{"id":20876084,"url":"https://github.com/php-casbin/think-authz","last_synced_at":"2025-05-15T07:04:35.568Z","repository":{"id":35011804,"uuid":"194800042","full_name":"php-casbin/think-authz","owner":"php-casbin","description":"An authorization library that supports access control models like ACL, RBAC, ABAC in ThinkPHP.","archived":false,"fork":false,"pushed_at":"2025-05-13T05:48:54.000Z","size":70,"stargazers_count":268,"open_issues_count":2,"forks_count":48,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-05-13T06:22:41.953Z","etag":null,"topics":["access-control","acl","authorization","authrization","casbin","permissions","rbac","roles","thinkphp"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/php-casbin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-02T06:16:20.000Z","updated_at":"2025-04-10T12:22:03.000Z","dependencies_parsed_at":"2022-08-24T13:21:28.487Z","dependency_job_id":"c49ecdbc-9702-4c05-8ed4-0ca574fe3195","html_url":"https://github.com/php-casbin/think-authz","commit_stats":{"total_commits":37,"total_committers":7,"mean_commits":5.285714285714286,"dds":"0.43243243243243246","last_synced_commit":"9aabaa5bf68d0e2e0167a1cc3d7dfabcce4e9526"},"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-casbin%2Fthink-authz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-casbin%2Fthink-authz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-casbin%2Fthink-authz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/php-casbin%2Fthink-authz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/php-casbin","download_url":"https://codeload.github.com/php-casbin/think-authz/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253886446,"owners_count":21979061,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","acl","authorization","authrization","casbin","permissions","rbac","roles","thinkphp"],"created_at":"2024-11-18T06:49:59.306Z","updated_at":"2025-05-15T07:04:35.266Z","avatar_url":"https://github.com/php-casbin.png","language":"PHP","readme":"\u003ch1 align=\"center\"\u003e\r\n    ThinkPHP Authorization\r\n\u003c/h1\u003e\r\n\r\n\u003cp align=\"center\"\u003e\r\n\t\u003cstrong\u003eThink-authz 是一个专为 ThinkPHP 打造的授权（角色和权限控制）工具\u003c/strong\u003e    \r\n\u003c/p\u003e\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003ca href=\"https://github.com/php-casbin/think-authz/actions/workflows/phpunit.yml\"\u003e\r\n        \u003cimg src=\"https://github.com/php-casbin/think-authz/actions/workflows/phpunit.yml/badge.svg\" alt=\"Build Status\"\u003e\r\n    \u003c/a\u003e\r\n\t\u003ca href=\"https://coveralls.io/github/php-casbin/think-authz\"\u003e\r\n\t\t\u003cimg src=\"https://coveralls.io/repos/github/php-casbin/think-authz/badge.svg\" alt=\"Coverage Status\"\u003e\r\n  \t\u003c/a\u003e\r\n    \u003ca href=\"https://packagist.org/packages/casbin/think-authz\"\u003e\r\n\t\t\u003cimg src=\"https://poser.pugx.org/casbin/think-authz/v/stable\" alt=\"Latest Stable Version\"\u003e\r\n  \t\u003c/a\u003e\r\n     \u003ca href=\"https://packagist.org/packages/casbin/think-authz\"\u003e\r\n\t\t\u003cimg src=\"https://poser.pugx.org/casbin/think-authz/downloads\" alt=\"Total Downloads\"\u003e\r\n  \t\u003c/a\u003e\r\n    \u003ca href=\"https://packagist.org/packages/casbin/think-authz\"\u003e\r\n\t\t\u003cimg src=\"https://poser.pugx.org/casbin/think-authz/license\" alt=\"License\"\u003e\r\n  \t\u003c/a\u003e\r\n\u003c/p\u003e\r\n\r\n它基于 [PHP-Casbin](https://github.com/php-casbin/php-casbin), 一个强大的、高效的开源访问控制框架，支持基于`ACL`, `RBAC`, `ABAC`等访问控制模型。\r\n\r\n在这之前，你需要了解 [Casbin](https://github.com/php-casbin/php-casbin) 的相关知识。\r\n\r\n* [安装](#安装)\r\n* [用法](#用法)\r\n  * [快速开始](#快速开始)\r\n  * [使用 Enforcer Api](#使用-enforcer-api)\r\n  * [使用中间件](#使用中间件)\r\n* [感谢](#thinks)\r\n* [License](#license)\r\n\r\n## 安装\r\n\r\n使用`composer`安装：\r\n\r\n```\r\ncomposer require casbin/think-authz\r\n```\r\n\r\n注册服务，在应用的全局公共文件`service.php`中加入：\r\n\r\n```php\r\nreturn [\r\n    // ...