PHPackages dotkernel/dot-rbac-guard - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. dotkernel/dot-rbac-guard ActiveLibrary[Authentication & Authorization](/categories/authentication) dotkernel/dot-rbac-guard ======================== Dotkernel RBAC guards component 4.2.1(6mo ago)520.8k↑183.3%22MITPHPPHP ~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0CI passing Since Mar 9Pushed 6mo agoCompare [ Source](https://github.com/dotkernel/dot-rbac-guard)[ Packagist](https://packagist.org/packages/dotkernel/dot-rbac-guard)[ Docs](https://github.com/dotkernel/dot-rbac-guard)[ RSS](/packages/dotkernel-dot-rbac-guard/feed)WikiDiscussions 3.0 Synced 1mo ago READMEChangelog (10)Dependencies (14)Versions (33)Used By (2) dot-rbac-guard ============== [](#dot-rbac-guard) Defines authorization guards that authorize users to access certain parts of an application based on various criteria. If the authorization service can be used to check authorization on a narrow level, the guards are meant to work as gateways to bigger parts of an application. Usually, you'll want to use both methods in an application for increased security. Documentation ------------- [](#documentation) Documentation is available at: . Badges ------ [](#badges) [![OSS Lifecycle](https://camo.githubusercontent.com/3597b159b6598128eb2af7c2eab53e9a4bafd86355050451cbef7ecf763b18c6/68747470733a2f2f696d672e736869656c64732e696f2f6f73736c6966656379636c652f646f746b65726e656c2f646f742d726261632d6775617264)](https://camo.githubusercontent.com/3597b159b6598128eb2af7c2eab53e9a4bafd86355050451cbef7ecf763b18c6/68747470733a2f2f696d672e736869656c64732e696f2f6f73736c6966656379636c652f646f746b65726e656c2f646f742d726261632d6775617264)[![PHP from Packagist (specify version)](https://camo.githubusercontent.com/9f0c5f95b68eb1958afb1aad376db261b20f3e428e9ad8a99660f3b1889171da/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f646f746b65726e656c2f646f742d726261632d67756172642f332e372e30)](https://camo.githubusercontent.com/9f0c5f95b68eb1958afb1aad376db261b20f3e428e9ad8a99660f3b1889171da/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f646f746b65726e656c2f646f742d726261632d67756172642f332e372e30) [![GitHub issues](https://camo.githubusercontent.com/79ea5bf620f7b15cdbc91ede3d56325e06f3f3391499b133ec1870bd5cab6290/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6973737565732f646f746b65726e656c2f646f742d726261632d6775617264)](https://github.com/dotkernel/dot-rbac-guard/issues)[![GitHub forks](https://camo.githubusercontent.com/76aca6df6b5fd21371d1724c9cdb0f10e508c2a32db58e1b8c9918c3a806a18a/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f666f726b732f646f746b65726e656c2f646f742d726261632d6775617264)](https://github.com/dotkernel/dot-rbac-guard/network)[![GitHub stars](https://camo.githubusercontent.com/fe7386d0ce001c92a186680ce8d789009ce2133ade1e7d926373af71577c1fad/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f646f746b65726e656c2f646f742d726261632d6775617264)](https://github.com/dotkernel/dot-rbac-guard/stargazers)[![GitHub license](https://camo.githubusercontent.com/cf5e07c252da161c62bd7aabb9904eb4b120e070aed87ce1fccd421bf3bd74ab/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f646f746b65726e656c2f646f742d726261632d6775617264)](https://github.com/dotkernel/dot-rbac-guard/blob/3.0/LICENSE.md) [![Build