PHPackages                             classoutfit/acl-permission - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. classoutfit/acl-permission

ActiveCakephp-plugin[Authentication & Authorization](/categories/authentication)

classoutfit/acl-permission
==========================

A really simple bit of CakePHP Acl code that takes permissions for new or existing Acos, creates them if needed and then sets the permissions.

1.1(9y ago)1161MITPHPPHP ^5.6

Since Sep 24Pushed 9y ago1 watchersCompare

[ Source](https://github.com/classoutfit/AclPermission)[ Packagist](https://packagist.org/packages/classoutfit/acl-permission)[ Docs](http://classoutfit.com)[ RSS](/packages/classoutfit-acl-permission/feed)WikiDiscussions master Synced 4w ago

READMEChangelogDependencies (2)Versions (4)Used By (0)

AclPermission
=============

[](#aclpermission)

A really simple bit of code that takes permissions for new or existing Acos, creates them if needed and then sets the permissions in a repeatable manner.

What it does
------------

[](#what-it-does)

The Acl data is a bit hard to understand by simply looking at it and it's not that easy to add new Acos or their permisisons. There are some plugins out there that work fine, but I find them a bit slow, especially when operating on a large CakePHP application. I got a bit frustrated and also a bit apprehensive as it seems the whole Acl data could burst out of control at any time as my application evolves. I also tend to use a lot of 'eyeology' when checking and setting the permissions and wanted something more reliable.

I wrote this small plugin in a few hours to so some really simple stuff.

Objective: When I add a new controller or action to my app, I want to create the Aco for the new controller and actions and then set some permissions for it. I also wanted to be able to repeat this reliably during a release to staging and production when ready.

There are two key elements; a database table and a controller. The table stores the functions in a flat format, making it it easy to see at a glance what the permissions are going to be. The columns are:

- plugin: the name of the plugin - leave blank if this is a core code Aco (i.e. not in a plugin)
- controller: the name of the controller (case matches the name of the controller class, e.g. ContactManager)
- action: the name of the action you want to add
- allow: the ids of the groups you want to set this permission for, separated by '/' e.g. 1/3/4 - can be letters or numbers, but must match the ids of your groups
- deny: same as allow

I generally build sites that set permissions at the group level rather than by individual users, but I guess this could be accomodated at some future point.

When you run the code, the plugin loops through the records. For each row, it checks to see if the Aco already exists. If the Aco for 'controllers' (the base Aco that is parent for everything), the plugin, the controller or the action doesn't exist, it will create them. The code uses the id of the Aco as the parent of each subsquent Aco so that they are stored in the right place. The Acl component takes care of the tree structure. It then examines the 'allow' and 'deny' columns. It breaks the ids apart (so 1/3/4 becomes 1, 3 and 4 stored in an array) and calls the Acl component to set the allow or deny permissions on that function for each group in turn.

To install the Plugin
---------------------

[](#to-install-the-plugin)

- Find and run the acl\_permissions.sql script in app/Config/Schema into your database
- Copy the Plugin into app/Plugin/AclPermission
- Edit app/Config/bootstrap.php: CakePlugin::load(array( // your existing plugins..., 'AclPermission' );
- Add this function to a controller:

public function set\_permissions() { $this->AclPermission->AclPermission->set\_permissions(); }

- Grant Auth permissions to that action in the controller's beforeFilter(): $this->Auth->allow('set\_permissions');

You could this to the acl\_permissions tbale so that permissions are set properly, then remove the Auth->allow statement for future runs. The row would look like this:

- plugin: 'AclPermission'
- controller: 'AclPermission'
- action: 'set\_permissions'
- allow: '1' (assuming your admin role/group has an id of 1)
- deny: blank

To add new Acos and their permissions
-------------------------------------

[](#to-add-new-acos-and-their-permissions)

To add new Acos and their permissions, add rows to the acl\_permissions table that match your new objects. See column definitions above.

To run the permission setting code
----------------------------------

[](#to-run-the-permission-setting-code)

Navigate to \[yoursite\]/\[controller\_name\]/acl\_permission/acl\_permissions/set\_permissions

When complete, it redirects to the route of your site with a success message.

What's missing?
---------------

[](#whats-missing)

No tests yet, but they will come.

What's coming?
--------------

[](#whats-coming)

- Some views for showing and changing the permissions you want to set
- A 'reverse engineer' function that extracts the rows from your acos and aros\_acos tables into the flat format that's easy to digest
- A 'complete rebuild' option so that your acos and aros\_acos tables are cleared and rebuilt based on your new permissions

###  Health Score

27

—

LowBetter than 47% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity12

Limited adoption so far

Community4

Small or concentrated contributor base

Maturity60

Established project with proven stability

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

3565d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/65592e6855df7651b4733cb4e5670486401a6a4c3ba2d41c6871a8c78bb9ac07?d=identicon)[classoutfit](/maintainers/classoutfit)

---

Tags

cakephpacl

### Embed Badge

![Health badge](/badges/classoutfit-acl-permission/health.svg)

```
[![Health](https://phpackages.com/badges/classoutfit-acl-permission/health.svg)](https://phpackages.com/packages/classoutfit-acl-permission)
```

###  Alternatives

[dereuromark/cakephp-tinyauth

A CakePHP plugin to handle user authentication and authorization the easy way.

131237.3k13](/packages/dereuromark-cakephp-tinyauth)[markstory/acl_extras

Additional tools for managing DB ACL in CakePHP applications.

155312.5k](/packages/markstory-acl-extras)[cakedc/users

Users Plugin for CakePHP

523918.4k18](/packages/cakedc-users)[helsingborg-stad/municipio

A bootstrap theme for creating municipality sites.

4028.3k10](/packages/helsingborg-stad-municipio)[ivanamat/cakephp3-aclmanager

AclManager plugin for CakePHP 3.x

2715.6k2](/packages/ivanamat-cakephp3-aclmanager)[dereuromark/cakephp-setup

A CakePHP plugin containing lots of useful management tools

35184.7k2](/packages/dereuromark-cakephp-setup)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)