Use Casbin in Yii 2.0 PHP Framework.
Require this package in the composer.json
of your Yii 2.0 project. This will download the package.
composer require casbin/yii-permission
To use this extension, you have to configure the Casbin
class in your application configuration:
return [
//....
'components' => [
'permission' => [
'class' => \yii\permission\Permission::class,
/*
* Casbin model setting.
*/
'model' => [
// Available Settings: "file", "text"
'config_type' => 'file',
'config_file_path' => '/path/to/casbin-model.conf',
'config_text' => '',
],
// Casbin adapter .
'adapter' => \yii\permission\Adapter::class,
/*
* Casbin database setting.
*/
'database' => [
// Database connection for following tables.
'connection' => '',
// CasbinRule tables and model.
'casbin_rules_table' => '{{%casbin_rule}}',
],
],
]
];
Once installed you can do stuff like this:
$permission = \Yii::$app->permission;
// adds permissions to a user
$permission->addPermissionForUser('eve', 'articles', 'read');
// adds a role for a user.
$permission->addRoleForUser('eve', 'writer');
// adds permissions to a rule
$permission->addPolicy('writer', 'articles','edit');
You can check if a user has a permission like this:
// to check if a user has permission
if ($permission->enforce("eve", "articles", "edit")) {
// permit eve to edit articles
} else {
// deny the request, show an error
}
It provides a very rich api to facilitate various operations on the Policy:
Gets all roles:
$permission->getAllRoles(); // ['writer', 'reader']
Gets all the authorization rules in the policy.:
$permission->getPolicy();
Gets the roles that a user has.
$permission->getRolesForUser('eve'); // ['writer']
Gets the users that has a role.
$permission->getUsersForRole('writer'); // ['eve']
Determines whether a user has a role.
$permission->hasRoleForUser('eve', 'writer'); // true or false
Adds a role for a user.
$permission->addRoleForUser('eve', 'writer');
Adds a permission for a user or role.
// to user
$permission->addPermissionForUser('eve', 'articles', 'read');
// to role
$permission->addPermissionForUser('writer', 'articles','edit');
Deletes a role for a user.
$permission->deleteRoleForUser('eve', 'writer');
Deletes all roles for a user.
$permission->deleteRolesForUser('eve');
Deletes a role.
$permission->deleteRole('writer');
Deletes a permission.
$permission->deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).
Deletes a permission for a user or role.
$permission->deletePermissionForUser('eve', 'articles', 'read');
Deletes permissions for a user or role.
// to user
$permission->deletePermissionsForUser('eve');
// to role
$permission->deletePermissionsForUser('writer');
Gets permissions for a user or role.
$permission->getPermissionsForUser('eve'); // return array
Determines whether a user has a permission.
$permission->hasPermissionForUser('eve', 'articles', 'read'); // true or false
See Casbin API for more APIs.
You can find the full documentation of Casbin on the website.