Merge pull request #1 from yk17310320725/master

Implement casbin to  hyper extension but not implement phpunit

Author: leeqvip

.editorconfig

@@ -0,0 +1,20 @@
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = false
+
+[*.{vue,js,scss}]
+charset = utf-8
+indent_style = space
+indent_size = 2
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false

.gitattributes

@@ -0,0 +1,11 @@
+* text=auto
+
+/tests export-ignore
+.gitattributes export-ignore
+.gitignore export-ignore
+.scrutinizer.yml export-ignore
+.travis.yml export-ignore
+phpunit.php export-ignore
+phpunit.xml.dist export-ignore
+phpunit.xml export-ignore
+.php_cs export-ignore

.gitignore

@@ -0,0 +1,9 @@
+.idea
+*.DS_Store
+/vendor
+/coverage
+sftp-config.json
+composer.lock
+.subsplit
+.php_cs.cache
+/runtime

README.md

@@ -1,2 +1,174 @@
-# hyperf-permission
-An authorization library that supports access control models like ACL, RBAC, ABAC in Hyperf.
+<h1 align="center"> hyperf-permission </h1>
+
+<p align="center"> An authorization library that supports access control models like ACL, RBAC, ABAC in Hyperf..</p>
+
+
+## Installing
+
+Require this package in the `composer.json` of your Hyperf project. This will download the package.
+
+```shell
+$ composer require yi17310320725/hyperf-permission:dev-master -vvv
+```
+
+To publish the config, run the vendor publish command:
+
+```shell
+$ php bin/hyperf.php vendor:publish yi17310320725/hyperf-permission
+```
+
+This will create a new model config file named `config/autoload/casbin-rbac-model.conf`,  a new permission config file named `config/autoload/permission.php` and new migrate file named `2020_07_22_213202_create_rules_table.php`.
+
+To migrate the migrations, run the migrate command:
+
+```shell
+$ php bin/hyperf.php migrate
+```
+
+This will create a new table named `rules` .
+
+## Usage
+
+### Quick start
+
+Once installed you can do stuff like this:
+
+```php
+use Hyperf\Permission\Casbin;
+
+$casbin = new Casbin();
+
+// adds permissions to a user
+$casbin->addPermissionForUser('eve', 'articles', 'read');
+// adds a role for a user.
+$casbin->addRoleForUser('eve', 'writer');
+// adds permissions to a rule
+$casbin->addPolicy('writer', 'articles', 'edit');
+```
+
+You can check if a user has a permission like this:
+
+```php
+// to check if a user has permission
+if ($casbin->enforce('eve', 'articles', 'edit')) {
+  // permit eve to edit articles
+} else {
+  // deny the request, show an error
+}
+```
+
+### Using Enforcer Api
+
+It provides a very rich api to facilitate various operations on the Policy:
+
+Gets all roles:
+
+```php
+Enforcer::getAllRoles(); // ['writer', 'reader']
+```
+
+Gets all the authorization rules in the policy.:
+
+```php
+Enforcer::getPolicy();
+```
+
+Gets the roles that a user has.
+
+```php
+Enforcer::getRolesForUser('eve'); // ['writer']
+```
+
+Gets the users that has a role.
+
+```php
+Enforcer::getUsersForRole('writer'); // ['eve']
+```
+
+Determines whether a user has a role.
+
+```php
+Enforcer::hasRoleForUser('eve', 'writer'); // true or false
+```
+
+Adds a role for a user.
+
+```php
+Enforcer::addRoleForUser('eve', 'writer');
+```
+
+Adds a permission for a user or role.
+
+```php
+// to user
+Enforcer::addPermissionForUser('eve', 'articles', 'read');
+// to role
+Enforcer::addPermissionForUser('writer', 'articles','edit');
+```
+
+Deletes a role for a user.
+
+```php
+Enforcer::deleteRoleForUser('eve', 'writer');
+```
+
+Deletes all roles for a user.
+
+```php
+Enforcer::deleteRolesForUser('eve');
+```
+
+Deletes a role.
+
+```php
+Enforcer::deleteRole('writer');
+```
+
+Deletes a permission.
+
+```php
+Enforcer::deletePermission('articles', 'read'); // returns false if the permission does not exist (aka not affected).
+```
+
+Deletes a permission for a user or role.
+
+```php
+Enforcer::deletePermissionForUser('eve', 'articles', 'read');
+```
+
+Deletes permissions for a user or role.
+
+```php
+// to user
+Enforcer::deletePermissionsForUser('eve');
+// to role
+Enforcer::deletePermissionsForUser('writer');
+```
+
+Gets permissions for a user or role.
+
+```php
+Enforcer::getPermissionsForUser('eve'); // return array
+```
+
+Determines whether a user has a permission.
+
+```php
+Enforcer::hasPermissionForUser('eve', 'articles', 'read');  // true or false
+```
+
+See [Casbin API](https://casbin.org/docs/en/management-api) for more APIs.
+
+## Contributing
+
+You can contribute in one of three ways:
+
+1. File bug reports using the [issue tracker](https://github.com/yi17310320725/hyperf-authz/issues).
+2. Answer questions or fix bugs on the [issue tracker](https://github.com/yi17310320725/hyperf-authz/issues).
+3. Contribute new features or update the wiki.
+
+_The code contribution process is not very formal. You just need to make sure that you follow the PSR-0, PSR-1, and PSR-2 coding guidelines. Any new code contributions must be accompanied by unit tests where applicable._
+
+## License
+
+Apache-2.0