\r\n\r\n    tauthz\\TauthzService::class,\r\n];\r\n```\r\n\r\n发布配置文件和数据库迁移文件：\r\n\r\n```\r\nphp think tauthz:publish\r\n```\r\n\r\n这将自动生成 `config/tauthz-rbac-model.conf` 和 `config/tauthz.php` 文件。\r\n\r\n\r\n执行迁移工具（**确保数据库配置信息正确**）：\r\n\r\n```\r\nphp think migrate:run\r\n```\r\n\r\n这将创建名为 `rules` 的表。\r\n\r\n\r\n## 用法\r\n\r\n### 快速开始\r\n\r\n安装成功后，可以这样使用:\r\n\r\n```php\r\n\r\nuse tauthz\\facade\\Enforcer;\r\n\r\n// adds permissions to a user\r\nEnforcer::addPermissionForUser('eve', 'articles', 'read');\r\n// adds a role for a user.\r\nEnforcer::addRoleForUser('eve', 'writer');\r\n// adds permissions to a rule\r\nEnforcer::addPolicy('writer', 'articles','edit');\r\n\r\n```\r\n\r\n你可以检查一个用户是否拥有某个权限:\r\n\r\n```php\r\n// to check if a user has permission\r\nif (Enforcer::enforce(\"eve\", \"articles\", \"edit\")) {\r\n    // permit eve to edit articles\r\n} else {\r\n    // deny the request, show an error\r\n}\r\n\r\n```\r\n\r\n### 使用 Enforcer Api\r\n\r\n它提供了非常丰富的 `API`，以促进对 `Policy` 的各种操作：\r\n\r\n获取所有角色:\r\n\r\n```php\r\nEnforcer::getAllRoles(); // ['writer', 'reader']\r\n```\r\n\r\n获取所有的角色的授权规则：\r\n\r\n```php\r\nEnforcer::getPolicy();\r\n```\r\n\r\n获取某个用户的所有角色：\r\n\r\n```php\r\nEnforcer::getRolesForUser('eve'); // ['writer']\r\n```\r\n\r\n获取某个角色的所有用户：\r\n\r\n```php\r\nEnforcer::getUsersForRole('writer'); // ['eve']\r\n```\r\n\r\n决定用户是否拥有某个角色：\r\n\r\n```php\r\nEnforcer::hasRoleForUser('eve', 'writer'); // true or false\r\n```\r\n\r\n给用户添加角色：\r\n\r\n```php\r\nEnforcer::addRoleForUser('eve', 'writer');\r\n```\r\n\r\n赋予权限给某个用户或角色：\r\n\r\n```php\r\n// to user\r\nEnforcer::addPermissionForUser('eve', 'articles', 'read');\r\n// to role\r\nEnforcer::addPermissionForUser('writer', 'articles','edit');\r\n```\r\n\r\n删除用户的角色：\r\n\r\n```php\r\nEnforcer::deleteRoleForUser('eve', 'writer');\r\n```\r\n\r\n删除某个用户的所有角色：\r\n\r\n```php\r\nEnforcer::deleteRolesForUser('eve');\r\n```\r\n\r\n删除单个角色：\r\n\r\n```php\r\nEnforcer::deleteRole('writer');\r\n```\r\n\r\n删除某个权限：\r\n\r\n```php\r\nEnforcer::deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).\r\n```\r\n\r\n删除某个用户或角色的权限：\r\n\r\n```php\r\nEnforcer::deletePermissionForUser('eve', 'articles', 'read');\r\n```\r\n\r\n删除某个用户或角色的所有权限：\r\n\r\n```php\r\n// to user\r\nEnforcer::deletePermissionsForUser('eve');\r\n// to role\r\nEnforcer::deletePermissionsForUser('writer');\r\n```\r\n\r\n获取用户或角色的所有权限：\r\n\r\n```php\r\nEnforcer::getPermissionsForUser('eve'); // return array\r\n```\r\n\r\n决定某个用户是否拥有某个权限\r\n\r\n```php\r\nEnforcer::hasPermissionForUser('eve', 'articles', 'read');  // true or false\r\n```\r\n\r\n更多 `API` 参考 [Casbin API](https://casbin.org/docs/en/management-api) 。\r\n\r\n### 使用中间件\r\n\r\n该扩展包带有一个 `\\tauthz\\middleware\\Basic::class` 中间件:\r\n\r\n```php\r\nRoute::get('news/:id','News/Show')\r\n\t-\u003emiddleware(\\tauthz\\middleware\\Basic::class, ['news', 'read']);\r\n```\r\n\r\n### 缓存配置\r\n\r\n该扩展包通过配置 `config/tauthz.php` 中的 `cache` 选项来开启或关闭缓存，以及配置缓存标识和过期时间。\r\n\r\n通过继承 `tauthz\\cache\\CacheHandler` 可以实现自定义缓存策略。例如：\r\n\r\n```php\r\nclass MyCacheHandler extends CacheHandler\r\n{\r\n    public function cachePolicies(Rule $model)\r\n    {\r\n        return $model-\u003ecacheAlways('my_cache_key', 3600);\r\n    }\r\n}\r\n```\r\n\r\n并在 `cache` 配置选项中的`handler`声明此类。\r\n\r\n## 感谢\r\n\r\n[Casbin](https://github.com/php-casbin/php-casbin)，你可以查看全部文档在其 [官网](https://casbin.org/) 上。\r\n\r\n## License\r\n\r\nThis project is licensed under the [Apache 2.0 license](LICENSE).\r\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphp-casbin%2Fthink-authz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphp-casbin%2Fthink-authz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphp-casbin%2Fthink-authz/lists"}