Skip to content

Commit

Permalink
Merge branch 'zfcuser_acl' of https://github.com/Mohit-Singh/ZF2-Auth…
Browse files Browse the repository at this point in the history 
…-ACL into zfcuser_acl
  • Loading branch information
@Mohit-Singh
Mohit-Singh committed Jun 30, 2014
2 parents 039f2e5 + 47e506b commit 6d79133
Show file tree
Hide file tree
Showing 2 changed files with 117 additions and 75 deletions.
178 changes: 110 additions & 68 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,92 +1,134 @@
ZF2-Auth-ACL
============

ZF2-Auth-ACL
------------
Simple module to implement Zenb Auth and Zend ACL in Zend Framework 2
Branch: zfcuser_acl
-------------------

This this the ZF2 ACL module forked from arvind2110/ZF2-Auth-ACL and Plugged with zfcuser module. it will provide role base access and switching between roles , provides custom permission denied template , plug ins to access role at controller , view and module level. All the role, resource and permission are stored in databases.

How to Use it
-------------------

using composer add
```
"require" : {
...
"mohit-singh/zf2auth-acl": "dev-zfcuser_acl"
}
```
then copy and rename the following,
```
copy vendor/mohit-singh/zf2auth-acl/config/aclAuth.local.php.dist to config/autoload/aclAuth.local.php
```
Add the depended table from
```
vendor/mohit-singh/zf2auth-acl/data/data.sql
```

ADD role for user in table e.g.
```
INSERT INTO `role` (`role_name`, `status`) VALUES ('Role1', 'Active');
INSERT INTO `role` (`role_name`, `status`) VALUES ('Role2', 'Active');
INSERT INTO `role` (`role_name`, `status`) VALUES ('Role3', 'Active');
```

ADD resources, resources are your controller name through which you invoke your controller, for me it's "Application\Controller\Index" e.g.
```
INSERT INTO `resource` (`resource_name`) VALUES ('Application\\Controller\\Index');
```
ADD Permissions , permission are the action, you have to associated all action with there controller resource e.g.
```
INSERT INTO `permission` (`permission_name`, `resource_id`) VALUES ('index', 1);
INSERT INTO `permission` (`permission_name`, `resource_id`) VALUES ('show', 1);
```
ADD role permission , you have to decided which role have which permission
e.g.

```
INSERT INTO `role_permission` (`role_id`, `permission_id`) VALUES (1, 1);
INSERT INTO `role_permission` (`role_id`, `permission_id`) VALUES (1, 2);
```

Database tables required
------------------------
ADD user role , you have to decide which user have which role , this can be done manually or using some custom script.
```
INSERT INTO `user_role` (`user_id`, `role_id`) VALUES (1, 1);
INSERT INTO `user_role` (`user_id`, `role_id`) VALUES (2, 2);
```

Following database tables are required to use this module. You can modify the tables and table information as per your need. Also make changes in code regarding the same.
NOTE:- please check the aclAuth.local.php con-fig for the default role, it Should be one of the role whatever you insert in the database.

```mysql
CREATE TABLE `role` (
`rid` int(10) unsigned NOT NULL AUTO_INCREMENT,
`role_name` varchar(45) NOT NULL,
`status` enum('Active','Inactive') NOT NULL DEFAULT 'Active',
PRIMARY KEY (`rid`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8
after all these configuration is done you are ready to use ACL module

CREATE TABLE `user_role` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user_id` int(10) unsigned NOT NULL,
`role_id` int(10) unsigned NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8
Services
------------

CREATE TABLE `resource` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`resource_name` varchar(50) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
Remove ACL from a URL and make it global, access to all ,
add link here
```php
// in config/autoload/aclAuth.local.php
'globalList' => array(
'Application\Controller\Index-index'
),
```

CREATE TABLE `permission` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`permission_name` varchar(45) NOT NULL,
`resource_id` int(10) unsigned NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1
Remove ACL from a URL and make it global before login ,
add link here
```php
// in config/autoload/aclAuth.local.php
'beforeLoginList' => array(
'Application\Controller\Index-index'
),
```
Custom template for permission denied, add new template path here
```php
// in config/autoload/aclAuth.local.php
'ACL_Template' =>'zf2-auth-acl/index/permission.phtml'
```
Role base services at controller
```php
// Check user has role or not , return true, false
$this->userAuthRole()->userHasRole();

