Merge pull request #7 from ripaclub/develop

v0.2.0

README.md

@@ -1,5 +1,5 @@
-ACL manager
-===========
+ACL manager [![Latest Stable Version](https://poser.pugx.org/ripaclub/aclman/v/stable.png)](https://packagist.org/packages/ripaclub/aclman)
+============
 
 AclMan is a PHP library designed to manage access control list (ACL).
 
@@ -8,6 +8,13 @@ AclMan is a PHP library designed to manage access control list (ACL).
 |master|[![Build Status](https://travis-ci.org/ripaclub/aclman.svg?branch=master)](https://travis-ci.org/ripaclub/aclman) |[![Coverage Status](https://coveralls.io/repos/ripaclub/aclman/badge.png?branch=master)](https://coveralls.io/r/ripaclub/aclman)|[![Dependency Status](https://www.versioneye.com/user/projects/544efbb39fc4d5226e0000ec/badge.svg)](https://www.versioneye.com/user/projects/544efbb39fc4d5226e0000ec)|
 |develop|[![Build Status](https://travis-ci.org/ripaclub/aclman.svg?branch=develop)](https://travis-ci.org/ripaclub/aclman)|[![Coverage Status](https://coveralls.io/repos/ripaclub/aclman/badge.png?branch=develop)](https://coveralls.io/r/ripaclub/aclman?branch=develop)|[![Dependency Status](https://www.versioneye.com/user/projects/544efb509fc4d5e91300017c/badge.svg)](https://www.versioneye.com/user/projects/544efb509fc4d5e91300017c)|
 
+Requisites
+----------
+
+* PHP >= 5.4
+
+* Composer
+
 Features
 --------
 
@@ -81,6 +88,13 @@ Then we configure our service.
         'plugin_manager' => 'AclMan\Assertion\AssertionManager',
     ],
 ]
+'aclman-assertion-manager' => [
+    'invokables' => [
+        'assertAlias' => 'assertionClass',
+        ...
+        ...
+    ]
+]
 ```
 
 Finally, our storage configuration.
@@ -89,6 +103,7 @@ Finally, our storage configuration.
 'aclman_storage' => [
     'AclStorage\Ex1' => [
         'roles' => [
+             // Config specific permission for role Role1 to resources Resource1 and Resource2
             'Role1' => [
                 'resources' => [
                     'Resource1' => [
@@ -100,95 +115,47 @@ Finally, our storage configuration.
                     ],
                     'Resource2' => [
                         [
-                            'assert' => null,
+                            'assert' => 'assertAlias',
                             'allow' => true,
                             'privilege' => 'view'
                         ]
                     ]
                 ],
             ],
-        ],
-    ],
-]
-```
-
-Our first ACL configuration is now complete. Use it:
-
-```php
-$aclService1 = $serviceLocator->get('AclService\Ex1');
-$aclService1->isAllowed('Role1', 'Resource1', 'view'); // FALSE
-$aclService1->isAllowed('Role1', 'Resource1', 'add'); // TRUE
-// ...
-```
-
-Usage (2)
----------
-
-Now we see how to modify the previous example in order to use the `AssertionManager`.
-
-We can do it in two ways: (1) create an assertion plugin manager or (2) fetch the provided `AssertionPluginManager` and add our assertions.
-
-We suggest you to create your own assertion plugin manager (1). For example:
-
-```php
-namespace Ex1;
-class OurAssertionPluginManager extends AbstractPluginManager
-{
-    protected $invokableClasses = [
-        'assertFalse' => 'Ex1\Assertion\Assertion1',
-        'assertTrue' => 'Ex1\Assertion\Assertion2',
-    ];
-
-    public function validatePlugin($plugin)
-    {
-        if ($plugin instanceof AssertionInterface) {
-            return;
-        }
-        throw new \Exception(sprintf(
-            'Plugin of type "%s" is invalid; must implement Zend\Permissions\Acl\Assertion\AssertionInterface',
-            (is_object($plugin) ? get_class($plugin) : gettype($plugin))
-        ));
-    }
-}
-```
-
-Now we need to register it in the service manager to load our assertion plugin manager.
-
-```php
-'invokables' => [
-    'AclMan\Plugin\Manager' => 'Ex1\OurAssertionPluginManager'
-]
-```
-
-Finally we can use our new assertions (see `(*)` in the comments) to configure roles:
-
-```php
-'aclman_storage' => [
-    'AclStorage\Ex1' => [
-        'roles' => [
-            'Role1' => [
+            // Config specific permission for all roles to resource Resource1 (e.x public resource)
+            StorageInterface::ALL_ROLES => [
                 'resources' => [
-                    'Resource1' => [
+                    'Resource3' => [
                         [
-                            'assert' => 'assertTrue', // (*)
                             'allow' => true,
-                            'privilege' => 'add'
                         ]
                     ],
-                    'Resource2' => [
+                ]
+            ],
+            // Config specific permission for Admin to all resource (e.x access to al resource to the admin)
+            'Admin' => [
+                'resources' => [
+                    StorageInterface::ALL_RESOURCES  => [
                         [
-                            'assert' => 'assertFalse', // (*)
                             'allow' => true,
-                            'privilege' => 'view'
                         ]
-                    ]
-                ],
+                    ],
+                ]
             ],
         ],
     ],
 ]
 ```
 
