Giter VIP home page Giter VIP logo

service-bus-zfc-rbac-bridge's Introduction

service-bus-zfc-rbac-bridge

Marry Service Bus with ZfcRbac

Build Status Coverage Status Gitter

Important

This library will receive support until December 31, 2019 and will then be deprecated.

For further information see the official announcement here: https://www.sasaprolic.com/2018/08/the-future-of-prooph-components.html

Installation

  1. Add "prooph/service-bus-zfc-rbac-bridge": "~1.0" as requirement to your composer.json.
  2. In the config folder you will find a configuration skeleton. The configuration is a simple PHP array flavored with some comments to help you understand the structure.

Requirements

  1. Your Inversion of Control container must implement the interop-container interface.
  2. ZfcRbac's authorization service should be registered in the container under the ZfcRbac\Service\AuthorizationService key.

Note: Don't worry, if your environment doesn't provide the requirements. You can always bootstrap the authorization service by hand. Just look at the factories for inspiration in this case.

Sample

Assuming a TestQuery with message name test and you want to use the route guard and finalize guard together with an assertion (TestAssertion), your config should look like this:

return [
    'prooph' => [
        'service_bus' => [
            'query_bus' => [
                'plugins' => [
                    \Prooph\ServiceBus\RouteGuard::class,
                    \Prooph\ServiceBus\FinalizeGuard::class,
                ]
            ]
        ]
    ],
    'zfc_rbac' => [
        'assertion_manager' => [
            'TestAssertion' => 'TestAssertion',
        ],
        'assertion_map' => [
            'test' => 'TestAssertion'
        ],
        'role_provider' => [
            'ZfcRbac\Role\InMemoryRoleProvider' => [
                'user' => [
                    'permissions' => [
                        'test'
                    ]
                ]
            ]
        ]
    ]
];

And your TestAssertion should look like this:

class TestAssertion implements \ZfcRbac\Assertion\AssertionInterface
{
    public function assert(AuthorizationService $authorizationService, $context = null)
    {
        // return true, if no context present, otherwise your route guard will always fail, because the result is not yet known.
        if (null === $context) {
            return true;
        }

        return ($context['owner'] == $authorizationService->getIdentity());
    }
}

Support

Contribute

Please feel free to fork and extend existing or add new features and send a pull request with your changes! To establish a consistent code quality, please provide unit tests for all your changes and may adapt the documentation.

License

Released under the New BSD License.

service-bus-zfc-rbac-bridge's People

Contributors

codeliner avatar prolic avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

prolic codeliner sandrokeil basz oussous-hassan

service-bus-zfc-rbac-bridge's Issues

Provide compatibility with zfc-rbac next version

Note: Next version is still a PR

I've been integrating that within my prooph application and needed to slightly change this module.

Most important change is that zfc-common doesn't contain references to the identity anymore. The concept of an identity provider has been removed. It is therefore up to this plugin to get the identity and provide it as an argument to the isGranted method.

For now I have chosen to use AuthenticationService as a melanism for that.

What would we need to do to provide compatibility for both versions?

This becomes.

<?php

declare(strict_types = 1);

namespace Prooph\ServiceBusZfcRbacBridge;

use Prooph\ServiceBus\Plugin\Guard\AuthorizationService;
use Zend\Authentication\AuthenticationServiceInterface;
use ZfcRbac\Identity\IdentityInterface;
use ZfcRbac\Service\AuthorizationServiceInterface;

/**
 * Class ZfcRbacAuthorizationServiceBridge
 *
 * @package Prooph\ServiceBusZfcRbacBridge
 */
final class ZfcRbacAuthorizationServiceBridge implements AuthorizationService
{
    /**
     * @var AuthenticationServiceInterface
     */
    private authenticationService;

    /**
     * @var AuthorizationServiceInterface
     */
    private $authorizationService;

    /**
     * ZfcRbacAuthorizationServiceBridge constructor.
     *
     * @param AuthenticationServiceInterface $authenticationService
     * @param AuthorizationServiceInterface  $authorizationService
     */
    public function __construct(
        AuthenticationServiceInterface $authenticationService,
        AuthorizationServiceInterface $authorizationService
    ) {
        $this->authenticationService = $authenticationService;
        $this->authorizationService  = $authorizationService;
    }

    /**
     * Check if the permission is granted to the current identity
     *
     * @param string $messageName
     * @param mixed  $context
     * @return bool
     */
    public function isGranted($messageName, $context = null)
    {
        $identity = null;

        if ($this->authenticationService->hasIdentity()) {
            /** @var IdentityInterface $identity */
            $identity = $this->authenticationService->getIdentity();
        }

        return $this->authorizationService->isGranted($identity, $messageName, $context);
    }
}

Should the factory return based on some difference? I know ZfcRbac\Service\AuthorizationServiceInterface will be new for example.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.