diff --git a/README.md b/README.md index e739a7e..d574792 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This package provides an access control (right management) system based on user, roles, rights and objects. -#### User +### User The main reason of this package is to prove whether the user has a specific right or not. A user can have a right on different ways: @@ -15,12 +15,12 @@ A user can have a right on different ways: - through a global role - through an object role -#### Roles +### Roles A role is a defined set of rights and can extend another existing role. Roles can be assigned on a global scope or on a specific object. -#### Objects +### Objects An user can have a specific role for a specific object. As example: The User "John" has the role "author" on the object "BlogPost". A object can be any class that implements `ObjectInterface`. As example it could be the Eloquent model class `BlogPost`. @@ -36,7 +36,7 @@ composer require dtkahl/php-array-tools ## Usage -#### create User(s) +### create User(s) This is not really a big deal. You just need a class that implements the `UserAccessInterface`. This requires you to implement one method: @@ -44,7 +44,7 @@ This requires you to implement one method: - `getGlobalRoles` - Returns an array of role names (strings) you want your user to have. The way you store this information is completely up to you. -#### create Objects +### create Objects This is a step you can skip if you only want to implement global rights. If you wan to have object roles and rights you have to implement the `ObjectInterface` in your objects class. This requires three methods: @@ -54,7 +54,7 @@ This requires three methods: - `getRelatedObjects` - Returns an array of related objects (which also have to implement the interface). This is used for inheritance. As example: The User is allowed to delete a BlogComment because the BlogComment is related to the BlogPost for which the user has the role "author" -#### define roles an rights +### define roles an rights This could take place anywhere in your application but needs to be done before checking rights. The best place could be inside a dependency injection container. @@ -105,19 +105,19 @@ $judge = new Judge( This is the main class to check rights or roles. You normally want let your dependency container to return a instance of this class. It has the following public methods: -#### `registerRole($role)` +### `registerRole($role)` Register a new global role for the Judge instance. -#### `registerObject($object)` +### `registerObject($object)` Register a new object for the Judge instance. -#### `setUser($user)` +### `setUser($user)` Set the default user for the Judge instance. -#### `checkRight($rights, $object = null, $user = null)` +### `checkRight($rights, $object = null, $user = null)` Throws `NotAllowedException` if the user do not have the given right(s). If given object is null it only checks global rights. @@ -129,11 +129,11 @@ $comment = BlogComment::find('1'); $judge->checkRight('edit', $comment); // check if the default user is allowed to edit a specific comment ``` -#### `hasRight($rights, $object = null, $user = null)` +### `hasRight($rights, $object = null, $user = null)` This is a proxy for `checkRights()` but instead of throwing an exception it only return true or false. -#### `checkRole` +### `checkRole` Throws `NotALlowedException` if the user do not have the given role. If given object is null it only checks global roles. @@ -145,6 +145,6 @@ $comment = BlogComment::find('1'); $judge->checkRole('creator', $comment); // check if the default user is the creator of this comment ``` -#### `hasRight` +### `hasRight` -This is a proxy for `checkRole()` but instead of throwing an exception it only return true or false. \ No newline at end of file +This is a proxy for `checkRole()` but instead of throwing an exception it only return true or false.