
| dd drivers support | 2 (sqlite3, mysqli) for now |
| SKY::$vars | 1 ($k_acl) |
| Asset files | 0 |
Tuning the ware:
# Rewrite for a_ actions: if ($cnt && 'ctrl' == $surl[0]) { # Where 'ctrl' - tuning value (any of `/^[\w+\-]+$/`) common_c::$tune = array_shift($surl); $cnt--; }
Simple usage in the application code
You must import at least \ACM and controller's c_acl class into application namespace.
// in the controllers: if (!ACM::Ressence()) return 404; // in the Jet's templates the same way: // @if(ACM::Ressence()) .. code .. ~if
Where Ressence:
- R - char one of C/R/U/D or X. R - access for reading
- essence - object (essence) name from acl_object database table
Usage for selected object ID
Access for selected object ID:
if (!$private || ACM::Rtopic($topic_id)) .. # Where $topic_id is ID numeric value, $topic_id cannot be 0 # Access records with obj_id=0 give access to any $topic_id # But you can tune access for defined $topic_id with access records where obj_id=$topic_id (!=0)
You must place in common_c::head_y($action):
$sky->profiles = ACM::init([ 'topic' => fn() => (object)$this->t_topic->acl(), 'forum' => fn() => (object)$this->t_forum->acl(), # ...other objects with own access for defined obj_ID ]); # Where each `acl()` method return fields, see example: return [ 'from' => $this->qp('from $_ where private=1'), # must be class SQL object 'order' => 'order by id desc', 'columns' => ['id', 'topic_name || " " || dt', ['topic_name', 'dt']], ]; # Where columns[0] - column for obj_id # Where columns[1] - column for comment # Where columns[0] - array of columns for search filter
Objects for selected ID you can create using call:
ACM::object($obj, $obj_id, $desc) : `object record ID` # where $obj - object name, example: "topic" # where $desc - description # object type_id will taken from $obj/0 # you can give access after object created: ACM::access($id, $crud, $uid = 0, $pid = 0, $gid = 0) # where $id is `object record ID`
Replacing Jet templates
See the root templates call:
#._ magic marker
#if(Plan::view_t(['main', 'acl.jet']))
@inc(acl.)
#else
@inc(.menu)@inc(_access.)
#end
#._ magic marker
All templates can be changed with application code in file acl.jet.
You can also use parts of original ACL Jet files using back call: @inc(_user.profiles) for example
Improvement for MySQL
-- use enum for object's types: ALTER TABLE tblname CHANGE `obj` `obj` enum('com','per','prj','act','face') DEFAULT NULL, -- add a index: ..
Drop old ACL Log records
You can do it using CRON task for example:
->at('2 2', function() use ($cron) { $cron->sql('delete from $_acl_log where dt ... '); })
Fictitious ACM class
If the application code contains references to the ACL class, but you need to temporarily uninstall the ACL product, you can add a dummy ACM class to the application's w3 folder:
<?php class ACM # stub class used when ACL ware do not installed { static function __callStatic($name, $args) { return false; # or true } }
统计信息
- 总下载量: 24
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 0
- 依赖项目数: 1
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-07-24