Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/php-casbin/codeigniter-permission

Associate users with roles and permissions, use Casbin in CodeIgniter4 Web Framework.
https://github.com/php-casbin/codeigniter-permission

access-control acl authorization codeigniter permissions rbac restful

Last synced: 8 days ago
JSON representation

Associate users with roles and permissions, use Casbin in CodeIgniter4 Web Framework.

Host: GitHub
URL: https://github.com/php-casbin/codeigniter-permission
Owner: php-casbin
License: apache-2.0
Created: 2018-11-14T02:27:52.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2024-12-18T16:38:39.000Z (about 1 month ago)
Last Synced: 2025-01-05T03:08:13.579Z (15 days ago)
Topics: access-control, acl, authorization, codeigniter, permissions, rbac, restful
Language: PHP
Homepage: https://github.com/php-casbin/php-casbin
Size: 30.3 KB
Stars: 45
Watchers: 15
Forks: 9
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        


    CodeIgniter Permission





    CodeIgniter Permission is an authorization library for the CodeIgniter4 framework.    





    

        

    

    

        

    

    

        

    

     

        

    

    

        

    



It's based on [Casbin](https://github.com/php-casbin/php-casbin), an authorization library that supports access control models like ACL, RBAC, ABAC.

All you need to learn to use `Casbin` first.

* [Installation](#installation)

* [Usage](#usage)

  * [Quick start](#quick-start)

  * [Using Enforcer Api](#using-enforcer-api)  

  * [Multiple enforcers](#multiple-enforcers)  

  * [Cache](#using-cache)

* [Thinks](#thinks)

* [License](#license)

## Installation

Require this package in the `composer.json` of your `CodeIgniter 4` project. This will download the package.

```

composer require casbin/codeigniter-permission

```

To migrate the migrations, run the migrate command:

```

php spark migrate -n "Casbin\CodeIgniter"

```

This will create a new table named `rules`

## Usage

### Quick start

Once installed you can do stuff like this:

```php

$enforcer = \Config\Services::enforcer();

// adds permissions to a user

$enforcer->addPermissionForUser('eve', 'articles', 'read');

// adds a role for a user.

$enforcer->addRoleForUser('eve', 'writer');

// adds permissions to a rule

$enforcer->addPolicy('writer', 'articles','edit');

```

You can check if a user has a permission like this:

```php

// to check if a user has permission

if ($enforcer->enforce("eve", "articles", "edit")) {

    // permit eve to edit articles

} else {

    // deny the request, show an error

}

```

### Using Enforcer Api

It provides a very rich api to facilitate various operations on the Policy:

Gets all roles:

```php

$enforcer->getAllRoles(); // ['writer', 'reader']

```

Gets all the authorization rules in the policy.:

```php

$enforcer->getPolicy();

```

Gets the roles that a user has.

```php

$enforcer->getRolesForUser('eve'); // ['writer']

```

Gets the users that has a role.

```php

$enforcer->getUsersForRole('writer'); // ['eve']

```

Determines whether a user has a role.

```php

$enforcer->hasRoleForUser('eve', 'writer'); // true or false

```

Adds a role for a user.

```php

$enforcer->addRoleForUser('eve', 'writer');

```

Adds a permission for a user or role.

```php

// to user

$enforcer->addPermissionForUser('eve', 'articles', 'read');

// to role

$enforcer->addPermissionForUser('writer', 'articles','edit');

```

Deletes a role for a user.

```php

$enforcer->deleteRoleForUser('eve', 'writer');

```

Deletes all roles for a user.

```php

$enforcer->deleteRolesForUser('eve');

```

Deletes a role.

```php

$enforcer->deleteRole('writer');

```

Deletes a permission.

```php

$enforcer->deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).

```

Deletes a permission for a user or role.

```php

$enforcer->deletePermissionForUser('eve', 'articles', 'read');

```

Deletes permissions for a user or role.

```php

// to user

$enforcer->deletePermissionsForUser('eve');

// to role

$enforcer->deletePermissionsForUser('writer');

```

Gets permissions for a user or role.

```php

$enforcer->getPermissionsForUser('eve'); // return array

```

Determines whether a user has a permission.

```php

$enforcer->hasPermissionForUser('eve', 'articles', 'read');  // true or false

```

See [Casbin API](https://casbin.org/docs/en/management-api) for more APIs.

### Multiple enforcers

If you need multiple permission controls in your project, you can configure multiple enforcers.

In the `Config\Enforcer.php` file, it should be like this:

```php

namespace Config;

use Casbin\CodeIgniter\Config\Enforcer as BaseConfig;

use Casbin\CodeIgniter\Adapters\DatabaseAdapter;

class Enforcer extends BaseConfig

{

    /*

     * Default Enforcer driver

     *

     * @var string

     */

    public $default = 'basic';

    public $basic = [

        /*

        * Casbin model setting.

        */

        'model' => [

            // Available Settings: "file", "text"

            'config_type' => 'file',

            'config_file_path' => __DIR__.'/rbac-model.conf',

            'config_text' => '',

        ],

        /*

        * Casbin adapter .

        */

        'adapter' => DatabaseAdapter::class,

        /*

        * Database setting.

        */

        'database' => [

            // Database connection for following tables.

            'connection' => '',

            // Rule table name.

            'rules_table' => 'rules',

        ],

        'log' => [

            // changes whether Casbin will log messages to the Logger.

            'enabled' => false,

            // Casbin Logger

            'logger' => \Casbin\CodeIgniter\Logger::class,

        ],

        'cache' => [

            // changes whether Casbin will cache the rules.

            'enabled' => false,

            // cache Key

            'key' => 'rules',

            // ttl int|null

            'ttl' => 24 * 60,

        ],

    ];

    public $second = [

        'model' => [

            // ...

        ],

        'adapter' => DatabaseAdapter::class,

        // ...

    ];

}

```

Then you can choose which enforcers to use.

```php

$enforcer->guard('second')->enforce("eve", "articles", "edit");

```

### Using cache

Authorization rules are cached to speed up performance. The default is off.

Sets your own cache configs in `Config\Enforcer.php`. 

```php

'cache' => [

    // changes whether Casbin will cache the rules.

    'enabled' => false,

    // cache Key

    'key' => 'rules',

    // ttl int|null

    'ttl' => 24 * 60,

]

```

## Thinks

[PHP-Casbin](https://github.com/php-casbin/php-casbin). You can find the full documentation of Casbin [on the website](https://casbin.org/).

## License

This project is licensed under the [Apache 2.0 license](LICENSE).