[pull] master from php-casbin:master

.github/workflows/build.yml

@@ -8,7 +8,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: [7.1, 7.2, 7.3, 7.4, 8.0, 8.1]
+        php: [8.0, 8.1, 8.2]
         stability: [ prefer-lowest, prefer-stable ]
 
     name: Test PHP ${{ matrix.php }} - ${{ matrix.stability }}
@@ -49,7 +49,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: [7.1, 8.0]
+        php: [8.0, 8.1]
 
     name: Benchmark PHP ${{ matrix.php }}
 

README.md

@@ -25,7 +25,7 @@ production-ready | production-ready | production-ready | production-ready
 [![python](https://casbin.org/img/langs/python.png)](https://github.com/casbin/pycasbin) | [![dotnet](https://casbin.org/img/langs/dotnet.png)](https://github.com/casbin/Casbin.NET) | [![c++](https://casbin.org/img/langs/cpp.png)](https://github.com/casbin/casbin-cpp) | [![rust](https://casbin.org/img/langs/rust.png)](https://github.com/casbin/casbin-rs)
 ----|----|----|----
 [PyCasbin](https://github.com/casbin/pycasbin) | [Casbin.NET](https://github.com/casbin/Casbin.NET) | [Casbin-CPP](https://github.com/casbin/casbin-cpp) | [Casbin-RS](https://github.com/casbin/casbin-rs)
-production-ready | production-ready | beta-test | production-ready
+production-ready | production-ready | production-ready | production-ready
 
 ## Installation
 
@@ -190,11 +190,11 @@ Priority | [priority_model.conf](https://github.com/php-casbin/php-casbin/blob/m
 
 ## Middlewares
 
-Authz middlewares for web frameworks: https://casbin.org/docs/en/middlewares
+Authz middlewares for web frameworks: https://casbin.org/docs/middlewares
 
 ## Our adopters
 
-https://casbin.org/docs/en/adopters
+https://casbin.org/docs/adopters
 
 ## Contributors
 

README_CN.md

@@ -23,7 +23,7 @@ production-ready | production-ready | production-ready | production-ready
 [![python](https://casbin.org/img/langs/python.png)](https://github.com/casbin/pycasbin) | [![dotnet](https://casbin.org/img/langs/dotnet.png)](https://github.com/casbin/Casbin.NET) | [![c++](https://casbin.org/img/langs/cpp.png)](https://github.com/casbin/casbin-cpp) | [![rust](https://casbin.org/img/langs/rust.png)](https://github.com/casbin/casbin-rs)
 ----|----|----|----
 [PyCasbin](https://github.com/casbin/pycasbin) | [Casbin.NET](https://github.com/casbin/Casbin.NET) | [Casbin-CPP](https://github.com/casbin/casbin-cpp) | [Casbin-RS](https://github.com/casbin/casbin-rs)
-production-ready | production-ready | beta-test | production-ready
+production-ready | production-ready | production-ready | production-ready
 
 ## 安装
 
@@ -142,15 +142,15 @@ Casbin 不做的事情:
 
 ## 文档
 
-https://casbin.org/docs/zh-CN/overview
+https://casbin.org/zh/docs/overview
 
 ## 在线编辑器
 
 你也可以使用在线编辑器(https://casbin.org/editor/) 在你的浏览器里编写Casbin模型和策略。 它提供了一些比如 `语法高亮`以及`代码补全`这样的功能，就像编程语言的IDE一样。
 
 ## 教程
 
-https://casbin.org/docs/zh-CN/tutorials
+https://casbin.org/zh/docs/tutorials
 
 ## Policy管理
 
@@ -173,10 +173,10 @@ Casbin 提供两组 API 来管理权限:
 
