orisai/auth

Authentication and authorization

Maintainers

Details

github.com/orisai/auth

Homepage

Source

Issues

Installs: 18 872

Dependents: 3

Suggesters: 0

Security: 0

Stars: 7

Watchers: 3

Forks: 1

Open Issues: 0

2.0.3 2024-06-21 09:02 UTC

Requires

Requires (Dev)

MPL-2.0 fe825f17a47fdc6acc310b651dce168997175c98

authorizationsecurityAuthenticationloginpasswordauthaclUsersPolicypermissionsrbacpasswordsroleaccess-controlabacorisai

This package is auto-updated.

Last update: 2024-10-27 14:13:01 UTC

README

Orisai
Auth

Authentication and authorization

📄 Check out our documentation.

💸 If you like Orisai, please make a donation. Thank you!

This package is inspired by nette/security from David Grudl. Thank you, David!

namespace App\Admin\Article\View;

use Orisai\Auth\Authentication\Identity;
use Orisai\Auth\Authentication\SimpleFirewall;

final class ArticleEditController
{

	private SimpleFirewall $firewall;

	public function __construct(SimpleFirewall $firewall)
	{
		$this->firewall = $firewall;
	}

	public function run(): void
	{
		if (!$this->firewall->isAllowed('administration.entry')) {
			// Not allowed
		}

		$article = /* get article by ID from request */;

		if (!$this->firewall->isAllowed('article.edit', $article)) {
			// Not allowed
		}

		// Is allowed
	}

}

use App\Core\Article\Article;
use Orisai\Auth\Authorization\Policy;
use Orisai\Auth\Authorization\PolicyContext;

/**
 * @implements Policy<Article>
 */
final class ArticleEditPolicy implements Policy
{

	public static function getPrivilege(): string
	{
		return 'article.edit';
	}

	public static function getRequirementsClass(): string
	{
		return Article::class;
	}

	/**
	 * @param Article $requirements
	 */
	public function isAllowed(Identity $identity, object $requirements, PolicyContext $context): bool
	{
		$authorizer = $context->getAuthorizer();

		return $authorizer->hasPrivilege($identity, self::getPrivilege())
			&& $requirements->getAuthor()->getId() === $identity->getId();
	}

}