Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add PHP adapter for ACL and Allow config#168

Merged
dereuromark merged 6 commits into
masterfrom
feature/php-yaml-adapters
May 4, 2026
Merged

Add PHP adapter for ACL and Allow config#168
dereuromark merged 6 commits into
masterfrom
feature/php-yaml-adapters

Conversation

@dereuromark

@dereuromark dereuromark commented May 4, 2026

Copy link
Copy Markdown
Owner

Closes #112.

Adds a PHP file backend alongside the existing INI adapters so users can pick a format that suits their config best.

What's added

Type ACL adapter Allow adapter Dependency
INI (existing default) IniAclAdapter IniAllowAdapter none
PHP (new) PhpAclAdapter PhpAllowAdapter none

Both adapters share the section-processing logic via two new abstract base classes (AbstractAclAdapter, AbstractAllowAdapter); each concrete adapter only implements parseConfig() for its file format. The INI adapters were refactored onto the base classes — public behavior is unchanged and existing tests still pass.

Switching adapters

'TinyAuth' => [
    'aclAdapter' => \TinyAuth\Auth\AclAdapter\PhpAclAdapter::class,
    'aclFile' => 'auth_acl.php',
    'allowAdapter' => \TinyAuth\Auth\AllowAdapter\PhpAllowAdapter::class,
    'allowFile' => 'auth_allow.php',
],

The PHP files use the same Plugin.Prefix/Controller section keys and actions => roles (or comma-separated action list for Allow) as the INI variant. See the PHP fixtures under tests/test_files/ for a full example.

Why no YAML

A YAML adapter was prototyped here too, but dropped: YAML treats * and ! as reserved metasyntax (alias references and tags), and those are exactly the characters TinyAuth's grammar leans on the most — * for "all actions/roles" and !action / !role for negation. Every realistic auth_acl.yml ended up needing quoted keys, and a config file that requires a legend explaining what to quote is the wrong format for this domain. The new abstract base classes make a third-party YAML (or any other format) adapter trivial to add.

Verification

  • vendor/bin/phpunit — 115 tests, all green
  • vendor/bin/phpstan analyse — clean
  • vendor/bin/phpcs — clean

Introduces AbstractAclAdapter and AbstractAllowAdapter holding the
section-processing logic shared across all adapters. INI adapters now
extend the base classes; new PhpAclAdapter, PhpAllowAdapter,
YamlAclAdapter and YamlAllowAdapter only implement the file parsing
step.

YAML adapters require symfony/yaml, declared as a suggest dependency
and used for tests via require-dev.
@codecov-commenter

codecov-commenter commented May 4, 2026

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

❌ Patch coverage is 88.67925% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.98%. Comparing base (863552d) to head (1c687ef).

Files with missing lines Patch % Lines
src/Auth/AclAdapter/AbstractAclAdapter.php 88.23% 6 Missing ⚠️
src/Auth/AclAdapter/PhpAclAdapter.php 85.71% 2 Missing ⚠️
src/Auth/AllowAdapter/AbstractAllowAdapter.php 91.30% 2 Missing ⚠️
src/Auth/AllowAdapter/PhpAllowAdapter.php 85.71% 2 Missing ⚠️
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.
Additional details and impacted files
@@             Coverage Diff              @@
##             master     #168      +/-   ##
============================================
+ Coverage     67.59%   67.98%   +0.38%     
- Complexity      627      639      +12     
============================================
  Files            29       33       +4     
  Lines          1614     1646      +32     
============================================
+ Hits           1091     1119      +28     
- Misses          523      527       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Master's new VitePress docs introduced a custom-adapters page that
described tinyauth as having only INI-based stores. Update the intro
to point at the now-three built-in formats so readers don't reach for
a custom adapter when they just want a different file format.
@dereuromark dereuromark marked this pull request as ready for review May 4, 2026 11:54
@dereuromark dereuromark changed the title Add PHP and YAML adapters for ACL and Allow config Add PHP and NEON adapters for ACL and Allow config May 4, 2026
@dereuromark dereuromark marked this pull request as draft May 4, 2026 11:59
@dereuromark dereuromark marked this pull request as ready for review May 4, 2026 12:04
Strip defensive quotes from comma-separated role/action lists where
YAML's block-scalar rules tolerate them, and drop the unnecessary
quotes around comma-bearing keys like 'edit,view' and 'view, edit'.
Add header comments explaining when quoting IS required (only when a
value/key starts with a YAML reserved character: *, !, &, >, |, etc.)
so future readers don't reach for quotes by reflex.

Tests still pass — the parsed structure is unchanged, only the
on-disk shape is more idiomatic.
@dereuromark dereuromark force-pushed the feature/php-yaml-adapters branch from 24ff611 to 8f3a8ef Compare May 4, 2026 12:13
@dereuromark dereuromark changed the title Add PHP and NEON adapters for ACL and Allow config Add PHP and YAML adapters for ACL and Allow config May 4, 2026
@dereuromark dereuromark marked this pull request as draft May 4, 2026 12:13
@dereuromark dereuromark marked this pull request as ready for review May 4, 2026 12:13
Composer can pick the highest version compatible with the host PHP:
v6.4 (PHP 8.1+), v7.x (PHP 8.2+) or v8.x (PHP 8.4+). Tinyauth's PHP
floor is 8.2, so v8 is reachable for users on PHP 8.4+ without
breaking the prefer-lowest path on 8.2/8.3.
@dereuromark dereuromark marked this pull request as draft May 4, 2026 12:16
@dereuromark dereuromark marked this pull request as ready for review May 4, 2026 12:16
Comment thread tests/test_files/auth_acl.yml Outdated
Posts.Posts:
'*': '*'
Posts.Admin/Posts:
'*': '*'

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With the issues around * and ! it seems that this not too user friendly to work with
As long as we dont come up with a better parser format, only PHP would be useful right now IMO.

YAML treats `*` and `!` as reserved metasyntax (alias reference and
tag), but those are exactly the characters TinyAuth's ACL grammar uses
most: `*` for "all actions/roles" and `!action` / `!role` for negation.
Every realistic YAML auth_acl.yml/auth_allow.yml ends up sprinkled with
quoted keys, which is the opposite of "human-friendly" — and a fixture
that needs a legend explaining what to quote is the wrong format for
this domain.

PHP arrays don't have this problem: `*` and `!index` are just strings,
no escaping ceremony, IDE-friendly, no extra dependency. INI stays the
zero-dependency default.

The AbstractAclAdapter / AbstractAllowAdapter base classes from this PR
are kept — INI and PHP both inherit from them, and a third-party YAML
(or any other format) adapter is now ~30 lines for whoever wants it.
@dereuromark dereuromark changed the title Add PHP and YAML adapters for ACL and Allow config Add PHP adapter for ACL and Allow config May 4, 2026
@dereuromark dereuromark merged commit 759147e into master May 4, 2026
16 checks passed
@dereuromark dereuromark deleted the feature/php-yaml-adapters branch May 4, 2026 13:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Adding PHP, YAML, ... adapters?

2 participants