Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hanwenbo/policy
用于验证、解析Policy结构和语法
https://github.com/hanwenbo/policy
Last synced: about 2 months ago
JSON representation
用于验证、解析Policy结构和语法
- Host: GitHub
- URL: https://github.com/hanwenbo/policy
- Owner: hanwenbo
- License: apache-2.0
- Created: 2019-02-20T03:28:51.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2022-11-14T05:33:48.000Z (about 2 years ago)
- Last Synced: 2024-10-29T00:56:47.730Z (2 months ago)
- Language: PHP
- Size: 16.6 KB
- Stars: 2
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
该库贡献到easyswoole仓库,大家一起维护,请移步到https://github.com/easy-swoole/policy
# policy
用于验证、解析Policy结构和语法
## 安装
```bash
composer require hanwenbo/policy
```
## 使用方法
```php
$policyData = [
"Statement" => [
[
"Effect" => "Allow",
"Action" => ["goods/*", "goods/list"],
],
[
"Effect" => "Allow",
"Action" => ["goods/*", "goods/list"],
],
[
"Effect" => "Allow",
"Action" => ["goods/*", "goods/list"],
],
],
];
$policy = new \hanwenbo\policy\Policy();
$policy->addPolicy( new \hanwenbo\policy\RequestBean\Policy( $policyData ) );
// 可以添加多组,目的:一个用户属于多个角色组的时候,或者一个角色组对应多个存储的policy的时候
$policy->addPolicy( new \hanwenbo\policy\RequestBean\Policy( $policyData ) );
$result = $policy->verify( 'goods/list' );
var_dump( $result );
```
## 思路说明
假设是一个FaShop的商城项目
权限应该分为3个表,一个组可以拥有多个策略,为了方便开发者可以将每个模块的策略预置到数据库里,比如订单模块,商品模块,在给权限组分权限的时候,多选这些模块(策略),当验证的时候,查询出来所有的策略,扔给该库进行验证。
auth_group 角色组
auth_group_policy 角色组拥有的 policy_id 集合
auth_policy 权限策略表
策略表里要有id、存放json的字段,json格式如下:
```json
{
"Statement": [
{
"Effect": "Allow",
"Action": [
"goods/*",
"goods/list"
]
},
{
"Effect": "Allow",
"Action": [
"goods/*",
"goods/list"
]
},
{
"Effect": "Allow",
"Action": [
"goods/*",
"goods/list"
]
}
]
}
```
## TODO
- 前端路由根据规则生成示例
- 接口应该返回给前端策略列表的示例
- 前端policy验证的库