PHPackages                             dbeurive/rbac - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. dbeurive/rbac

ActiveLibrary

dbeurive/rbac
=============

This package contains a basic implementation of Role Base Access Control

1.0.1(9y ago)020PrivatePHP

Since Jul 5Pushed 9y ago1 watchersCompare

[ Source](https://github.com/dbeurive/rbac)[ Packagist](https://packagist.org/packages/dbeurive/rbac)[ RSS](/packages/dbeurive-rbac/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (1)Versions (3)Used By (0)

Description
===========

[](#description)

This package contains a basic implementation of a role-based access control (RBAC) mechanism.

Please note that role-based access control (RBAC) differs from an access control list (ACL).

In general terms:

- An access control list (ACL) specifies which users are granted access to resources, as well as what operations are allowed on given resources. For instance, if a resource has an ACL that contains (Alice: read,write; Bob: read), this would give Alice permission to read and write the file and Bob to only read it.
- Role-based access control (RBAC) is an approach to restricting system access to authorized users. In role based access control, the role hierarchy defines an inheritance relationship among roles. Higher-level roles subsume permissions owned by sub-roles.

> Please note that, because Higher-level roles subsume permissions owned by sub-roles, role-based access control is **unsuitable** to manage individuals' ownerships over resources.

Installation
============

[](#installation)

Form the command line:

```
composer require dbeurive/rbac

```

Or, from within your file `composer.json`:

```
"require": {
    "dbeurive/rbac": "*"
}

```

Synopsis
========

[](#synopsis)

```
use dbeurive\Rbac\RolesHierarchy;

// Specify the hierarchy of roles using the builder

$hierarchy = new RolesHierarchy("super-admin");
$hierarchy
    ->addSubRole("admin")
        ->addSubRole("admin-bouygues")
            ->addSubRole("user-bouygues")
            ->up()
        ->up()
        ->addSubRole("admin-orange")
            ->addSubRole("user-orange")
            ->up()
        ->up()
    ->up()
    ->addSubRole("other-admin");

// Test a given role.

if ($hierarchy->canAccessResource("super-admin", "admin")) {
    // "super-user" can access resources managed by "admin".
}
```

Please note that you can also specify the hierarchy through an array:

```
$hierarchy = array(
     'role'   => 'super-admin',
     'access' => array(
         array(
             'role'   => 'admin',
             'access' =>  array(
                 array(
                     'role'   => 'admin-bouygues',
                     'access' => array(
                         array(
                             'role'   => 'user-bouygues',
                             'access' => array()
                         )
                     )
                 )
             )
         ),
         array(
             'role'   => 'admin-orange',
             'access' => array(
                 array(
                     'role'   => 'user-orange',
                     'access' => array()
                 )
             )
         ),
         array(
             'role'   => 'other-admin',
             'access' => array()
         )
     )
);

$this->__hierarchyArray = new RolesHierarchy($hierarchy);
```

> NOTE: the key `access` ALWAYS points to an **array of arrays**.

Below, the graphical representation of the tree.

[![Example](https://github.com/dbeurive/rbac/raw/master/doc/example.gif)](https://github.com/dbeurive/rbac/blob/master/doc/example.gif)

API overview
============

[](#api-overview)

construct($inHierarchyOrTopRole)
--------------------------------

[](#constructinhierarchyortoprole)

Construct a new hierarchy of roles.

The argument `$inHierarchyOrTopRole` may be a string or an array.

- If `$inHierarchyOrTopRole` is a string: it represents the name of the role a the top of the hierarchy.
- If `$inHierarchyOrTopRole` is an array: it represents the entire hierarchy.

addSubRole($inRole)
-------------------

[](#addsubroleinrole)

Add a role to the level below the current level. The current level becomes the newly added sub level.

up()
----

[](#up)

Go back one level up from the current role.

canAccessResource($inRole, $inOtherRole)
----------------------------------------

[](#canaccessresourceinrole-inotherrole)

Test if a given role (`$inRole`) can access resources managed by another role (`$inOtherRole`).

If the role `$inRole` can access the resources managed by the other role (`$inOtherRole`), then the method returns the value `true`. Otherwise it returns the value `false`.

cmp($inRole, $inOtherRole)
--------------------------

[](#cmpinrole-inotherrole)

Compare the positions of two roles within the hierarchy.

- if `$inRole` is "above" `$inOtherRole`, then the method returns the value +1.
- If `$inRole` and `$inOtherRole` are identical, then the method returns the value 0.
- if `$inOtherRole` is "below" `$inRole`, then the method returns the value -1.

toDot()
-------

[](#todot)

Generate the [GraphViz](http://www.graphviz.org) representation of the hierarchy of roles.

The method returns a string that represents the DOT representation of the tree.

Assuming that you store this string in the file `tree.dot`, then you can get the graphical representation of the tree with the following command:

```
dot -Tgif -Ograph tree.dot

```

###  Health Score

27

—

LowBetter than 49% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity6

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity64

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~2 days

Total

2

Last Release

3593d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/2608f031e92b087ec62521ea3c7c9cc5f3fc53c9fedb346aadceb39039532b5f?d=identicon)[dbeurive](/maintainers/dbeurive)

---

Top Contributors

[![dbeurive](https://avatars.githubusercontent.com/u/18211524?v=4)](https://github.com/dbeurive "dbeurive (10 commits)")

### Embed Badge

![Health badge](/badges/dbeurive-rbac/health.svg)

```
[![Health](https://phpackages.com/badges/dbeurive-rbac/health.svg)](https://phpackages.com/packages/dbeurive-rbac)
```

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)