Composer
首页 包列表 提交包 常见问题 关于

mouf/security.rightsservice-splash 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

mouf/security.rightsservice-splash

最新稳定版本:v10.0.2

Composer 安装命令:

composer require mouf/security.rightsservice-splash

包简介

This package contains a set of class to bind the Splash MVC framework (>=v4) with the RightsService component. It features: a @RequiresRight annotation to restrict access to logged users only.

关键字:

# security # mouf # splash # rights

README 文档

README

This package is part of the Mouf PHP framework and contains the @Right annotation that integrates the Splash MVC framework with the RightsService.

This package provides one useful filter:

The @Right annotation

This filter can be used in any action. If you put this annotation, the user will be denied access if he does not possess the specified right.

/**
 * A sample default action that requires to have the "ACCESS_ADMIN_RIGHT" right.
 *
 * @URL /admin
 * @Right("ACCESS_ADMIN_RIGHT")
 */
public function index() { ... }

The @Right annotation requires an instance of ForbiddenMiddleware to exist. The name of the instance must be ForbiddenMiddleware::class. If your ForbiddenMiddleware instance is not named ForbiddenMiddleware::class (or if you want to use several ForbiddenMiddleware instances, you can specify the instance of middleware to use in parameter of the annotation:

/**
 * A sample default action that requires to have the "ACCESS_ADMIN_RIGHT" right.
 *
 * @URL /admin
 * @Right(name="ACCESS_ADMIN_RIGHT",instance="myForbiddenMiddleware")
 */
public function index() { ... }

Composite rights: the @AndRight and @OrRight annotations

Occasionally, you might want to check if a user has 2 rights (and), or one of two rights (or).

To do this, instead of passing a string to the @Right annotation, you can pass a @AndRight or a @OrRight annotation.

For instance, to check that a user has both the CAN_DO_THIS and CAN_DO_THAT rights, you should use:

/**
 * An action that requires to have both the "CAN_DO_THIS" and "CAN_DO_THAT" right.
 *
 * @URL /admin
 * @Right(@AndRight({@Right("CAN_DO_THIS"), @Right("CAN_DO_THAT")}))
 */
public function index() { ... }

If instead, you want to check that a user has one right amongst many, you would use the @OrRight:

/**
 * An action that requires to have either the "CAN_DO_THIS" or "CAN_DO_THAT" right.
 *
 * @URL /admin
 * @Right(@OrRight({@Right("CAN_DO_THIS"), @Right("CAN_DO_THAT")}))
 */
public function index() { ... }

You can also combine @AndRight and @OrRight annotations as long as the top-most annotation is a @Right. Also, if you need to combine complex rights, you should probably start to question your right system and refactor it. @AndRight and @OrRight should really be used sparsely.

统计信息

  • 总下载量: 64.8k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 4
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 2
  • Forks: 5
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2012-10-16