php-casbin
diff --git a/‎README.md‎
Lines changed: 191 additions & 2 deletions b/‎README.md‎
Lines changed: 191 additions & 2 deletions
diff --git a/‎composer.json‎
Lines changed: 4 additions & 2 deletions b/‎composer.json‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎src/Adapters/DatabaseAdapter.php‎
Lines changed: 156 additions & 0 deletions b/‎src/Adapters/DatabaseAdapter.php‎
Lines changed: 156 additions & 0 deletions
@@ -1,2 +1,191 @@
-# easyswoole-permission
-An authorization library that supports access control models like ACL, RBAC, ABAC in EasySwoole.
+<h1 align="center">easyswoole-permission</h1>
+<p align="center">An authorization library that supports access control models like ACL, RBAC, ABAC in EasySwoole.</p>
+
+## Installing
+
+Require this package in the `composer.json` of your easyswoole project. This will download the package.
+
+```shell
+$ composer require
+```
+
+## Usage
+
+add mysql configuration to `dev.php`:
+```php
+/*################ MYSQL CONFIG ##################*/
+
+'MYSQL'  => [
+    'host'          => '127.0.0.1',
+    'port'          => 3306,
+    'user'          => 'root',
+    'password'      => 'root',
+    'database'      => 'easyswoole',
+    'timeout'       => 5,
+    'charset'       => 'utf8mb4',
+]
+```
+
+add mysql configuration to `EasySwooleEvent.php`:
+
+```php
+use EasySwoole\ORM\Db\Connection;
+use EasySwoole\ORM\DbManager;
+
+public static function initialize()
+{
+  ...
+  $config = new \EasySwoole\ORM\Db\Config(Config::getInstance()->getConf('MYSQL'));
+  DbManager::getInstance()->addConnection(new Connection($config));
+}
+```
+
+Before using it, you need to create a table named `casbin_rules` for Casbin to store the policy.
+
+Take mysql as an example:
+
+```sql
+CREATE TABLE  if not exists  `casbin_rules` (
+  `id` BigInt(20) unsigned NOT NULL AUTO_INCREMENT,
+  `ptype` varchar(255) DEFAULT NULL,
+  `v0` varchar(255) DEFAULT NULL,
+  `v1` varchar(255) DEFAULT NULL,
+  `v2` varchar(255) DEFAULT NULL,
+  `v3` varchar(255) DEFAULT NULL,
+  `v4` varchar(255) DEFAULT NULL,
+  `v5` varchar(255) DEFAULT NULL,
+  `create_time` timestamp NULL DEFAULT NULL,
+  `update_time` timestamp NULL DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB  DEFAULT CHARSET=utf8mb4;
+```
+
+Then you can start like this:
+
+```php
+use Easyswolle\Permission\Casbin;
+use Easyswolle\Permission\Config;
+
+$config = new Config();
+$casbin = new Casbin($config);
+
+// adds permissions to a user
+$casbin->addPermissionForUser('eve', 'articles', 'read');
+// adds a role for a user.
+$casbin->addRoleForUser('eve', 'writer');
+// adds permissions to a rule
+$casbin->addPolicy('writer', 'articles', 'edit');
+```
+
+You can check if a user has a permission like this:
+
+```php
+// to check if a user has permission
+if ($casbin->enforce('eve', 'articles', 'edit')) {
+  // permit eve to edit articles
+} else {
+  // deny the request, show an error
+}
+```
+
+### Using Enforcer Api
+
+It provides a very rich api to facilitate various operations on the Policy:
+
+Gets all roles:
+
+```php
+Enforcer::getAllRoles(); // ['writer', 'reader']
+```
+
+Gets all the authorization rules in the policy.:
+
+```php
+Enforcer::getPolicy();
+```
+
+Gets the roles that a user has.
+
+```php
+Enforcer::getRolesForUser('eve'); // ['writer']
+```
+
+Gets the users that has a role.
+
+```php
+Enforcer::getUsersForRole('writer'); // ['eve']
+```
+
+Determines whether a user has a role.
+
+```php
+Enforcer::hasRoleForUser('eve', 'writer'); // true or false
+```
+
+Adds a role for a user.
+
+```php
+Enforcer::addRoleForUser('eve', 'writer');
+```
+
+Adds a permission for a user or role.
+
+```php
+// to user
+Enforcer::addPermissionForUser('eve', 'articles', 'read');
+// to role
+Enforcer::addPermissionForUser('writer', 'articles','edit');
+```
+
+Deletes a role for a user.
+
+```php
+Enforcer::deleteRoleForUser('eve', 'writer');
+```
+
+Deletes all roles for a user.
+
+```php
+Enforcer::deleteRolesForUser('eve');
+```
+
+Deletes a role.
+
+```php
+Enforcer::deleteRole('writer');
+```
+
+Deletes a permission.
+
+```php
+Enforcer::deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).
+```
+
+Deletes a permission for a user or role.
+
+```php
+Enforcer::deletePermissionForUser('eve', 'articles', 'read');
+```
+
+Deletes permissions for a user or role.
+
+```php
+// to user
+Enforcer::deletePermissionsForUser('eve');
+// to role
+Enforcer::deletePermissionsForUser('writer');
+```
+
+Gets permissions for a user or role.
