PHPackages ems/permit - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ems/permit ActiveLibrary[Authentication & Authorization](/categories/authentication) ems/permit ========== Permission based authentication system v0.5.2(1y ago)07.2k↑13.3%[4 issues](https://github.com/mtils/permit/issues)MITPHPPHP >=8.2.0 Since Dec 11Pushed 1y ago2 watchersCompare [ Source](https://github.com/mtils/permit)[ Packagist](https://packagist.org/packages/ems/permit)[ RSS](/packages/ems-permit/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (5)Versions (16)Used By (0) Permit ====== [](#permit) Permission checking library and nice interfaces for access control. Permit is a library to provide complete access control with permission-codes. Permission codes are just an array with some codes (strings) as keys and 1,0,-1 as values to allow, inherit and deny. The main features and goals are: - Have a nice top-level api to check permissions - Always return a user, no matter if it is logged in or not (return a guest or system/cron user) - Allow an secure and transparent "login-as-another-user" functionality - Splits authentication and simple getUser()/setUser functionality - Works with almost every other authentication system (Laravel, Sentry,...) It works almost like Sentry, so why not Sentry instead of Permit? - Sentry bybasses almost all auth functionalities of Laravel - It sticks a lot of logic into the value objects (like user or group) - Fat interfaces and therefore little chances to extend/modify it - Never use a Facade which is named by a package ;-) The Facade API (which is mostly used in views): ``` //Return the current user (always returns a user object) Auth::user(); // Set the current user Auth::setUser($user); // Check if the user is logged in Auth::loggedIn(); // Check if the current user has access to permission 'cms.access' Auth::allowed('cms.access'); // Check if user $joe has access to permission 'user.destroy' Auth::can($joe)->access('user.destroy'); ``` Internally the authentication interfaces are splitted into a container: ``` interface CurrentUser\ContainerInterface{ public function user(); public function setUser($user); public function clearUser(); } ``` The next interface is a permission holder: (This could be a user or a group) ``` public function getAuthId(); // returns 1, 0,-1 public function getPermissionAccess($code); public function setPermissionAccess($code, $access); // returns an indexed array of all codes public function permissionCodes($inherited=true); // returns if the user is a guest, same as !Auth::loggedIn() public function isGuest(); // returns if the user is the system itself (like cron or console) public function isSystem(); public function isSuperUser(); ``` The extended version of ContainerInterface is the DualContainerInterface, which allows login as a different user. ``` interface CurrentUser\DualContainerInterface extends ContainerInterface{ const BOTH = 0; const ACTUAL = 1; const STACKED = 2; // returns the user, which submitted the login form public function actualUser(); public function setActualUser(HolderInterface $user, $persist=true); // Returns the user the actual user wants to be temporarly public function stackedUser(); public function setStackedUser(HolderInterface $user, $persist=true); // Force the returned user to be the actualUser(). // This is very handy if you have an admin interface and the user should // be the actualUser inside the admin interface and outside of the the // stacked one // Laravel Route::when('admin*', Auth::forceActual()); public function forceActual($force=TRUE); // Returns if the currently returned user by user() is the actual user public function isActual(); // Resets this container (logout) public function reset($type=self::BOTH); } ``` ### Health Score 40 — FairBetter than 88% of packages Maintenance38 Infrequent updates — may be unmaintained Popularity23 Limited adoption so far Community8 Small or concentrated contributor base Maturity73 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~259 days Recently: every ~584 days Total 15 Last Release 540d ago PHP version history (2 changes)v0.1.0PHP >=5.4.0 v0.5.0PHP >=8.2.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/99acf76522a71f6ac363efaab2bec34dce2f74d3d82f1cb4680049dc4ef37cb7?d=identicon)[mtils](/maintainers/mtils) --- Top Contributors [![mtils](https://avatars.githubusercontent.com/u/2744124?v=4)](https://github.com/mtils "mtils (78 commits)") --- Tags authpermissions ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/ems-permit/health.svg) ``` [![Health](https://phpackages.com/badges/ems-permit/health.svg)](https://phpackages.com/packages/ems-permit) ``` ### Alternatives [jurager/teams Laravel package to manage team functionality and operate with user permissions. 22817.3k](/packages/jurager-teams)[arcanedev/laravel-auth Laravel Authorization package. 294.8k1](/packages/arcanedev-laravel-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)