$ composer require geniv/nette-authorizator
or
"geniv/nette-authorizator": ">=1.0.0"
require:
"php": ">=5.6.0",
"nette/nette": ">=2.4.0",
"dibi/dibi": ">=3.0.0"
- Neon (neon filesystem) - support form
- Dibi (dibi + cache) - support form
- Array (neon configure)
allow
- all is deny, allow partdeny
- all is allow, deny partnone
- all is allow, ignore part
neon configure:
# acl
authorizator:
# autowired: false # default null, true|false|self|null
policy: allow # allow (all is deny, allow part) | deny (all is allow, deny part) | none (all is allow, ignore part)
source: "Neon"
path: %appDir%/components/test/nette-authorizator/sql/acl.neon
# source: "Dibi"
# tablePrefix: %tablePrefix%
# source: "Array"
# role:
# - guest
# - moderator
# - admin
# resource:
# - article
# - comment
# - poll
# privilege:
# - show
# - insert
# - update
# - delete
# acl:
# moderator:
# article: [show, insert, update]
# admin: all
neon configure extension:
extensions:
authorizator: Authorizator\Bridges\Nette\Extension
presenters:
$acl = $this->user->getAuthorizator();
$acl->isAllowed('guest', 'sekce-forum', 'zobrazit');
$this->user->isAllowed('sekce-forum', 'zobrazit');
usage:
<span n:if="$user->isAllowed('sekce-forum', 'zobrazit')">...</span>
All method onSuccess callback are default defined like $this->redirect('this');
presenters form:
use Authorizator\Forms\AclForm;
use Authorizator\Forms\PrivilegeForm;
use Authorizator\Forms\ResourceForm;
use Authorizator\Forms\RoleForm;
...
abstract class BasePresenter extends Presenter
{
use AutowiredComponent;
...
protected function createComponentRoleForm(RoleForm $roleForm): RoleForm
{
//$roleForm->setTemplatePath(path);
//$roleForm->onSuccess[] = function (array $values) { };
//$roleForm->onError[] = function (array $values, Exception $e = null) { };
return $roleForm;
}
protected function createComponentResourceForm(ResourceForm $resourceForm): ResourceForm
{
//$resourceForm->setTemplatePath(path);
//$resourceForm->onSuccess[] = function (array $values) { };
//$resourceForm->onError[] = function (array $values, Exception $e = null) { };
return $resourceForm;
}
protected function createComponentPrivilegeForm(PrivilegeForm $privilegeForm): PrivilegeForm
{
//$privilegeForm->setTemplatePath(path);
//$privilegeForm->onSuccess[] = function (array $values) { };
//$privilegeForm->onError[] = function (array $values, Exception $e = null) { };
return $privilegeForm;
}
protected function createComponentAclForm(AclForm $aclForm): AclForm
{
//$aclForm->setTemplatePath(path);
//$aclForm->onSuccess[] = function (array $values) { };
//$aclForm->onError[] = function (array $values) { };
return $aclForm;
}
generic usage on security base presenter:
$acl = $this->user->getAuthorizator();
// manual set allowed with internal resolve policy
$acl->setAllowed(IAuthorizator::ALL, 'Homepage');
$acl->setAllowed(IAuthorizator::ALL, 'Login');
if (!$this->user->isAllowed($this->name, $this->action)) {
// NOT ALLOWED
}
form not required for correct function ACL.
Available form: role, resource, privilege and acl.
usage form:
{control roleForm}
{control resourceForm}
{control privilegeForm}
{control aclForm}