composer.json

@@ -0,0 +1,33 @@
+{
+    "name": "casbin/hyperf-permission",
+    "description": "An authorization library that supports access control models like ACL, RBAC, ABAC in Hyperf.",
+    "license": "Apache-2.0",
+    "authors": [
+        {
+            "name": "yikang",
+            "email": "[email protected]"
+        }
+    ],
+    "require": {
+        "php": "^7.2",
+        "ext-swoole": ">=4.5",
+        "hyperf/db-connection": "^2.0",
+        "hyperf/config": "~2.0.0",
+        "casbin/casbin": "^2.2"
+    },
+    "autoload": {
+        "psr-4": {
+            "Hyperf\\Permission\\": "src/"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Hyperf\\Permission\\Tests\\": "tests/"
+        }
+    },
+    "extra": {
+        "hyperf": {
+            "config": "Hyperf\\Permission\\ConfigProvider"
+        }
+    }
+}

database/migrations/2020_07_22_213202_create_rules_table.php

@@ -0,0 +1,38 @@
+<?php
+
+use Hyperf\Database\Schema\Schema;
+use Hyperf\Database\Schema\Blueprint;
+use Hyperf\Database\Migrations\Migration;
+
+class CreateRulesTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create(config('permission.database.rules_table'), function (Blueprint $table) {
+            $table->bigIncrements('id');
+            $table->string('ptype')->nullable();
+            $table->string('v0')->nullable();
+            $table->string('v1')->nullable();
+            $table->string('v2')->nullable();
+            $table->string('v3')->nullable();
+            $table->string('v4')->nullable();
+            $table->string('v5')->nullable();
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists(config('permission.database.rules_table'));
+    }
+}

phpunit.xml.dist

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit backupGlobals="false"
+         backupStaticAttributes="false"
+         bootstrap="vendor/autoload.php"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false"
+         stopOnFailure="false">
+    <testsuites>
+        <testsuite name="Application Test Suite">
+            <directory>./tests/</directory>
+        </testsuite>
+    </testsuites>
+    <filter>
+        <whitelist>
+            <directory suffix=".php">src/</directory>
+        </whitelist>
+    </filter>
+</phpunit>

publish/casbin-rbac-model.conf

@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act

publish/permission.php

@@ -0,0 +1,36 @@
+<?php
+
+return [
+    /*
+    * Casbin model setting.
+    */
+    'model' => [
+        // Available Settings: "file", "text"
+        'config_type' => 'file',
+
+        'config_file_path' => __DIR__ . '/casbin-rbac-model.conf',
+
+        'config_text' => '',
+    ],
+
+    /*
+    * Casbin adapter .
+    */
+    'adapter' => Hyperf\Permission\Adapters\DatabaseAdapter::class,
+
+    /*
+    * Database setting.
+    */
+    'database' => [
+        // Database connection for following tables.
+        'connection' => '',
+
+        // Rule table name.
+        'rules_table' => 'rules',
+    ],
+
+    'log' => [
+        // changes whether Lauthz will log messages to the Logger.
+        'enabled' => false,
+    ],
+];