PHPackages                             codekanzlei/cake-auth-actions - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. codekanzlei/cake-auth-actions

ActiveCakephp-plugin

codekanzlei/cake-auth-actions
=============================

Simple ACL alternative for CakePHP 4

v3.0.5(6y ago)274.4k↓34.4%22MITPHPPHP >=7.1

Since Feb 9Pushed 2y ago1 watchersCompare

[ Source](https://github.com/scherersoftware/cake-auth-actions)[ Packagist](https://packagist.org/packages/codekanzlei/cake-auth-actions)[ RSS](/packages/codekanzlei-cake-auth-actions/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (10)Dependencies (6)Versions (19)Used By (2)

CakePHP 4 cake-auth-actions
===========================

[](#cakephp-4-cake-auth-actions)

[![License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.txt)[![Build Status](https://camo.githubusercontent.com/1b7a02b0cc902fdae38f08dc7f9c12406748a26411c44f18335bd213787e09a1/68747470733a2f2f7472617669732d63692e6f72672f73636865726572736f6674776172652f63616b652d617574682d616374696f6e732e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/scherersoftware/cake-auth-actions)

A simple, configuration based ACL alternative for CakePHP 4. Allows you to define specific access rights to controller actions for different kinds of users.

Installation
------------

[](#installation)

#### 1. Install the plugin via composer

[](#1-install-the-plugin-via-composer)

```
composer require codekanzlei/auth-actions

```

#### 2. Load the plugin in your `src/Application.php`

[](#2-load-the-plugin-in-your-srcapplicationphp)

```
$this->addPlugin('AuthActions');

```

Usage & Configuration
-------------------------

[](#usage--configuration)

#### 1. Configure `AppController.php`

[](#1-configure-appcontrollerphp)

In your `src/Controller/AppController.php`, insert the following pieces of code in the matching sections:

**Traits:**

```
use \AuthActions\Lib\AuthActionsTrait;
...
use AuthActionsTrait;

```

**$components:**

```
public $components = [
    'Auth' => [
        'authenticate' => [
            'Form' => [
                'repository' => 'Users',
                'scope' => [
                    'status' => Status::ACTIVE,
                ]
            ]
        ],
        'authorize' => ['Controller'],
        'loginAction' => [], // prefered login view
        'loginRedirect' => [], // redirect after successful login
        'logoutRedirect' => [], // redirect after logout
        'authError' => 'PERMISSION_DENIED',

        // namespace declaration of AuthUtilsComponent
        'AuthActions.AuthUtils'
    ]
];

```

**beforeFilter():**

```
public function beforeFilter(\Cake\Event\Event $event)
{
    $this->initAuthActions();
}

```

#### 2. Configure `AppView.php`

[](#2-configure-appviewphp)

**initialize():**

```
public function initialize()
{
    $this->loadHelper('Auth', [
        'className' => 'AuthActions.Auth'
    ]);
}

```

#### 3. Create additional files

[](#3-create-additional-files)

In your project's `config` folder, create the required config files.

**Note:** For reference, see these files:

- `auth_actions.php-default`

    here you can grant or restrict access to Controller functions to certain user roles.
- `user_rights.php-default`

    here you can define further custom access rights, allowing easy control over which buttons will be rendered in view files, depending on the role of the user that's viewing them.

See \[4. Grant/Restrict group rights\](#### 4. Grant/Restrict group rights) for further information and example code snippets.

**auth\_actions.php**

```
touch config/auth_actions.php

```

**user\_rights.php**

```
touch config/user_rights.php

```

#### 3. Define custom user roles

[](#3-define-custom-user-roles)

Add a new column namend `role` to your database users table.

In your `User.php`, you can define custom user roles as constants.

A commonly used, basic set of user roles ADMIN and USER can be defined as follows:

```
const ROLE_ADMIN = 'admin';
const ROLE_USER = 'user';

```

#### 4. Grant/Restrict group rights

[](#4-grantrestrict-group-rights)

Following the example of a simple USER and ADMIN setup above, consider the following commonly needed use-cases.

- **restricting access for non-admin users:**Consider a basic "Users" MVC setup. Assuming you wish to only grant ADMINS access to every controller-action, including edit() as well as any functions added later on, while restricting USERS from all functions except for index() and view().

