2024-03-07 279次浏览

RBAC packages got big update:

Let's see, what's new and what was fixed.

Raising PHP version

We bumped minimum PHP version to 8.1 in all RBAC packages.

Code quality

We raised the code quality according to set standards in all packages:

  • 1st level in static analysis by Psalm.
  • 100% code coverage by unit tests.
  • 100% in mutation testing.

Using storages via Manager

In the previous version we didn't pay sufficient attention to testing storages in conjunction with Manager . Remember that interaction with storages must be done exactly using Manager , not directly. The corresponding tests were added and a number of related problems were fixed.

In particular, the coupling of storages was removed (it was more actual for DB based implementations). Thus, it's now possible to fully use different combinations of storages in the way how it was initially planned. It was possible in Yii 2 too. One of the frequent cases is when permissions and roles are stored in PHP file (less updated), while assignments - in database (updated more often).

Also, the massive performance optimization was done.

Checking access

  • We fixed the issue, when rules were not executed for guests and other items in hierarchy tree branch.
  • Besides permission, now it's possible to check existence for user roles as well.
  • A permission is now allowed for a user with granted access at least by one branch of hierarchy tree.

Simple storage implementations

Simple storages implementations were added. Their main feature is filling the properties of a corresponding class during reading data from storages and further working with these properties. In addition to full testing of base package (it can't be used on its own) it allowed to get rid of repeated code in PHP implementation (with corresponding improvements for concurrency).

Specific changes for different storage implementations

RBAC PHP Storage

  • Concurrency support was added, this can be helpful when file is being edited simultaneously.
  • The problems with saving creation and update time of roles / permissions and assignments were fixed.
  • We slightly simplified the process of setting filename while configuring storages.

The feature of manual file edit was saved. Note that in this case you need to manually sync the changes in other storage. If you prefer this method - optional fields can be omitted, along with timestamps - when they are missing, file modification time will be used as a fallback. The file modification time is now customizable as well. Besides timestamps, its change acts like a trigger for updating data with enabled concurrency handling mode.

RBAC Cycle DB & RBAC Yii DB storages

Performance optimization

In addition to optimization in the base package, specific DB optimization was done.

Migrations

We finally decided, how migrations are supposed to be handled. We decided to reject experimental approaches with raw SQL, CLI and use corresponding packages - Cycle Migrations and Yii DB Migration (moreover the latter received the first stable version not a long time ago).

To continue the topic of removing coupling - each storage got its own independent set of migrations. Therefore, if you decide to store assignments only in the database - the tables for items will not be even created initially.

Also, the migration of existing data from Yii 2 was simplified by keeping original property names of entities, as much as possible.

All tables how have yii prefix by default for preventing potential collisions with user tables and easier identification. We plan to incorporate such approach to other DB dependent packages too.

In storages default table names were added for simplifying configuration.

Transactions

The decorator for Manager was added which guarantee data integrity during simultaneous changes in different storages, in particular during update of permissions and roles.

Full changes list can be found in CHANGELOG: