# webman-permission **Repository Path**: Tinywan_admin/webman-permission ## Basic Information - **Project Name**: webman-permission - **Description**: 推荐使用插件 https://github.com/Tinywan/casbin - **Primary Language**: PHP - **License**: Apache-2.0 - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-01-13 - **Last Updated**: 2022-01-13 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # webman-permission [![license](https://img.shields.io/github/license/Tinywan/webman-permission)]() [![996.icu](https://img.shields.io/badge/link-996.icu-red.svg)](https://996.icu) [![Build status](https://github.com/Tinywan/dnmp/workflows/CI/badge.svg)]() [![webman-permission](https://img.shields.io/github/v/release/tinywan/webman-permission?include_prereleases)]() [![webman-permission](https://img.shields.io/badge/build-passing-brightgreen.svg)]() [![webman-permission](https://img.shields.io/packagist/php-v/tinywan/webman-permission?style=flat&colorB=8892BF)]() [![webman-permission](https://img.shields.io/github/last-commit/tinywan/webman-permission/main)]() [![webman-permission](https://img.shields.io/github/v/tag/tinywan/webman-permission?color=ff69b4)]() Use [Casbin](https://github.com/php-casbin/php-casbin) in [Webman](https://github.com/walkor/webman) High performance HTTP Service Framework for PHP based on Workerman, Casbin is a powerful and efficient open-source access control library. ## Requirements - PHP > 7.2 - [ThinkORM](https://github.com/top-think/think-orm) - [PHP-DI](https://github.com/PHP-DI/PHP-DI) ## 安装 ```shell script composer require tinywan/webman-permission ``` ## 依赖自动注入配置 修改配置`config/container.php`,其最终内容如下: ```php $builder = new \DI\ContainerBuilder(); $builder->addDefinitions(config('dependence', [])); $builder->useAutowiring(true); $builder->useAnnotations(true); return $builder->build(); ``` > `config/container.php`里最终返回一个符合PSR-11规范的容器实例。如果你不想使用 php-di ,可以在这里创建并返回一个其它符合PSR-11规范的容器实例。 当使用php-di后,开发者无需手动实例化`DatabaseAdapter`,webman会自动帮你完成。如果在实例化`DatabaseAdapter`过程中有其它类的依赖(RuleModel),webman也会自动实例化并注入。开发者不需要任何的初始化工作。 ## 配置 控制模型 model 配置文件 `config/permission.php` 内容如下 ```php return [ 'default' => 'basic', 'enforcers' => [ 'basic' => [ # Model 设置 'model' => [ 'config_type' => 'file', 'config_file_path' => config_path() . '/casbin-basic-model.conf', 'config_text' => '' ], # 适配器 'adapter' => webman\permission\adapter\DatabaseAdapter::class, # 数据库连接表 'database' => [ 'connection' => '', 'rules_table' => 'train_rule', 'rules_name' => 'rule', ], # 多进程策略定时刷新时间,单位秒 'policy_refresh_time_interval' => 30 ], ] ]; ``` 策略 policy 配置文件 `config/casbin-basic-model.conf` 内容如下 ``` [request_definition] r = sub, obj, act [policy_definition] p = sub, obj, act [role_definition] g = _, _ [policy_effect] e = some(where (p.eft == allow)) [matchers] m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act ``` ### 进程启动配置 打开 `config/bootstrap.php`,加入如下配置: ```php return [ // ThinkOrm 一定要 Permission 之前加载哦 support\bootstrap\ThinkOrm::class, webman\permission\Permission::class, ]; ``` ## 用法 ### 快速开始 安装成功后,可以这样使用: ```php use webman\permission\Permission; // adds permissions to a user Permission::addPermissionForUser('eve', 'articles', 'read'); // adds a role for a user. Permission::addRoleForUser('eve', 'writer'); // adds permissions to a rule Permission::addPolicy('writer', 'articles','edit'); ``` 你可以检查一个用户是否拥有某个权限: ```php if (Permission::enforce("eve", "articles", "edit")) { echo '恭喜你!通过权限认证'; } else { echo '对不起,您没有该资源访问权限'; } ``` ### 使用 Casbin Api 它提供了非常丰富的 `API`,以促进对 `Policy` 的各种操作: 获取所有角色: ```php Enforcer::getAllRoles(); // ['writer', 'reader'] ``` 获取所有的角色的授权规则: ```php Enforcer::getPolicy(); ``` 获取某个用户的所有角色: ```php Enforcer::getRolesForUser('eve'); // ['writer'] ``` 获取某个角色的所有用户: ```php Enforcer::getUsersForRole('writer'); // ['eve'] ``` 决定用户是否拥有某个角色: ```php Enforcer::hasRoleForUser('eve', 'writer'); // true or false ``` 给用户添加角色: ```php Enforcer::addRoleForUser('eve', 'writer'); ``` 赋予权限给某个用户或角色: ```php // to user Enforcer::addPermissionForUser('eve', 'articles', 'read'); // to role Enforcer::addPermissionForUser('writer', 'articles','edit'); ``` 删除用户的角色: ```php Enforcer::deleteRoleForUser('eve', 'writer'); ``` 删除某个用户的所有角色: ```php Enforcer::deleteRolesForUser('eve'); ``` 删除单个角色: ```php Enforcer::deleteRole('writer'); ``` 删除某个权限: ```php Enforcer::deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected). ``` 删除某个用户或角色的权限: ```php Enforcer::deletePermissionForUser('eve', 'articles', 'read'); ``` 删除某个用户或角色的所有权限: ```php // to user Enforcer::deletePermissionsForUser('eve'); // to role Enforcer::deletePermissionsForUser('writer'); ``` 获取用户或角色的所有权限: ```php Enforcer::getPermissionsForUser('eve'); // return array ``` 决定某个用户是否拥有某个权限 ```php Enforcer::hasPermissionForUser('eve', 'articles', 'read'); // true or false ``` 更多 `API` 参考 [Casbin API](https://casbin.org/docs/en/management-api) 。 ## 感谢 [Casbin](https://github.com/php-casbin/php-casbin),你可以查看全部文档在其 [官网](https://casbin.org/) 上。 ## License This project is licensed under the [Apache 2.0 license](LICENSE).