PHPackages ride/lib-security - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. ride/lib-security ActiveLibrary[Security](/categories/security) ride/lib-security ================= Security library of the Ride framework 1.3.0(1y ago)05.6k16MITPHP Since Nov 29Pushed 1y ago7 watchersCompare [ Source](https://github.com/all-ride/ride-lib-security)[ Packagist](https://packagist.org/packages/ride/lib-security)[ RSS](/packages/ride-lib-security/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (4)Versions (29)Used By (16) Ride: Security Library ====================== [](#ride-security-library) Security abstraction library of the PHP Ride framework. This library implements a role-based access control. Read more about this on [Wikipedia](https://en.wikipedia.org/wiki/Role-based_access_control). What's In This Library ---------------------- [](#whats-in-this-library) ### SecurityModel [](#securitymodel) The *SecurityModel* interface is the facade to the data source of the security implementation. It provides users, roles and permissions. #### User [](#user) The *User* interface represents a user which can identify him or herself to the application. You can attach roles to the user to grant him or her access to specific parts of the application. The *User* interface is implemented by the security model. #### Role [](#role) The *Role* interface represents a specific set of allowed actions through granted permissions and allowed paths. By attaching a role to a user, you grant the user access to specific parts of the application. The *Role* interface is implemented by the security model. #### Permission [](#permission) The *Permission* interface is used to grant or deny a single action. To secure a part of your application, you should always check for a granted permission in the application code. Don't check if the current user is a specific user, or if the current user has a specific role. You will work against the flexibility of the security model. The *Permission* interface is implemented by the security model. ### Authenticator [](#authenticator) The *Authenticator* interface decides the mechanism of authentication and keeps the state of the current user. #### GenericAuthenticator [](#genericauthenticator) The *GenericAuthenticator* offers a default or generic implementation of the authenticator. You can turn on unique sessions. This feature is used when a user performs a login from another client, the original client will be logged out. It also supports the switch user functionality. #### ChainAuthenticator [](#chainauthenticator) You can use the *ChainAuthenticator* to chain different authenticators together. Use this to offer different authentication mechanisms simultaneously. ### PathMatcher [](#pathmatcher) The *PathMatcher* has the responsibility to match path regular expressions, or rules, to a provided path and method. #### GenericPathMatcher [](#genericpathmatcher) The *GenericPathMatcher* offers a default or generic implementation of the path matcher. There are 3 special tokens which you can use in a rule: - **\***: match a single path token - **\*\***: match everything - **!**: prefix a path with an exclamation mark to negative (not) it Optionally, you can define one or multiple methods between square brackets. All rules will be checked and it will happen in the sequence they are provided. This is needed for the not function. For example, assume the following rules: ``` /admin** /sites** !/sites/my-site/pages/*/content [GET] ``` These rules will match all requests starting with */admin* and */sites* except a GET request for the content of every page of *my-site*. ### Voter [](#voter) The *Voter* interface is used to check granted permissions and allowed paths. #### ModelVoter [](#modelvoter) The *ModelVoter* performs it's checks against the security model. It uses the current user and it's roles to obtain granted permissions and allowed paths. #### ChainVoter [](#chainvoter) The *ChainVoter* is used to combine different voters in a chain. This can be used to catch special cases or some exotic edge case. You have 3 different strategies: - **affirmative**: This strategy grants access as soon as one voter grants access. This is the default strategy. - **consensus**: This strategy grants access when there is a majority of voters who grant access. - **unanimous**: This strategy grants access when all voters grant access. ### SecurityManager [](#securitymanager) The *SecurityManager* class is the facade to this library. It glues the other components together to an easy to use interface. Use an instance of this class to handle your security. Code Sample ----------- [](#code-sample) Check this code sample to see some possibilities of this library: *Note: some classes used in this example are taken from from [ride/lib-security-generic](https://github.com/all-ride/ride-lib-security-generic), [ride/web-security](https://github.com/all-ride/ride-web-security) or [ride/web-security-generic](https://github.com/all-ride/ride-web-security-generic).* ```