Static](https://github.com/dotkernel/dot-rbac-guard/actions/workflows/continuous-integration.yml/badge.svg?branch=3.0)](https://github.com/dotkernel/dot-rbac-guard/actions/workflows/continuous-integration.yml)[![codecov](https://camo.githubusercontent.com/6cf90dbaeddbb7326603aeffda2f48131714ec572388a11eb87fd354e0172a04/68747470733a2f2f636f6465636f762e696f2f67682f646f746b65726e656c2f646f742d726261632d67756172642f67726170682f62616467652e7376673f746f6b656e3d48423731384753494b53)](https://codecov.io/gh/dotkernel/dot-rbac-guard)[![PHPStan](https://github.com/dotkernel/dot-rbac-guard/actions/workflows/static-analysis.yml/badge.svg?branch=3.0)](https://github.com/dotkernel/dot-rbac-guard/actions/workflows/static-analysis.yml) Installation ------------ [](#installation) Run the following command in your project's root directory ``` $ composer require dotkernel/dot-rbac-guard ``` Please note that this module is built around the authorization service defined in module dot-rbac. Running the above command will also install that package. You'll have to first configure dot-rbac before using this module. Configuration ------------- [](#configuration) As with many Dotkernel modules, we focus on the configuration-based approach of customizing the module for your needs. After installing, merge the module's `ConfigProvider` with your application's config to make sure required dependencies and default module configuration are registered. Create a configuration file for this module in your 'config/autoload' folder. ### authorization-guards.global.php [](#authorization-guardsglobalphp) ``` return [ 'dot_authorization' => [ //define how it will treat non-matching guard rules, allow all by default 'protection_policy' => \Dot\Rbac\Guard\GuardInterface::POLICY_ALLOW, 'event_listeners' => [ [ 'type' => 'class or service name of the listener', 'priority' => 1, ], ], //define custom guards here 'guard_manager' => [], //register custom guards providers here 'guards_provider_manager' => [], //define which guard provider to use, along with its configuration //the guard provider should know how to build a list of GuardInterfaces based on its configuration 'guards_provider' => [ 'type' => 'ArrayGuards', 'options' => [ 'guards' => [ [ 'type' => 'Route', 'options' => [ 'rules' => [ 'premium' => ['admin'], 'login' => ['guest'], 'logout' => ['admin', 'user', 'viewer'], 'account' => ['admin', 'user'], 'home' => ['*'], ] ] ], [ 'type' => 'RoutePermission', 'options' => [ 'rules' => [ 'premium' => ['premium'], 'account' => ['my-account'], 'logout' => ['only-logged'], ] ] ], [ 'type' => 'Controller', 'options' => [ 'rules' => [ [ 'route' => 'controller route name', //list of actions to apply, or empty array for all actions 'actions' => [], //by default, authorization pass if all permissions are present (AND) //list of roles to allow 'roles' => [], ], ] ] ], [ 'type' => 'ControllerPermission', 'options' => [ 'rules' => [ [ 'route' => 'controller route name', //list of actions to apply, or empty array for all actions 'actions' => [], //by default, authorization pass if all permissions are present (AND) //list of permissions to allow 'permissions' => [], ], [ 'route' => 'controller route name', //list of actions to apply, or empty array for all actions 'actions' => [], 'permissions' => [ //permission can be defined in this way too, for all permission type guards //list of permissions 'permissions' => [], 'condition' => \Dot\Rbac\Guard\GuardInterface::CONDITION_OR, ] ] ] ] ] ] ], ], //overwrite default messages 'messages_options' => [ 'messages' => [ //MessagesOptions::UNAUTHORIZED => 'You must sign in first to access the requested content', //MessagesOptions::FORBIDDEN => 'You don\'t have enough permissions to access the requested content', ] ], ], ]; ``` Register the RbacGuardMiddleware in the pipe -------------------------------------------- [](#register-the-rbacguardmiddleware-in-the-pipe) The last step to use this package is to register the middleware. This middleware triggers the authorization event. You MUST insert this middleware between the routing middleware and the dispatch middleware of the application, because the guards need the `RouteResult` in order to get the matched route and params. ### middleware-pipeline.global.php [](#middleware-pipelineglobalphp) ``` //... 