A user always belong to a Company and the moment you signup we create a new company for yourself if you weren't invited.
You will always have the
userData DI for accessing the user information. You can do this on API (Mainly on controller files but if needed anywhere else, a direct call of the DI must me made) or CLI.
$this can be used to access the DI on controller:
Furthermore, for referencing it outside of the controller files, the DI must be called directly via the phalcon class
userData is an object from our class Canvas\Model\Users
We also attach an ACL to the user object, so you just have to call the can function(module.action) or the hasRole function(app.role) or the hasRole function(role).
These will let you know if the user has permission to run the action you desire.
We also provide the general concept for most of the CRUD use cases using our AclMiddleware.
By Default, the user can’t perform actions unless you give them permission.
Kanvas uses Phalcon default ACL, we provide a simpler layer to work with it and adapt it to our ecosystem needs.
Notice: We expect you to understand the basics of the ACL, so please review Phalcon Documentation
Specify the App name “dot” the role name. AppName.RoleName
Specify the App Name “dot” Resource Name and add the resource permissions options in an array
You can do this via the web UI, but sometimes you will need to do it manually via code by giving in this specific order:
- App “dot” ResourceName
- Resources you want to allow
You can do this via the web UI, but sometimes you will need to do it manually via code.
- Retrive the user
We already saw it on the middleware section but in order to protect a route you have to assign the auth.jwt and auth.acl middleware
We know JWT API are stateless, but we handle all our JWT token on the DB, this allows us to ban or invalidate Tokens on the fly, giving us more control over user’s actions across our ecosystem.
As an effort to prevent modification of the user module, we provide you with a hashTable trait that allows you to expand the Users table horizontally.