 Adapter | Type | Author | Description
 ----|------|----|----
-[File Adapter (内置)](https://casbin.org/docs/zh-CN/policy-storage#file-adapter-built-in) | File | php-casbin | 存储到[.CSV (Comma-Separated Values)](https://en.wikipedia.org/wiki/Comma-separated_values) 文件中
+[File Adapter (内置)](https://casbin.org/zh/policy-storage#file-adapter-built-in) | File | php-casbin | 存储到[.CSV (Comma-Separated Values)](https://en.wikipedia.org/wiki/Comma-separated_values) 文件中
 [Database Adapter](https://github.com/php-casbin/database-adapter) | Database | php-casbin | 支持存储到MySQL, PostgreSQL, SQLite, Microsoft SQL Server数据库的适配器
 
-更多适配器的内容，请参考文档: https://casbin.org/docs/zh-CN/policy-storage
+更多适配器的内容，请参考文档: https://casbin.org/zh/docs/policy-storage/
 
 ## Role管理
 
@@ -208,13 +208,13 @@ Priority | [priority_model.conf](https://github.com/php-casbin/php-casbin/blob/m
 
 ### Web框架
 
-- [Laravel](https://laravel.com/): 为WEB艺术家创造的PHP框架, 通过这个扩展: [laravel-casbin](https://github.com/php-casbin/laravel-casbin)
+- [Laravel](https://laravel.com/): 为WEB艺术家创造的PHP框架, 通过这个扩展: [Laravel-Authorization](https://github.com/php-casbin/laravel-authz)
 
-- [Yii PHP Framework](https://www.yiiframework.com/): 一个高性能的，适用于开发WEB2.0应用的PHP框架, 通过这个扩展: [yii-casbin](https://github.com/php-casbin/yii-casbin)
+- [Yii PHP Framework](https://www.yiiframework.com/): 一个高性能的，适用于开发WEB2.0应用的PHP框架, 通过这个扩展: [Yii-Permission](https://github.com/php-casbin/yii-permission)
 
-- [CakePHP](https://cakephp.org/): 快速、稳定的PHP框架, 通过这个扩展: [cake-casbin](https://github.com/php-casbin/cake-casbin)
+- [CakePHP](https://cakephp.org/): 快速、稳定的PHP框架, 通过这个扩展: [Cake-Permission](https://github.com/php-casbin/cake-permission)
 
-- [ThinkPHP](http://www.thinkphp.cn/): 一个免费开源的，快速、简单的面向对象的轻量级PHP开发框架, 通过这个扩展: [think-casbin](https://github.com/php-casbin/think-casbin)
+- [ThinkPHP](http://www.thinkphp.cn/): 一个免费开源的，快速、简单的面向对象的轻量级PHP开发框架, 通过这个扩展: [Think-Authorization](https://github.com/php-casbin/think-authz)
 
 ## 协议
 

composer.json

@@ -18,20 +18,21 @@
         "access control"
     ],
     "require": {
-        "php": ">=7.1.0",
-        "symfony/expression-language": "^3.4|^4.0|^5.0|^6.0|^7.0",
-        "s1lentium/iptools": "^1.1"
+        "php": ">=8.0",
+        "symfony/expression-language": "^6.0|^7.0",
+        "symfony/cache": "^6.0|^7.0",
+        "psr/log": "^2.0|^3.0"
     },
     "autoload": {
         "psr-4": {
             "Casbin\\": "src/"
         }
     },
     "require-dev": {
-        "phpunit/phpunit": "~7.0|~8.0|~9.0",
-        "php-coveralls/php-coveralls": "^2.1",
-        "phpstan/phpstan": "^1.2",
-        "mockery/mockery": "^1.2"
+        "phpunit/phpunit": "~9.0",
+        "php-coveralls/php-coveralls": "^2.4",
+        "phpstan/phpstan": "^1.11",
+        "mockery/mockery": "^1.6"
     },
     "autoload-dev": {
         "psr-4": {

examples/rbac_with_different_types_of_roles_model.conf

@@ -0,0 +1,15 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, dom, obj, act
+
+[role_definition]
+g = _, _, _, (_, _)
+g2 = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub, p.dom) && g2(r.obj, p.dom) && regexMatch(r.act, p.act)

