-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #14 from poprazvan17/3.0
Documentation v3 dot-authorization
- Loading branch information
Showing
14 changed files
with
154 additions
and
102 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
name: "Continuous Integration" | ||
|
||
on: | ||
pull_request: | ||
push: | ||
branches: | ||
tags: | ||
|
||
jobs: | ||
ci: | ||
uses: laminas/workflow-continuous-integration/.github/workflows/continuous-integration.yml@1.x |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: docs-build | ||
|
||
on: | ||
release: | ||
types: [published] | ||
workflow_dispatch: | ||
|
||
jobs: | ||
build-deploy: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Build Docs | ||
uses: dotkernel/documentation-theme/github-actions/docs@main | ||
env: | ||
DEPLOY_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
|
||
| Version | Supported | PHP Version | | ||
|---------|--------------------|-------------------------------------------------------------------------------------------------------------------| | ||
| 3.x | :white_check_mark: | ![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-authorization/3.4.1) | | ||
| <= 2.x | :x: | | | ||
|
||
## Reporting Potential Security Issues | ||
|
||
If you have encountered a potential security vulnerability in this project, | ||
please report it to us at <security@dotkernel.com>. We will work with you to | ||
verify the vulnerability and patch it. | ||
|
||
When reporting issues, please provide the following information: | ||
|
||
- Component(s) affected | ||
- A description indicating how to reproduce the issue | ||
- A summary of the security vulnerability and impact | ||
|
||
We request that you contact us via the email address above and give the | ||
project contributors a chance to resolve the vulnerability and issue a new | ||
release prior to any public exposure; this helps protect the project's | ||
users, and provides them with a chance to upgrade and/or update in order to | ||
protect their applications. | ||
|
||
|
||
## Policy | ||
|
||
If we verify a reported security vulnerability, our policy is: | ||
|
||
- We will patch the current release branch, as well as the immediate prior minor | ||
release branch. | ||
|
||
- After patching the release branches, we will immediately issue new security | ||
fix releases for each patched release branch. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../README.md |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# Configuration | ||
|
||
Please note that usually this pacakge will be installed as a dependency to a concrete implementation, so you won't need to add this to your project manually. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# Installation | ||
|
||
Install `dot-authorization` by executing the following Composer command: | ||
|
||
composer require dotkernel/dot-authorization |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# Overview | ||
|
||
`dot-authorization` is DotKernel's authorization base package which define interfaces for authorization services to be used with DotKernel applications. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Usage | ||
|
||
## AuthorizationInterface | ||
|
||
Defines the interface that should be implemented by any authorization service, in order to work with DotKernel applications. This is a result of the fact that, by default, any DotKernel package which has to do with authorization is assuming that a service is registered in the service container using as service name this interface's FQN | ||
|
||
### Methods | ||
|
||
```php | ||
public function isGranted(string $permission, array $roles = [], $context = null): bool; | ||
``` | ||
|
||
* this is the only method that deals with authorization. Given a permission and a list of roles, should return a boolean value of true if at least one role has access to the requested permission. As you can see, we expect that the authorization service to be implemented as an RBAC. | ||
|
||
## RoleInterface | ||
|
||
Defines the interface that Role objects must implement. A role object should be able to retrieve its name, so this interface has only one method defined | ||
|
||
```php | ||
public function getName(): string; | ||
``` | ||
|
||
## IdentityInterface | ||
|
||
Interface that needs to be implemented by entities that support roles. They should be able to retrieve their roles by defining a `getRoles()` method. | ||
The roles should be an array of role names or role objects | ||
|
||
This package is suitable for RBAC style authorization. Roles can be flat or hierarchical and they are assigned permissions. | ||
A role is granted if it has the required permission. | ||
|
||
## ForbiddenException | ||
|
||
Exception to be thrown when accessing content without having the required permissions. This can be used withing an application to trigger a forbidden error and do a custom action(like displaying a forbidden page or redirecting). This package does not define how you should handle such situations. There is a concrete authorization implementation in [dot-rbac](https://github.com/dotkernel/dot-rbac) and a forbidden exception handler in [dot-rbac-guard](https://github.com/dotkernel/dot-rbac-guard) as DotKernel default packages for authorization. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
docs_dir: docs/book | ||
site_dir: docs/html | ||
extra: | ||
project: Packages | ||
current_version: v3 | ||
versions: | ||
- v3 | ||
nav: | ||
- Home: index.md | ||
- v2: | ||
- Overview: v3/overview.md | ||
- Installation: v3/installation.md | ||
- Configuration: v3/configuration.md | ||
- Usage: v3/usage.md | ||
site_name: dot-authorization | ||
site_description: "DotKernel authorization service abstractions" | ||
repo_url: "https://github.com/dotkernel/dot-authorization" | ||
plugins: | ||
- search |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters