PHPackages                             coresky/acl - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. coresky/acl

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

coresky/acl
===========

Production ware for ACL

0.545(2y ago)0241MITPHPPHP &gt;=7.4.0

Since Feb 5Pushed 12mo ago1 watchersCompare

[ Source](https://github.com/energy-coresky/acl)[ Packagist](https://packagist.org/packages/coresky/acl)[ RSS](/packages/coresky-acl/feed)WikiDiscussions master Synced today

READMEChangelog (1)Dependencies (1)Versions (2)Used By (1)

Access control list
===================

[](#access-control-list)

Production ware. Use this product if your application require access control manager.

CUD operation logging configurable at the ware installation stage.

**Simple mode**: Create/Read/Update/Delete for users profile allow objects. User's groups and single *user\_id* do not used for ACL.

**Extended mode**: Create/Read/Update/Delete = C/R/U/D for user\_profile, user\_groups, user\_id allow/deny for objects OR object\_ID

User to Profiles is one to many relation. Users to Groups is many to many relation.

EssenceBrief InfoVersion0.899Installer classpresent (**acl\\ware**)*w3* classes2 (**Acl** (console), **ACM**)Controllers1, has optional tuneModels3Jet templates8, tunableTables in the database5, tunable namesdd drivers support2 (**sqlite3**, **mysqli**) for nowSKY::$vars1 (**$k\_acl**)*Asset* files0Tuning the ware:
----------------

[](#tuning-the-ware)

```
# Rewrite for a_ actions:
if ($cnt && 'ctrl' == $surl[0]) { # Where 'ctrl' - tuning value (any of `/^[\w+\-]+$/`)
    common_c::$tune = array_shift($surl);
    $cnt--;
}
```

Simple usage in the application code
------------------------------------

[](#simple-usage-in-the-application-code)

You **must import** at least `\ACM` and controller's `c_acl` class into application namespace.

```
// in the controllers:
if (!ACM::Ressence())
    return 404;
// in the Jet's templates the same way:
// @if(ACM::Ressence()) .. code .. ~if
```

Where **Ressence**:

- R - char one of C/R/U/D or X. R - access for reading
- essence - object (essence) name from acl\_object database table

Usage for selected object ID
----------------------------

[](#usage-for-selected-object-id)

Access for selected object ID:

```
if (!$private || ACM::Rtopic($topic_id)) ..
# Where $topic_id is ID numeric value, $topic_id cannot be 0
# Access records with obj_id=0 give access to any $topic_id
# But you can tune access for defined $topic_id with access records where obj_id=$topic_id (!=0)
```

You must place in `common_c::head_y($action)`:

```
$sky->profiles = ACM::init([
    'topic' => fn() => (object)$this->t_topic->acl(),
    'forum' => fn() => (object)$this->t_forum->acl(),
    # ...other objects with own access for defined obj_ID
]);
# Where each `acl()` method return fields, see example:
return [
    'from'    => $this->qp('from $_ where private=1'), # must be class SQL object
    'order'   => 'order by id desc',
    'columns' => ['id', 'topic_name || " " || dt', ['topic_name', 'dt']],
];
# Where columns[0] - column for obj_id
# Where columns[1] - column for comment
# Where columns[0] - array of columns for search filter
```

Objects for selected ID you can create using call:

```
ACM::object($obj, $obj_id, $desc) : `object record ID`
# where $obj - object name, example: "topic"
# where $desc - description
# object type_id will taken from $obj/0
# you can give access after object created:
ACM::access($id, $crud, $uid = 0, $pid = 0, $gid = 0)
# where $id is `object record ID`
```

Replacing Jet templates
-----------------------

[](#replacing-jet-templates)

See the root templates call:

```
#._ magic marker
#if(Plan::view_t(['main', 'acl.jet']))
    @inc(acl.)
#else
    @inc(.menu)@inc(_access.)
#end
#._ magic marker

```

All templates can be changed with application code in file **acl.jet**. You can also use parts of original ACL Jet files using back call: `@inc(_user.profiles)` for example

Improvement for MySQL
---------------------

[](#improvement-for-mysql)

```
-- use enum for object's types:
ALTER TABLE tblname CHANGE `obj` `obj` enum('com','per','prj','act','face') DEFAULT NULL,
-- add a index:
..
```

Drop old ACL Log records
------------------------

[](#drop-old-acl-log-records)

You can do it using CRON task for example:

```
->at('2 2', function() use ($cron) {
    $cron->sql('delete from $_acl_log where dt ... ');
})
```

Fictitious ACM class
--------------------

[](#fictitious-acm-class)

If the application code contains references to the ACL class, but you need to temporarily uninstall the ACL product, you can add a dummy ACM class to the application's w3 folder:

```
