sebk/swoft-voter 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

sebk/swoft-voter

Composer 安装命令:

composer require sebk/swoft-voter

包简介

Swoft voter system

README 文档

README

Voter system for Swoft

Install

Create your Swoft project : http://swoft.io/docs/2.x/en/quick-start/install.html

Require Swoft Voter package (https://github.com/sebk69/swoft-voter) :

composer require sebk/swoft-voter

Documentation

Parameter

In you're 'config' folder, create a 'voter.php' file :

<?php

return [
    'path' => [
        __DIR__ . '/../app/Security/Voter',
        __DIR__ . '/../app/Security/ModelVoter',
    ],
];

You can parameter any path as you wan't.

Create some voters

To create a voter, put a new voter class implements Sebk\SwoftVoter\VoterManager\VoterInterface in the voter folder (see Parameter section).

The interface is simple :

namespace Sebk\SwoftVoter\VoterManager;

interface VoterInterface
{
    // Responses
    const ACCESS_GRANTED = 1;
    const ACCESS_ABSTAIN = 0;
    const ACCESS_DENIED = -1;

    // Attributes
    const ATTRIBUTE_READ = "READ";
    const ATTRIBUTE_WRITE = "WRITE";
    const ATTRIBUTE_UPDATE = "UPDATE";
    const ATTRIBUTE_DELETE = "DELETE";

    /**
     * Is voter sopported by vote ?
     * @param $subject
     * @param $attibutes
     * @return bool
     */
    function support($subject, array $attibutes);

    /**
     * Vote
     * @param $user
     * @param $subject
     * @param array $attributes
     * @return int
     */
    function voteOnAttribute($user, $subject, array $attributes);
}

The 'support' method must return a bool value meaning that the voter is concerned or not by the vote represented by subject and attrutes.

The 'voteOnAttribute' method is the result of the vote for the user. It must return one of these interface constant :

  • ACCESS_GRANTED : The voter consider that the user is allowed
  • ACCCESS_DENIED : The voter consider thar the user is not allowed
  • ACCCESS_ABSTAIN : The voter does not consider a response

On vote, all concerned voters (responded true on 'support' call) are queried :

  • If one of the voter grant access then the vote is considered granted.
  • If a voter abstain, his response is not taken account.
  • If all voters repond a denied access, the vote consider that the user has denied access

Here is an example of Voter to check a controller access :

<?php

namespace App\Security\Voter;

use App\Http\Controller\Abstract\TokenSecuredController;
use Sebk\SwoftVoter\VoterManager\VoterInterface;

class ControllerVoter implements VoterInterface
{

    /**
     * Is voter sopported by vote ?
     * @param \stdClass $subject
     * @param array $attibutes
     * @return bool
     */
    public function support($subject, array $attibutes)
    {
        $result = false;

        // Check attributes
        foreach ($attibutes as $attibute) {
            switch ($attibute) {
                case VoterInterface::ATTRIBUTE_READ:
                case VoterInterface::ATTRIBUTE_UPDATE:
                    $result = true;
            }
        }

        // If attributes checked, check subject
        if ($result) {
            if (!$subject instanceof TokenSecuredController) {
                $result = false;
            }
        }

        return $result;
    }

    /**
     * Vote
     * @param $user
     * @param $subject
     * @param array $attributes
     * @return int
     */
    public function voteOnAttribute($user, $subject, array $attributes)
    {
        if ($user->getLogin() == "KS" && in_array(VoterInterface::ATTRIBUTE_READ, $attributes)) {
            return VoterInterface::ACCESS_GRANTED;
        }

        return VoterInterface::ACCESS_DENIED;
    }

}

Voting

Instanciate VoterManager

use Sebk\SwoftVoter\VoterManager\VoterManagerInterface;

$this->voterManager = bean(VoterManagerInterface::class);

And vote on object you wan't to vote

use Sebk\SwoftVoter\VoterManager\VoterInterface;

$subject = $this->objectToVote;
$attributes = [
    VoterInterface::ATTRIBUTE_READ,
    VoterInterface::ATTRIBUTE_WRITE,
];
$voteResult = $this->voterManager->vote($this->getUser(), $subject, $attributes);
if ($voteResult != VoterInterface::ACCESS_GRANTED) {
    // And deny access if not granted
    throw new AccessDeniedException("Forbidden access");
}

sebk/swoft-voter 适用场景与选型建议

sebk/swoft-voter 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 23 次下载、GitHub Stars 达 0, 最近一次更新时间为 2021 年 10 月 19 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 sebk/swoft-voter 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 sebk/swoft-voter 我们能提供哪些服务?
定制开发 / 二次开发

基于 sebk/swoft-voter 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 23
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 14
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: GPL-3.0-only
  • 更新时间: 2021-10-19