{"id":41900254,"url":"https://github.com/imarc/auth","last_synced_at":"2026-01-25T15:04:49.870Z","repository":{"id":26500083,"uuid":"29952520","full_name":"imarc/auth","owner":"imarc","description":"iMarc's RBAC and ACL Authorization","archived":false,"fork":false,"pushed_at":"2023-10-20T04:04:53.000Z","size":39,"stargazers_count":4,"open_issues_count":0,"forks_count":2,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-08-14T18:25:42.663Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/imarc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2015-01-28T05:37:54.000Z","updated_at":"2024-07-28T15:31:48.000Z","dependencies_parsed_at":"2022-08-17T17:05:24.870Z","dependency_job_id":"59b3ac91-3b2c-4cbf-a9aa-9e40f219e214","html_url":"https://github.com/imarc/auth","commit_stats":{"total_commits":23,"total_committers":3,"mean_commits":7.666666666666667,"dds":0.5217391304347826,"last_synced_commit":"5dcba121a9a181f6af3de13dad0a342d82cac13d"},"previous_names":[],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/imarc/auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imarc%2Fauth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imarc%2Fauth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imarc%2Fauth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imarc%2Fauth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/imarc","download_url":"https://codeload.github.com/imarc/auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/imarc%2Fauth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28754808,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-25T13:59:49.818Z","status":"ssl_error","status_checked_at":"2026-01-25T13:59:33.728Z","response_time":113,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-25T15:04:48.840Z","updated_at":"2026-01-25T15:04:49.861Z","avatar_url":"https://github.com/imarc.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"Imarc's RBAC and ACL Authorization\n============\n\nThis project combines more traditional RBAC methods with user centric and dynamic overrides for\na nice middle ground.  It allows you to define a role based access control list as well as create\nentity or model level instance overrides and dynamic logic for more complex checks.\n\n## ACLs\n\n### Creating an ACL\n\n```php\n$acl = new Auth\\ACL();\n```\n\n### Adding a Role Access\n\n- First parameter is the name of the role (case insenstive)\n- Second parameter is a class of objects or string (case insenstive)\n- Third parameter is array of allowed actions\n\n```php\n$acl-\u003eallow('Admin', 'User', ['create', 'read', 'update', 'delete']);\n```\n\n### Aliasing Access\n\n```php\n$acl-\u003ealias('manage', ['create', 'read', 'update', 'delete']);\n```\n\n### Adding Using Alias\n\n```php\n$acl-\u003eallow('Admin', 'Article', ['manage']);\n```\n\n## Authorization Manager\n\nYou can create an authorization manager for your authorized user.  The object you pass to the\nconstructor must implement the `Auth\\EntityInterface` which contains two methods:\n\n- getRoles() - returns an array of all the roles the object/entity contains\n- getPermissions() - returns user specific ACLs which overload roles\n\n### Creating the Manager\n\n```php\n$manager = new Auth\\Manager($user);\n```\n\n### Adding an ACL\n\n```php\n$manager-\u003eadd($acl)\n```\n\n### Checking the Managed Entity's Role\n\n```php\n$manager-\u003eis('Admin');\n```\n\n### Checking the Managed Entity's Effective Permission\n\n```php\n$manager-\u003ecan('create', 'Article');\n```\n\nOr with an object of matching class:\n\n```php\n$manager-\u003ecan('create', $article);\n```\n\n#### Checking Entities Implementing AuthInterface\n\nThe `AuthInterface` provides a way in which entities can provide custom logic to authorize\nmanaged entities against themselves.  Using the previous example:\n\n```php\n$manager-\u003ecan('create', $article);\n```\n\nIf the `$article` parameter is an object implementing `AuthInterface` the manager will call\nthe `can()` method on it passing the manager instance as the first parameter, and the permission\nwhich is being checked as the second.  The article can then do something such as the following:\n\n```php\npublic function can(Manager $manager, $permission)\n{\n\tif ($manager-\u003ehas($permission, $this)) {\n\t\treturn TRUE;\n\t}\n\n\treturn $manager-\u003eentity == $this-\u003egetOwner();\n}\n```\n\nIn this example the entity checks to see if its owner is the managed entity to provide permission\nfor any action which is not otherwise granted.\n\n\n#### Code Check and Testing\n\nRun Analysis:\n\n```\nphp vendor/bin/phpstan -l7 analyse src/\n```\n\nRun Tests:\n\n```\nphp vendor/bin/phpunit --bootstrap vendor/autoload.php test/cases\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimarc%2Fauth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fimarc%2Fauth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fimarc%2Fauth/lists"}