Policy

Policy(即策略)是在特定模型或者资源中组织授权逻辑的类,用来处理用户授权动作。

组件要求

  • php: ^7.1
  • ext-json: >=1.0
  • easyswoole/spl: ^1.1

安装

composer require easyswoole/policy

仓库地址

easyswlle/policy

使用方法


use EasySwoole\Policy\PolicyNode;
use EasySwoole\Policy\Policy;

//授权动作
//PolicyNode::EFFECT_ALLOW   允许
//PolicyNode::EFFECT_DENY    拒绝
//PolicyNode::EFFECT_UNKNOWN 未知

$policy = new Policy();
//添加节点授权   
$policy->addPath('/user/add',PolicyNode::EFFECT_ALLOW);
$policy->addPath('/user/update',PolicyNode::EFFECT_ALLOW);
$policy->addPath('/user/delete',PolicyNode::EFFECT_DENY);
$policy->addPath('/user/*',PolicyNode::EFFECT_DENY);

//验证节点权限
var_dump($policy->check('user/asdasd'));//deny
var_dump($policy->check('user/add'));   //allow
var_dump($policy->check('user/update'));//allow

/*
 * 允许/api/*,但是唯独拒绝/api/order/charge,/api/order/info,/api/sys/*
 */

$policy->addPath('/api/*',PolicyNode::EFFECT_ALLOW);
$policy->addPath('/api/order/charge',PolicyNode::EFFECT_DENY);
$policy->addPath('/api/order/info',PolicyNode::EFFECT_DENY);
$policy->addPath('/api/sys/*',PolicyNode::EFFECT_DENY);

var_dump($policy->check('/api/whatever'));
var_dump($policy->check('/api/order/charge'));
var_dump($policy->check('/api/order/info'));
var_dump($policy->check('/api/sys/whatever'));

//对象添加
$root = new PolicyNode('*');
$userChild = $root->addChild('user');
$userAddChild = $userChild->addChild('add');
$userAddChild->addChild('aaaaaa')->setAllow(PolicyNode::EFFECT_ALLOW);
$userChild->addChild('update')->setAllow(PolicyNode::EFFECT_DENY);
$userChild->addChild('*')->setAllow(PolicyNode::EFFECT_ALLOW);

$apiChild = $root->addChild('charge');
$apiChild->addChild('*');

$node = $root->search('/user/add/aaaa');
if ($node) {
    var_dump($node->isAllow());
}

相关仓库

基于Policy组件的后台权限管理demo easyswoole_admin