PHPackages                             bk2k/rights-and-roles - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. bk2k/rights-and-roles

ActiveTypo3-cms-extension[Authentication &amp; Authorization](/categories/authentication)

bk2k/rights-and-roles
=====================

Extension for enhanced Rights and Roles

15.4k1PHP

Since Jun 17Pushed 2y ago1 watchersCompare

[ Source](https://github.com/benjaminkott/ext-rights-and-roles)[ Packagist](https://packagist.org/packages/bk2k/rights-and-roles)[ RSS](/packages/bk2k-rights-and-roles/feed)WikiDiscussions master Synced yesterday

READMEChangelogDependenciesVersions (2)Used By (0)

DO NOT USE IN PRODUCTION YET
============================

[](#do-not-use-in-production-yet)

Rights and Roles
================

[](#rights-and-roles)

This Extension handles several improvements for TYPO3 permission system.

- Prefix Groups with `[G]`
- Prefix Roles with `[R]`

1. Rights and Roles Matrix
--------------------------

[](#1-rights-and-roles-matrix)

It provides a Backend Module for a list of all Groups starting with \[G\]. It shows a Matrix of assigned or not assigned rights in table with the information about assignment of right to group (or to role).

2. Overload the access to pages etc
-----------------------------------

[](#2-overload-the-access-to-pages-etc)

In the default you can only assign a single user or a single group to the access for pages. This is sometimes not the correct way (see [https://de.wikipedia.org/wiki/Access\_Control\_List](https://de.wikipedia.org/wiki/Access_Control_List)).

So ACLs are not implemented in TYPO3. The solution is this extension.

You can implement the two following hooks in your code to archive this goal:

```

$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['getPagePermsClause'][] = function ($params) use ($configuration)
{
    // Call the hook from RightsAndRoles Extension
    $hook = new \BK2K\RightsAndRoles\Hook\BackendUserGroupRightsHook($configuration);
    return $hook->getPagePermsClause($params);
};

$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['calcPerms'][] = function ($params) use ($configuration)
{
    // Call the hook from RightsAndRoles Extension
    $hook = new \BK2K\RightsAndRoles\Hook\BackendUserGroupRightsHook($configuration);
    return $hook->calcPerms($params);
};

```

Now you are able to configure your permissions.

You have to add the following structure in your configuration:

```
  EXT
    page:
      debug: 1          # Debug mode flag
      access:           # the Access configuration
        13:
          0: 1

```

This means, that the group "13" (in this example a base group for simple editor) can read (decimal 1, binary 1) all pages (0). The rights are calulated by standard binary additions (see \\TYPO3\\CMS\\Core\\Type\\Bitmask\\Permission):

```
  NOTHING: 0       (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::NOTHING)
  PAGE_SHOW: 1     (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_SHOW)
  PAGE_EDIT: 2     (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_EDIT)
  PAGE_DELETE: 4   (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_DELETE)
  PAGE_NEW: 8      (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_NEW)
  CONTENT_EDIT: 16 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::CONTENT_EDIT)
  ALL: 31          (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::ALL)

```

If a usergroup can view the page and should be able to edit the content, the correct binary value should be "PAGE\_SHOW | CONTENT\_EDIT", which is calculated in decimal 17. If a usergroup should have a specific access of a single page, you can add this page ID in the group block:

```
  EXT
    page:
      access:
        13:
          25: 19

```

With this configuration the usergroup "13" can "PAGE\_SHOW &amp;&amp; PAGE\_EDIT &amp;&amp; CONTENT\_EDIT" for the Page with ID "25". You can also combine the default page "0" (every page) with specific Page ID like:

```
  EXT
    page:
      access:
        13:
          0: 1
          25: 19

```

###  Health Score

22

—

LowBetter than 22% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity20

Limited adoption so far

Community11

Small or concentrated contributor base

Maturity31

Early-stage or recently created project

 Bus Factor1

Top contributor holds 72.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/3243119?v=4)[Benjamin Kott](/maintainers/benjaminkott)[@benjaminkott](https://github.com/benjaminkott)

---

Top Contributors

[![benjaminkott](https://avatars.githubusercontent.com/u/3243119?v=4)](https://github.com/benjaminkott "benjaminkott (8 commits)")[![andreaskienast](https://avatars.githubusercontent.com/u/1787983?v=4)](https://github.com/andreaskienast "andreaskienast (2 commits)")[![NeoBlack](https://avatars.githubusercontent.com/u/1128085?v=4)](https://github.com/NeoBlack "NeoBlack (1 commits)")

### Embed Badge

![Health badge](/badges/bk2k-rights-and-roles/health.svg)

```
[![Health](https://phpackages.com/badges/bk2k-rights-and-roles/health.svg)](https://phpackages.com/packages/bk2k-rights-and-roles)
```

###  Alternatives

[namshi/jose

JSON Object Signing and Encryption library for PHP.

1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client

OAuth 1.0 Client Library

99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google

Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client

41721.2M118](/packages/league-oauth2-google)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)