+Our first ACL configuration is now complete. Use it:
+
+```php
+$aclService1 = $serviceLocator->get('AclService\Ex1');
+$aclService1->isAllowed('Role1', 'Resource1', 'view'); // FALSE
+$aclService1->isAllowed('Role1', 'Resource1', 'add'); // TRUE
+// ...
+```
+
 Notice the behaviour ...
 
 ```php

library/Assertion/AssertionManagerFactory.php

@@ -10,6 +10,7 @@
 
 use Zend\Permissions\Acl\Assertion\AssertionManager;
 use Zend\ServiceManager\AbstractPluginManager;
+use Zend\ServiceManager\Config;
 use Zend\ServiceManager\FactoryInterface;
 use Zend\ServiceManager\ServiceLocatorInterface;
 
@@ -18,8 +19,12 @@
  */
 class AssertionManagerFactory implements FactoryInterface
 {
-    const PLUGIN_MANAGER_CLASS   = 'AclMan\Assertion\AssertionPluginManager';
-    const PLUGIN_MANAGER_SERVICE = 'AclMan\Plugin\Manager';
+    /**
+     * Config Key
+     *
+     * @var string
+     */
+    protected $configKey = 'aclman-assertion-manager';
 
     /**
      * Create service
@@ -29,15 +34,8 @@ class AssertionManagerFactory implements FactoryInterface
      */
     public function createService(ServiceLocatorInterface $serviceLocator)
     {
-        /* @var $plugins AbstractPluginManager */
-        if ($serviceLocator->has(self::PLUGIN_MANAGER_SERVICE)) {
-            $plugins = $serviceLocator->get(self::PLUGIN_MANAGER_SERVICE);
-        } else {
-            $pluginManagerClass = static::PLUGIN_MANAGER_CLASS;
-            $plugins = new $pluginManagerClass;
-        }
-        $plugins->setServiceLocator($serviceLocator);
-
-        return $plugins;
+        $config = $serviceLocator->get('Config');
+        $configManager = (isset($config['aclman-assertion-manager'])) ? new Config($config['aclman-assertion-manager']) : null;
+        return new AssertionManager($configManager);
     }
 }

library/Permission/GenericPermission.php

@@ -53,11 +53,11 @@ public function __construct($options = null)
     {
         if (isset($options['role'])) {
             $role = $this->checkRole($options['role']);
-            $this->roleId = $role->getRoleId();
+            $this->setRoleId($role);
         }
         if (isset($options['resource'])) {
             $resource = $this->checkResource($options['resource']);
-            $this->resourceId = $resource->getResourceId();
+            $this->setResourceId($resource);
         }
         if (isset($options['privilege'])) {
             $this->setPrivilege($options['privilege']);
@@ -71,19 +71,27 @@ public function __construct($options = null)
     }
 
     /**
-     * @param ResourceInterface $resource
+     * @param ResourceInterface|null $resource
+     * @return $this
      */
-    public function setResourceId(ResourceInterface $resource)
+    public function setResourceId(ResourceInterface $resource = null)
     {
-        $this->resourceId = $resource->getResourceId();
+        if ($resource) {
+            $this->resourceId = $resource->getResourceId();
+        }
+        return $this;
     }
 
     /**
-     * @param RoleInterface $role
+     * @param RoleInterface|null $role
+     * @return $this
      */
-    public function setRoleId(RoleInterface $role)
+    public function setRoleId(RoleInterface $role = null)
     {
-        $this->roleId = $role->getRoleId();
+        if ($role) {
+            $this->roleId = $role->getRoleId();
+        }
+        return $this;
     }
 
     /**

library/Resource/ResourceCheckTrait.php

@@ -22,14 +22,21 @@ trait ResourceCheckTrait
      * @return GenericResource
      * @throws InvalidParameterException
      */
-    private function checkResource($resource)
+    private function checkResource($resource = null)
     {
+        if (is_null($resource)) {
+            return $resource;
+        }
+
         if (is_string($resource)) {
             $resource = new GenericResource($resource);
         }
 
         if (!$resource instanceof ResourceInterface) {
-            throw new InvalidParameterException('Invalid type resource');
+            throw new InvalidParameterException(sprintf(
+                'Invalid type resource "%s"',
+                (is_object($resource) ? get_class($resource) : gettype($resource))
+            ));
         }
 
         return $resource;

library/Role/RoleCheckTrait.php

@@ -22,8 +22,12 @@ trait RoleCheckTrait
      * @return GenericRole
      * @throws InvalidParameterException
      */
-    private function checkRole($role)
+    private function checkRole($role = null)
     {
+        if (is_null($role)) {
+            return $role;
+        }
+
         if (is_string($role)) {
             $role = new GenericRole($role);
         }

library/Service/ServiceImplement.php → library/Service/Service.php

@@ -9,8 +9,8 @@
 namespace AclMan\Service;
 
 /**
- * Class ServiceImplement
+ * Class Service
  */
-class ServiceImplement extends ServiceAbstract
+class Service extends ServiceAbstract
 {
 }