+
+```php
+Enforcer::getPermissionsForUser('eve'); // return array
+```
+
+Determines whether a user has a permission.
+
+```php
+Enforcer::hasPermissionForUser('eve', 'articles', 'read');  // true or false
+```
+
+See [Casbin API](https://casbin.org/docs/en/management-api) for more APIs.
@@ -1,5 +1,5 @@
 {
-    "name": "casbin/easyswoole-permissoin",
+    "name": "casbin/easyswoole-permission",
     "description": "An authorization library that supports access control models like ACL, RBAC, ABAC in EasySwoole.",
     "license": "Apache-2.0",
     "authors": [
@@ -11,7 +11,9 @@
     "require": {
         "php": "^7.2",
         "ext-swoole": ">=4.5",
-        "casbin/casbin": "^2.2"
+        "casbin/casbin": "^2.2",
+        "easyswoole/orm": "^1.4",
+        "easyswoole/easyswoole": "3.x"
     },
     "autoload": {
         "psr-4": {
 
@@ -0,0 +1,156 @@
+<?php
+
+declare(strict_types=1);
+
+namespace EasySwoole\Permission\Adapters;
+
+use Casbin\Persist\AdapterHelper;
+use Casbin\Model\Model;
+use Casbin\Persist\Adapter;
+use EasySwoole\Permission\Model\RulesModel;
+
+class DatabaseAdapter implements Adapter
+{
+  use AdapterHelper;
+
+  /**
+   * Rules eloquent model
+   *
+   * @var Rule
+   */
+  protected $eloquent;
+
+  /**
+   * the DatabaseAdapter constructor.
+   *
+   * @param Rule $eloquent
+   */
+  public function __construct(RulesModel $eloquent)
+  {
+    $this->eloquent = $eloquent;
+  }
+
+  /**
+   * savePolicyLine function.
+   *
+   * @param string $ptype
+   * @param array  $rule
+   */
+  public function savePolicyLine(string $ptype, array $rule): void
+  {
+    $col['ptype'] = $ptype;
+    foreach ($rule as $key => $value) {
+      $col['v' . strval($key)] = $value;
+    }
+
+    $this->eloquent->create()->data($col, false)->save();
+  }
+
+  /**
+   * loads all policy rules from the storage.
+   *
+   * @param Model $model
+   */
+  public function loadPolicy(Model $model): void
+  {
+    $rows = $this->eloquent->create()->all();
+    foreach ($rows as &$row) {
+      $row = $row->hidden(['id', 'create_time', 'update_time'])->toArray(false, false);
+    }
+    unset($row);
+
+    foreach ($rows as $row) {
+      $line = implode(', ', array_filter($row, function ($val) {
+        return '' != $val && !is_null($val);
+      }));
+      $this->loadPolicyLine(trim($line), $model);
+    }
+  }
+
+  /**
+   * saves all policy rules to the storage.
+   *
+   * @param Model $model
+   */
+  public function savePolicy(Model $model): void
+  {
+    foreach ($model['p'] as $ptype => $ast) {
+      foreach ($ast->policy as $rule) {
+        $this->savePolicyLine($ptype, $rule);
+      }
+    }
+
+    foreach ($model['g'] as $ptype => $ast) {
+      foreach ($ast->policy as $rule) {
+        $this->savePolicyLine($ptype, $rule);
+      }
+    }
+  }
+
+  /**
+   * adds a policy rule to the storage.
+   * This is part of the Auto-Save feature.
+   *
+   * @param string $sec
+   * @param string $ptype
+   * @param array  $rule
+   */
+  public function addPolicy(string $sec, string $ptype, array $rule): void
+  {
+    $this->savePolicyLine($ptype, $rule);
+  }
+
+  /**
+   * This is part of the Auto-Save feature.
+   *
+   * @param string $sec
+   * @param string $ptype
+   * @param array  $rule
+   */
+  public function removePolicy(string $sec, string $ptype, array $rule): void
+  {
+    $count = 0;
+
+    $instance = $this->eloquent->create()->get(['ptype' => $ptype]);
+
+    foreach ($rule as $key => $value) {
+      $instance->where('v' . strval($key), $value);
+    }
+
+    foreach ($instance->get() as $model) {
+      if ($model->delete()) {
+        ++$count;
+      }
+    }
+  }
+
+  /**
+   * RemoveFilteredPolicy removes policy rules that match the filter from the storage.
+   * This is part of the Auto-Save feature.
+   *
+   * @param string $sec
+   * @param string $ptype
+   * @param int    $fieldIndex
+   * @param string ...$fieldValues
+   */
+  public function removeFilteredPolicy(string $sec, string $ptype, int $fieldIndex, string ...$fieldValues): void
+  {
+    $count = 0;
+
+    $instance = $this->eloquent->create()->get(['ptype' => $ptype]);
+
+    foreach (range(0, 5) as $value) {
+      if ($fieldIndex <= $value && $value < $fieldIndex + count($fieldValues)) {
+        if ('' != $fieldValues[$value - $fieldIndex]) {
+          $instance->where('v' . strval($value), $fieldValues[$value - $fieldIndex]);
+        }
+      }
+    }
+
+    foreach ($instance->get() as $model) {
+      if ($model->delete()) {
+        ++$count;
+      }
+    }
+  }
+}