PHPackages zf2base/zf2base - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. zf2base/zf2base ActiveLibrary[Authentication & Authorization](/categories/authentication) zf2base/zf2base =============== Base acl+authentication module for zend framework 2 v1.0.0(10y ago)1292PHPPHP >=5.3.3 Since Sep 8Pushed 10y agoCompare [ Source](https://github.com/mbrostami/ZF2Base)[ Packagist](https://packagist.org/packages/zf2base/zf2base)[ Docs](https://github.com/mbrostami/zf2base)[ RSS](/packages/zf2base-zf2base/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (2)Versions (2)Used By (0) ZF2Base ======= [](#zf2base) Base ACL+Authentication module for Zend Framrwork 2 ZF2Base can auto check that a user has access to method|module|controller|action or not besides you can add custom permissions and check access in view or controller inside. Scenario -------- [](#scenario) 1. User requests a url : `/application/index/index` 2. ZF2Base (ResourceFactory) creates a default resource string : `METHOD-MODULE-CONTROLLER-ACTION`. So our current resource should be : `get-application-index-index` 3. ZF2Base (ResourceDbAdapter) calls authentication service and gets all allowed resources from database. 4. ZF2Base checks that current resource is in allowed resources or not. (exact match - if false then with regex). 5. If access is denied then throws an exception (by strategies), otherwise continues to load controller and action. You can write your own ResourceFactory. You can write your own ResourceDbFactory. Besides resources for route permissions, you can add resources and check access in controller/view. `$this->getAccess('resourceName')` For working route access you don't need to write any additional code in your modules. You can use regex pattern in your resources. If you define `get-*` as a resource, who has access to this resource, will have access to all get requests. You can do that for one module or one controller and so on. e.g : `(post|get)-admin-*` for access to all controllers inside admin module. Requirements ------------ [](#requirements) - [Zend Framework 2](https://github.com/zendframework/zf2) Information ----------- [](#information) ### Database [](#database) - `groups` | user groups table - `users` | users table - `user_group` | groups of each user - `resources` | our permissions are defined in this table - `sub_resources` | if a resource is accessible by a user/group then that user/group has access to it's sub resources - `group_permissions` | which group has access to which resources (value field is for using in the future) - `user_permissions` | which user has or HAS NOT(deny) access to which resources If you insert a record in `user_permissions` with `deny` value, it means that this access is denied and will override on user group same resource. If you insert a record in `resources` with `default` type, it means that every body has access to this resource. Value columns in `group_permissions` and `user_permissions` is for using in the future. ### Configs [](#configs) ```