cakephp-tinyauth

Improvements

Added convenience CLI command (CakePHP 3.6+) to sync ACL for any new controller.
It will automatically skip controllers that are whitelisted as public (non authenticated).
In a future version this could also be broken down to action level.

Allow for custom AclAdapters to provide the ACL data array for Authorization.

Included commits: https://github.com/dereuromark/cakephp-tinyauth/compare/1.7.0...1.8.0

Improvements

CakePHP 3.6 support.
This also sets 3.5 as minimum requirement now.

It can, however, be still necessary to set your error level to E_ALL & ~E_USER_DEPRECATED in your app.php config.

New requirements

Using CakePHP 3.4+ now as well as PHP 5.6+.

Improvements

• Cleanup of API, no usage of deprecated methods.
• PHPStan 0.9 level 6 support.
• Prefer Lowest Comp. Check on Travis.
• PHP 7.2 check on Travis.

Fix super admin role allow in case of string/int mismatch.

The DB was queried on each call of hasAccess() for multi role setup.
This is now fixed with an internal cache map per user ID per request.

Before, with some auth setups it was possible that the auth allow INI file was not read in time.
This is now fixed.

A wrong exception has been removed.
In some cases the user might not yet have a role, and this now fine.

Features

A new AuthUserComponent and AuthUserHelper is now built in, allowing for authorization and role checks.

The helper also allows for dynamic ACL links, which can either be completely invisible when no access, or just display their text without being clickable.
It also allows to just check for certain URLs, and based on that decide manually how to proceed.
This makes it possible to use inside dynamically rendered menus (like a NavigationHelper) to output role based navigation structures.

Finally, both acl.ini and auth_allow.ini file can be split across multiple paths (e.g. plugins) and will then be merged together. The speed of the application is not affected, of course, since this all is happening behind the cache.

Removed deprecations

The aclPath option has been removed. Please make sure you are using filePath before upgrading.
The constants have been deprecated and are now removed.

Via auth_allow.ini file you can now globally and centrally control the controller actions which should be publicly accessible.

Note that since this version CakePHP 3.2 and therefore PHP 5.5 is the minimum requirement. But since CakePHP 3.2 this is the default PHP minimum anyway, therefore no major version bump here.

Also added basic Migrations file for out of the box multi-user roles as database approach.

Big thanks to the CakePHP community and the people contributing here to make this plugin more awesome every day!

The id column is now configurable.
Also some of the deprecations have been removed.

No plugin bootstrap anymore.
Please make sure you are loading the plugin as instructed in the README.

No USERS constants anymore.
Please make sure you upgrade to the new configs:

• usersTable (no constant anymore)
• userColumn (new)

usersTable, pivotTable and rolesTable now support plugin prefixing, e.g.:

// App
'usersTable' => 'Users',

// User plugin
'usersTable' => 'User.Users',

Some might know Tiny Auth from CakePHP 2.x as part of the Tools plugin.
After 6+ years it has now owned a place as standalone plugin.

See the sandbox @ http://sandbox3.dereuromark.de/auth-sandbox for a live demo.

A huge thx to @bravo-kernel as he helped a great deal to upgrade it to 3.x and provided an incredible 94% test coverage.