'routing' => [ 'middleware' => [ ApplicationFactory::ROUTING_MIDDLEWARE, //... \Dot\Rbac\Guard\Middleware\RbacGuardMiddleware::class, //... ApplicationFactory::DISPATCH_MIDDLEWARE, ], 'priority' => 1, ], //... ``` ### Health Score 57 — FairBetter than 98% of packages Maintenance68 Regular maintenance activity Popularity33 Limited adoption so far Community19 Small or concentrated contributor base Maturity92 Battle-tested with a long release history Bus Factor1 Top contributor holds 61.5% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~105 days Recently: every ~2 days Total 31 Last Release 189d ago Major Versions 2.9.2 → 3.4.12023-08-25 2.9.4 → 3.5.02024-05-03 3.5.0 → 4.0.02025-01-23 3.6.0 → 4.1.02025-03-14 3.7.0 → 4.2.02025-11-03 PHP version history (9 changes)0.1.0PHP ^7.1 v2.0.0PHP ^7.2 3.0.1PHP ^7.4 3.2.0PHP ~7.4.0 || ~8.0.0 || ~8.1.0 2.9.0PHP ~8.0.0 || ~8.1.0 || ~8.2.0 3.4.0PHP ~8.1.0 || ~8.2.0 3.4.2PHP ~8.1.0 || ~8.2.0 || ~8.3.0 4.0.0PHP ~8.1.0 || ~8.2.0 || ~8.3.0 || ~8.4.0 3.0.x-devPHP ~8.2.0 || ~8.3.0 || ~8.4.0 || ~8.5.0 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/1156873?v=4)[Dotkernel](/maintainers/dotkernel)[@dotkernel](https://github.com/dotkernel) --- Top Contributors [![n3vrax](https://avatars.githubusercontent.com/u/5805542?v=4)](https://github.com/n3vrax "n3vrax (48 commits)")[![bidi47](https://avatars.githubusercontent.com/u/27284979?v=4)](https://github.com/bidi47 "bidi47 (8 commits)")[![arhimede](https://avatars.githubusercontent.com/u/22009710?v=4)](https://github.com/arhimede "arhimede (7 commits)")[![alexmerlin](https://avatars.githubusercontent.com/u/4542449?v=4)](https://github.com/alexmerlin "alexmerlin (6 commits)")[![Howriq](https://avatars.githubusercontent.com/u/63609103?v=4)](https://github.com/Howriq "Howriq (4 commits)")[![gabidj](https://avatars.githubusercontent.com/u/3998573?v=4)](https://github.com/gabidj "gabidj (2 commits)")[![Jurj-Bogdan](https://avatars.githubusercontent.com/u/53825374?v=4)](https://github.com/Jurj-Bogdan "Jurj-Bogdan (2 commits)")[![Calin23](https://avatars.githubusercontent.com/u/51288903?v=4)](https://github.com/Calin23 "Calin23 (1 commits)") --- Tags laminasAuthenticationauthorizationrbacmezziorbac-guard ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/dotkernel-dot-rbac-guard/health.svg) ``` [![Health](https://phpackages.com/badges/dotkernel-dot-rbac-guard/health.svg)](https://phpackages.com/packages/dotkernel-dot-rbac-guard) ``` ### Alternatives [league/oauth2-server A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 6.6k136.0M248](/packages/league-oauth2-server)[laminas/laminas-permissions-rbac Provides a role-based access control management 353.4M29](/packages/laminas-laminas-permissions-rbac)[mezzio/mezzio-authentication-oauth2 OAuth2 (server) authentication middleware for Mezzio and PSR-7 applications. 28483.0k2](/packages/mezzio-mezzio-authentication-oauth2)[mezzio/mezzio-authentication Authentication middleware for Mezzio and PSR-7 applications 121.6M26](/packages/mezzio-mezzio-authentication)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro)[efficiently/authority-controller AuthorityController is an PHP authorization library for Laravel 5 which restricts what resources a given user is allowed to access. 15533.2k](/packages/efficiently-authority-controller) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)