CREATE TABLE `role_permission` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`role_id` int(10) unsigned NOT NULL,
`permission_id` int(10) unsigned NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
//Get user current role
$this->userAuthRole()->getRoleName();

//get All valid role for the current user
$this->userAuthRole()->getUserValidRole();

/* Add Roles */
//Switch between roles
$this->userAuthRole()->switchRole('ADMIN');
```
at view level

```php
// Check user has role or not , return true, false
$this->roleAuth()->userHasRole();

INSERT INTO `demo`.`role` (`role_name`, `status`) VALUES ('Role1', 'Active');
INSERT INTO `demo`.`role` (`role_name`, `status`) VALUES ('Role2', 'Active');
INSERT INTO `demo`.`role` (`role_name`, `status`) VALUES ('Role3', 'Active');
//Get user current role
$this->roleAuth()->getRoleName();

/* Add Rresorces */
//get All valid role for the current user
$this->roleAuth()->getUserValidRole();

INSERT INTO `demo`.`resource` (`resource_name`) VALUES ('Application\\Controller\\Index');
INSERT INTO `demo`.`resource` (`resource_name`) VALUES ('ZF2AuthAcl\\Controller\\Index');
//Switch between roles
$this->roleAuth()->switchRole('ADMIN');
```
at module level

/* Add Users */
INSERT INTO `demo`.`users` (`email`, `password`, `status`) VALUES ('[email protected]', 'd7d833534a39afbac08ec536bed7ae9eeac45638', 'Y');
INSERT INTO `demo`.`users` (`email`, `password`, `status`) VALUES ('[email protected]', 'd7d833534a39afbac08ec536bed7ae9eeac45638', 'Y');
INSERT INTO `demo`.`users` (`email`, `password`, `status`) VALUES ('[email protected]', 'd7d833534a39afbac08ec536bed7ae9eeac45638', 'Y');
```php
$roleAtuth = $serviceManager->get('roleAuthService');

/* Add User Roles */
INSERT INTO `demo`.`user_role` (`user_id`, `role_id`) VALUES (1, 1);
INSERT INTO `demo`.`user_role` (`user_id`, `role_id`) VALUES (2, 2);
INSERT INTO `demo`.`user_role` (`user_id`, `role_id`) VALUES (3, 3);
// Check user has role or not , return true, false
$roleAtuth->userHasRole();

/* Add Permissions */
INSERT INTO `demo`.`permission` (`permission_name`, `resource_id`) VALUES ('index', 1);
INSERT INTO `demo`.`permission` (`permission_name`, `resource_id`) VALUES ('index', 2);
INSERT INTO `demo`.`permission` (`permission_name`, `resource_id`) VALUES ('show', 1);
INSERT INTO `demo`.`permission` (`permission_name`, `resource_id`) VALUES ('test', 1);
//Get user current role
$roleAtuth->getRoleName();

/* Add User Role Permissions */
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (1, 1);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (1, 2);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (1, 3);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (1, 4);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (2, 1);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (2, 2);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (3, 1);
INSERT INTO `demo`.`role_permission` (`role_id`, `permission_id`) VALUES (3, 3);
//get All valid role for the current user
$roleAtuth->getUserValidRole();

//Switch between roles
$roleAtuth->switchRole('ADMIN');
```

White List
----------

There are some pages which does not require authentication(Auth) or authrization(Acl). So, we include settings for those pages in terms of cotroller name, action name, module name.
14 changes: 7 additions & 7 deletions composer.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "arvind2110/zf2-auth-acl",
"description": "ZF2-Auth-ACL is very simple ZF2 module for ZF2 Auth/ACL use.",
"name": "mohit-singh/zf2auth-acl",
"description": "This is ACL module plug with zfcuser module this is heighly configurable abd provide different services at controller, view and module level.",
"type": "library",
"keywords": [
"zf2",
Expand All @@ -10,16 +10,16 @@
"ZF2 ACL",
"ZF2 Auth Acl"
],
"homepage": "https://github.com/arvind2110/ZF2-Auth-ACL",
"homepage": "https://github.com/Mohit-Singh/ZF2AuthAcl",
"authors": [
{
"name": "Arvind Singh",
"email": "[email protected]",
"homepage": "http://programming-tips.in"
"name": "Mohit K Singh",
"email": "[email protected]"
}
],
"require": {
"php": ">=5.3"
"php": ">=5.3",
"zf-commons/zfc-user": "1.x-dev"
},
"autoload": {
"classmap": [
Expand Down

0 comments on commit 6d79133

Please sign in to comment.