README

Usage examples of the adapters available here:

Database

This adapter uses a database to store the ACL list:

use Phalcon\Incubator\Acl\Adapter\Database as AclDb;
use Phalcon\Db\Adapter\Pdo\Sqlite;

$connection = new Sqlite(
 [
 'dbname' => 'sample.db',
 ]
);

$acl = AclDb(
 [
 'db' => $connection,
 'roles' => 'roles',
 'rolesInherits' => 'roles_inherits',
 'resources' => 'resources',
 'resourcesAccesses' => 'resources_accesses',
 'accessList' => 'access_list',
 ]
);

This adapter uses the following table to store the data:

CREATE TABLE `roles` (
 `name` VARCHAR(32) NOT NULL,
 `description` TEXT,
 PRIMARY KEY(`name`)
);

CREATE TABLE `access_list` (
 `roles_name` VARCHAR(32) NOT NULL,
 `resources_name` VARCHAR(32) NOT NULL,
 `access_name` VARCHAR(32) NOT NULL,
 `allowed` INT(3) NOT NULL,
 PRIMARY KEY(`roles_name`, `resources_name`, `access_name`)
);

CREATE TABLE `resources` (
 `name` VARCHAR(32) NOT NULL,
 `description` TEXT,
 PRIMARY KEY(`name`)
);

CREATE TABLE `resources_accesses` (
 `resources_name` VARCHAR(32) NOT NULL,
 `access_name` VARCHAR(32) NOT NULL,
 PRIMARY KEY(`resources_name`, `access_name`)
);

CREATE TABLE `roles_inherits` (
 `roles_name` VARCHAR(32) NOT NULL,
 `roles_inherit` VARCHAR(32) NOT NULL,
 PRIMARY KEY(roles_name, roles_inherit)
);

Using the cache adapter:

// By default the action is deny access
$acl->setDefaultAction(
 \Phalcon\Acl\Enum::DENY
);

// You can add roles/resources/accesses to list or insert them directly in the tables

// Add roles
$acl->addRole(
 new \Phalcon\Acl\Role('Admins')
);

// Create the resource with its accesses
$acl->addResource(
 'Products',
 [
 'insert',
 'update',
 'delete',
 ]
);

// Allow Admins to insert products
$acl->allow('Admin', 'Products', 'insert');

// Do Admins are allowed to insert Products?
var_dump(
 $acl->isAllowed('Admins', 'Products', 'update')
);

MongoDB

TODO

Redis

TODO