prooph / service-bus-zfc-rbac-bridge

Marry Service Bus with ZfcRbac
http://getprooph.org
BSD 3-Clause "New" or "Revised" License
7 stars 6 forks source link
messaging php prooph rbac zend-framework

service-bus-zfc-rbac-bridge

Marry Service Bus with ZfcRbac

Build Status Coverage Status Gitter

Important

This library will receive support until December 31, 2019 and will then be deprecated.

For further information see the official announcement here: https://www.sasaprolic.com/2018/08/the-future-of-prooph-components.html

Installation

  1. Add "prooph/service-bus-zfc-rbac-bridge": "~1.0" as requirement to your composer.json.
  2. In the config folder you will find a configuration skeleton. The configuration is a simple PHP array flavored with some comments to help you understand the structure.

Requirements

  1. Your Inversion of Control container must implement the interop-container interface.
  2. ZfcRbac's authorization service should be registered in the container under the ZfcRbac\Service\AuthorizationService key.

Note: Don't worry, if your environment doesn't provide the requirements. You can always bootstrap the authorization service by hand. Just look at the factories for inspiration in this case.

Sample

Assuming a TestQuery with message name test and you want to use the route guard and finalize guard together with an assertion (TestAssertion), your config should look like this:

return [
    'prooph' => [
        'service_bus' => [
            'query_bus' => [
                'plugins' => [
                    \Prooph\ServiceBus\RouteGuard::class,
                    \Prooph\ServiceBus\FinalizeGuard::class,
                ]
            ]
        ]
    ],
    'zfc_rbac' => [
        'assertion_manager' => [
            'TestAssertion' => 'TestAssertion',
        ],
        'assertion_map' => [
            'test' => 'TestAssertion'
        ],
        'role_provider' => [
            'ZfcRbac\Role\InMemoryRoleProvider' => [
                'user' => [
                    'permissions' => [
                        'test'
                    ]
                ]
            ]
        ]
    ]
];

And your TestAssertion should look like this:

class TestAssertion implements \ZfcRbac\Assertion\AssertionInterface
{
    public function assert(AuthorizationService $authorizationService, $context = null)
    {
        // return true, if no context present, otherwise your route guard will always fail, because the result is not yet known.
        if (null === $context) {
            return true;
        }

        return ($context['owner'] == $authorizationService->getIdentity());
    }
}

Support

Contribute

Please feel free to fork and extend existing or add new features and send a pull request with your changes! To establish a consistent code quality, please provide unit tests for all your changes and may adapt the documentation.

License

Released under the New BSD License.