examples/rbac_with_different_types_of_roles_policy.csv

@@ -0,0 +1,12 @@
+p, role:owner, domain1, _, (read|write)
+p, role:developer, domain1, _, read
+
+p, role:owner, domain2, _, (read|write)
+p, role:developer, domain2, _, read
+
+g, alice, role:owner, domain1, _, _
+g, bob, role:developer, domain2, _, 9999-12-30 00:00:00
+g, carol, role:owner, domain2, _, 0000-01-02 00:00:00
+
+g2, data1, domain1
+g2, data2, domain2

examples/rbac_with_domain_temporal_roles_model.conf

@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, dom, obj, act
+
+[policy_definition]
+p = sub, dom, obj, act
+
+[role_definition]
+g = _, _, _, (_, _)
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub, r.dom) && r.dom == p.dom && r.obj == p.obj && r.act == p.act

examples/rbac_with_domain_temporal_roles_policy.csv

@@ -0,0 +1,24 @@
+p, alice, domain1, data1, read
+p, alice, domain1, data1, write
+p, data2_admin, domain2, data2, read
+p, data2_admin, domain2, data2, write
+p, data3_admin, domain3, data3, read
+p, data3_admin, domain3, data3, write
+p, data4_admin, domain4, data4, read
+p, data4_admin, domain4, data4, write
+p, data5_admin, domain5, data5, read
+p, data5_admin, domain5, data5, write
+p, data6_admin, domain6, data6, read
+p, data6_admin, domain6, data6, write
+p, data7_admin, domain7, data7, read
+p, data7_admin, domain7, data7, write
+p, data8_admin, domain8, data8, read
+p, data8_admin, domain8, data8, write
+
+g, alice, data2_admin, domain2, 0000-01-01 00:00:00, 0000-01-02 00:00:00
+g, alice, data3_admin, domain3, 0000-01-01 00:00:00, 9999-12-30 00:00:00
+g, alice, data4_admin, domain4, _, _
+g, alice, data5_admin, domain5, _, 9999-12-30 00:00:00
+g, alice, data6_admin, domain6, _, 0000-01-02 00:00:00
+g, alice, data7_admin, domain7, 0000-01-01 00:00:00, _
+g, alice, data8_admin, domain8, 9999-12-30 00:00:00, _

examples/rbac_with_domains_policy2.csv

@@ -0,0 +1,9 @@
+p, admin, domain1, data1, read
+p, admin, domain1, data1, write
+p, admin, domain2, data2, read
+p, admin, domain2, data2, write
+p, user, domain3, data2, read
+g, alice, admin, domain1
+g, alice, admin, domain2
+g, bob, admin, domain2
+g, bob, user, domain3

examples/rbac_with_temporal_roles_model.conf

@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _, (_, _)
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act

examples/rbac_with_temporal_roles_policy.csv

@@ -0,0 +1,24 @@
+p, alice, data1, read
+p, alice, data1, write
+p, data2_admin, data2, read
+p, data2_admin, data2, write
+p, data3_admin, data3, read
+p, data3_admin, data3, write
+p, data4_admin, data4, read
+p, data4_admin, data4, write
+p, data5_admin, data5, read
+p, data5_admin, data5, write
+p, data6_admin, data6, read
+p, data6_admin, data6, write
+p, data7_admin, data7, read
+p, data7_admin, data7, write
+p, data8_admin, data8, read
+p, data8_admin, data8, write
+
+g, alice, data2_admin, 0000-01-01 00:00:00, 0000-01-02 00:00:00
+g, alice, data3_admin, 0000-01-01 00:00:00, 9999-12-30 00:00:00
+g, alice, data4_admin, _, _
+g, alice, data5_admin, _, 9999-12-30 00:00:00
+g, alice, data6_admin, _, 0000-01-02 00:00:00
+g, alice, data7_admin, 0000-01-01 00:00:00, _
+g, alice, data8_admin, 9999-12-30 00:00:00, _

phpstan.neon

@@ -1,7 +1,8 @@
 parameters:
     reportUnmatchedIgnoredErrors: false
-    checkMissingIterableValueType: false
     tipsOfTheDay: false
     level: 7
     paths:
         - src
+    ignoreErrors:
+        - identifier: missingType.iterableValue