    In `auth_actions.php`:

    ```
      $config = [
          'auth_actions' => [
              // Controller name: 'Users'
              'Users' => [
                  // wildcard * includes every action in this controller
                  '*' => [
                      User::ROLE_ADMIN
                  ],

                  // here we explicitly list actions that
                  // USERS shall be able to access
                  'index' => [
                      User::ROLE_USER
                  ],
                  'view' => [
                      User::ROLE_USER
                  ]
              ]
          ]
      ];

    ```
- **preventing buttons from being rendered in a view:** The above code will prevent USERS from calling any action in UsersController except for index() and view() but - for example - edit buttons next to User entities in your index-view will still be rendered. Here's how you can prevent them from being rendered if the view file is being viewes by a non-ADMIN user:

    In `user_rights.php`:

    ```
      $config = [
          'user_rights' => [
              // granting a custom right only for Users of type ADMIN
              'viewEditButton' => [
                  User::ROLE_ADMIN
              ]
          ]
      ];

    ```

    In your index view:

    ```

    ```

###  Health Score

38

—

LowBetter than 85% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity34

Limited adoption so far

Community19

Small or concentrated contributor base

Maturity67

Established project with proven stability

 Bus Factor1

Top contributor holds 52.5% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~103 days

Recently: every ~6 days

Total

18

Last Release

2362d ago

Major Versions

v1.0.3 → v2.0.0-rc12017-10-20

v2.0.0-rc2 → v3.0.32017-11-22

v2.0.0-rc3 → v3.0.02019-06-04

v3.0.5 → v4.0.0-rc12019-11-05

PHP version history (3 changes)v2.0.0-rc2PHP >=7.1

v4.0.0-rc1PHP >=7.1.0

v4.0.0-rc4PHP >=7.2.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/7005ae518cf40495e5e8bbf91ae64379e5a853a62c2e35bcdc7ead11e6014ea2?d=identicon)[robertscherer](/maintainers/robertscherer)

![](https://www.gravatar.com/avatar/d0b3fb0817571a9d93cae13183799e0b255c5e028de7141e9979ab72b406d8ad?d=identicon)[felixkempf](/maintainers/felixkempf)

---

Top Contributors

[![robertschererc](https://avatars.githubusercontent.com/u/203977391?v=4)](https://github.com/robertschererc "robertschererc (21 commits)")[![jonathan-neugber](https://avatars.githubusercontent.com/u/17924468?v=4)](https://github.com/jonathan-neugber "jonathan-neugber (8 commits)")[![felixkempf](https://avatars.githubusercontent.com/u/8512231?v=4)](https://github.com/felixkempf "felixkempf (7 commits)")[![cleptric](https://avatars.githubusercontent.com/u/6617432?v=4)](https://github.com/cleptric "cleptric (3 commits)")[![jeffersongoncalves](https://avatars.githubusercontent.com/u/411493?v=4)](https://github.com/jeffersongoncalves "jeffersongoncalves (1 commits)")

###  Code Quality

TestsPHPUnit

Static AnalysisPHPStan

Type Coverage Yes

### Embed Badge

![Health badge](/badges/codekanzlei-cake-auth-actions/health.svg)

```
[![Health](https://phpackages.com/badges/codekanzlei-cake-auth-actions/health.svg)](https://phpackages.com/packages/codekanzlei-cake-auth-actions)
```

###  Alternatives

[friendsofcake/cakepdf

CakePHP plugin for creating and/or rendering Pdfs, several Pdf engines supported.

3752.1M3](/packages/friendsofcake-cakepdf)[cakephp/app

CakePHP skeleton app

3831.7M1](/packages/cakephp-app)[cakephp/bake

Bake plugin for CakePHP

11211.2M158](/packages/cakephp-bake)[dereuromark/cakephp-tools

A CakePHP plugin containing lots of useful and reusable tools

338920.1k32](/packages/dereuromark-cakephp-tools)[dereuromark/cakephp-queue

The Queue plugin for CakePHP provides deferred task execution.

308850.3k14](/packages/dereuromark-cakephp-queue)[dereuromark/cakephp-ide-helper

CakePHP IdeHelper Plugin to improve auto-completion

1862.1M27](/packages/dereuromark-cakephp-ide-helper)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)