ServiceAccess Plugin
October 6, 2011 1:07 pm in Exchange amfPHP
ServiceAccess (on github) is a AMFPHP plugin to secure access to PHP services easily. For instance with a minimal configuration, a method can be secured like this :
/**
* @rolesAllowed USER_WRITE, GROUP_WRITE
*
* The access to the function is granted to users that have the role USER_WRITE or GROUP_WRITE only.
*/
public function myFunction1() {...}
/**
* the next annotation can be removed since it is the default behavior
* @comityMode VETO
* @rolesAllowed USER_WRITE, GROUP_READ_ONLY
* @isCurrentUserLogin 1, login
* @checkMethod complexCheck
*
* The access is granted if
* the current user has the role USER_WRITE or GROUP_READ_ONLY
* OR
* the value of $userInfo->login is equal to the current user login
* OR
* the method 'complexCheck' returns true
*/
public function myFunction2($dataInfo, $userInfo) {...}
/**
* @comityMode ALL
* @rolesAllowed USER_WRITE, GROUP_READ_ONLY
* @isCurrentUserLogin 0, modifiedLogin
* @checkMethod simpleCheck
*
* The access is granted if
* the current user has the role USER_WRITE or GROUP_READ_ONLY
* AND
* the value of $dataInfo->modifiedLogin is equal to the current user login
* AND
* the method 'simpleCheck' returns true
*/
public function myFunction3($dataInfo, $userInfo) {...}
Check the documentation in the plugin package for more information on how to configure and customize ServiceAccess.
Great idea! That’s really good.
So this plugin manages to interprete the comments of my php file, how is it possible?
This is thanks to the Reflection API and more precisely to the function ‘ReflectionClass::getDocComment()’ (PHP 5 >= 5.1.0) .
Oups, it is ‘ReflectionMethod::getDocComment()’ (PHP 5 >= 5.1.0) .