Create a gist now

Instantly share code, notes, and snippets.

ZF2 ACL for Slim PHP 3
<?php
namespace App\Middleware;
use Psr\Http\Message\RequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use Slim\Router;
use Slim\Flash\Messages as Flash;
use Monolog\Logger;
use Zend\Permissions\Acl\Acl;
/**
* Class AclMiddleware
* s
* @package App\Middleware
*/
class AclMiddleware extends Acl
{
protected $router;
protected $flash;
protected $logger;
public function __construct(Router $router, Flash $flash, Logger $logger)
{
$this->router = $router;
$this->flash = $flash;
$this->logger = $logger;
}
/**
* @param Request $request
* @param Response $response
* @param $next
* @return mixed
*/
public function __invoke(Request $request, Response $response, callable $next)
{
$role = 'user';
$route = $request->getAttribute('route');
if (null === $route) {
// User likely accessing a nonexistent route. Calling next middleware.
return $next($request, $response);
}
// Get the requested resource and privilege
$resource = $route->getPattern();
if ($route->getName())
{
$callableArray = explode(':',$route->getCallable());
$privilege = end($callableArray);
} else {
$privilege = null;
}
// User Roles
$this->addRole('user')
->addRole('admin');
// Application resources
$this->addResource('/');
$this->addResource('/auth/login');
$this->addResource('/info');
$this->addResource('/posts/list');
$this->addResource('/posts/new');
// User permissions
$this->allow('user',"/", null);
$this->allow('user',"/info", null);
$this->allow('user',"/auth/login", ['login', 'logout']);
$this->allow('user',"/posts/list", ['index', 'show']);
// This allows admin access to everything
$this->allow('admin');
$isAllowed = $this->isAllowed($role, $resource, $privilege);
if (!$isAllowed)
{
$this->flash->addMessage('error', 'Insufficient privileges to use that resource');
return $response->withRedirect($this->router->pathFor('auth.login'));
}
$this->flash->addMessage('error', 'Your ok here!');
return $next($request, $response);
}
}
<?php
// DIC configuration
$container = $app->getContainer();
// Slim-Flash
$container['flash'] = function () {
return new \Slim\Flash\Messages();
};
// Slim-Csrf
$container['csrf'] = function () {
$prefix = 'csrf';
$storage = null;
return new \Slim\Csrf\Guard($prefix, $storage, null, 200, 16, true);
};
// monolog
$container['logger'] = function ($container) {
$settings = $container->get('settings')['logger'];
$logger = new Monolog\Logger($settings['name']);
$logger->pushProcessor(new Monolog\Processor\UidProcessor());
$logger->pushHandler(new Monolog\Handler\StreamHandler($settings['path'], $settings['level']));
return $logger;
};
// Twig
$container['view'] = function ($container) {
$settings = $container->get('settings')['view'];
$view = new \Slim\Views\Twig($settings['template_path'], $settings['twig_options']);
// Instantiate and add Slim specific extension
$basePath = rtrim(str_ireplace('index.php', '', $container['request']->getUri()->getBasePath()), '/');
$view->addExtension(new Slim\Views\TwigExtension($container['router'], $basePath));
// Twig Flash
$view->addExtension(new Knlv\Slim\Views\TwigMessages($container['flash']));
// Twig Csrf
$view->addExtension(new App\Twig\Extensions\CsrfExtension($container['csrf']));
return $view;
};
// Service factory for the ORM
$container['db'] = function ($container) {
$settings = $container->get('settings')['db'];
$capsule = new \Illuminate\Database\Capsule\Manager;
$capsule->addConnection($settings);
$capsule->setAsGlobal();
$capsule->bootEloquent();
return $capsule;
};
// Acl Middleware
$container['acl'] = function ($container) {
$router = $container->router;
$flash = $container->get('flash');
$logger = $container->get('logger');
return new App\Middleware\AclMiddleware($router, $flash, $logger);
};
<?php
// Application middleware
// Slim CSRF
$app->add($container->get('csrf'));
// ACL
$app->add($container->get('acl'));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment