PHPackages geggleto/psr7-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. geggleto/psr7-acl ActiveLibrary[HTTP & Networking](/categories/http) geggleto/psr7-acl ================= PSR-7 Zend ACL 1.3.0(10y ago)342.3k6[3 issues](https://github.com/geggleto/geggleto-acl/issues)2MITPHP Since Jan 5Pushed 7y ago7 watchersCompare [ Source](https://github.com/geggleto/geggleto-acl)[ Packagist](https://packagist.org/packages/geggleto/psr7-acl)[ RSS](/packages/geggleto-psr7-acl/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (3)Versions (16)Used By (2) [![Build Status](https://camo.githubusercontent.com/f8d7f7c181bae0ef6cad97945a8dc352279d7d6fca03a60405c9962ce7270820/68747470733a2f2f7472617669732d63692e6f72672f676567676c65746f2f676567676c65746f2d61636c2e737667)](https://travis-ci.org/geggleto/geggleto-acl) geggleto-acl ============ [](#geggleto-acl) Provides a ACL repository and Middleware using Zend/Permissions/Acl library PSR-7 Compliant - Blog post on this package - How it works ============ [](#how-it-works) - Resources are end-points - Roles are a group of resources - You can either allow or deny those roles. The roles a user has are loaded into the AclRepo on every request. I suggest loading them into a session variable rather than pulling them from storage everytime (usage case depending). The current route is then inspected and compared to the list of accessable resources in a middleware. a 401 is returned if a user is not allowed. If the user is allowed the application is allowed to continue. By default no message body is provided on the 401, and if you require a page to be rendered then you will need to write your own middleware. Usage Example ============= [](#usage-example) ``` //Define or Pull your ACL's into the following format /* $config = [ "resources" => ["/", "/no", "/yes"], "roles" => ["guest", "user1", "user2"], "assignments" => [ "allow" => [ "guest" => ["/"], "user1" => ["/", "/no"], "user2" => ["/", "/yes"] ], "deny" => [ "guest" => ["/no", "/yes"], "user1" => ["/yes"], "user2" => ["/no"] ] ] ]; */ //In Slim v3 $app->add(\Geggleto\Acl\AclRepository(["guest"], //This should be in a nice php file by itself for easy inclusion... include '/path/to/acl/definition.php' [ "resources" => ["/", "/no", "/yes"], "roles" => ["guest", "user1", "user2"], "assignments" => [ "allow" => [ "guest" => ["/"], "user1" => ["/", "/no"], "user2" => ["/", "/yes"] ], "deny" => [ "guest" => ["/no", "/yes"], "user1" => ["/yes"], "user2" => ["/no"] ] ] ])); ``` Dynamic Routes ============== [](#dynamic-routes) In the case where your resource changes, it is possible to still correctly match by setting a resources with a Route Pattern. By default the system will inspect the $request's 'route' attribute and this Object should return the route pattern with ->getPatter(); Out of the box this will work with Slim 3 routes if you have turned on the 'determineRouteBeforeAppMiddleware' => true option. Example Config: ``` return [ "resources" => ["/", "/login", "/grid", "/404", "/logout", "/roles", "/roles/{pein}"], "roles" => ["guest", "grid", "roles"], "assignments" => [ "allow" => [ "guest" => ["/", "/404", "/login"], "grid" => [ '/grid', '/logout' ], "roles" => ['/roles', '/roles/{pein}'] ], "deny" => [] ] ]; ``` If this does not fit your usage, feel free to override the default handler by setting your own via `setHandler(callable)` Middleware ---------- [](#middleware) You can use the repo class directly which contains this code block... or modify this code block to suit your needs. ``` $app->add(function (Request $request, Response $res, $next) { /** @var $aclRepo AclRepository */ $aclRepo = $this->get(AclRepository::class); //In Slim 3 the container is bound to function definitions $allowed = false; // We assume that the user cannot access the route $route = '/' . ltrim($request->getUri()->getPath(), '/'); //We construct our path try { //Check here... This will pass when a route is simple and there is no route parameters $allowed = $aclRepo->isAllowedWithRoles($aclRepo->getRole(), $route); } catch (InvalidArgumentException $iae) { //This is executed in cases where there is a route parameters... /user/{id:} $fn = function (ServerRequestInterface $requestInterface, AclRepository $aclRepo) { //This will likely only work in Slim 3... This requires the determineRouteBeforeAppMiddleware => true to be set in the container $route = $requestInterface->getAttribute('route'); // Grab the route to get the pattern if (!empty($route)) { foreach ($aclRepo->getRole() as $role) { if ($aclRepo->isAllowed($role, $route->getPattern())) { // check to see fi the user can access the pattern return true; //Is allowed } } } return false; }; $allowed = $fn($request, $aclRepo); // Execute the fail-safe } if ($allowed) { return $next($request, $res); } else { return $res->withStatus(401); //Is not allowed. if you need to render a template then do that. } }); ``` White listing ------------- [](#white-listing) You may add a URI path for white listing. The whitelisting is based upon `strpos()` so you may use a URI fragment to whitelist a whole class of URIs. With this it is possible to whitelist URIs by accident. Example: ``` $acl = new Acl(); $acl->addWhitelistItem('/api'); ``` In this example any URI with `/api` will be whitelisted. - `/api/*` - `/myexample/api/*` ### Health Score 38 — LowBetter than 85% of packages Maintenance18 Infrequent updates — may be unmaintained Popularity30 Limited adoption so far Community20 Small or concentrated contributor base Maturity71 Established project with proven stability Bus Factor1 Top contributor holds 94.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~5 days Recently: every ~18 days Total 15 Last Release 3704d ago Major Versions 0.0.1 → 1.0.02016-01-06 ### Community Maintainers ![](https://www.gravatar.com/avatar/7f941aecd52e3f8ac94dbe9b714801c7adc767acc32644d3ee6a4efeded84c5e?d=identicon)[geggleto](/maintainers/geggleto) --- Top Contributors [![geggleto](https://avatars.githubusercontent.com/u/4027602?v=4)](https://github.com/geggleto "geggleto (37 commits)")[![lotharthesavior](https://avatars.githubusercontent.com/u/1092909?v=4)](https://github.com/lotharthesavior "lotharthesavior (1 commits)")[![matthewtrask](https://avatars.githubusercontent.com/u/4731244?v=4)](https://github.com/matthewtrask "matthewtrask (1 commits)") --- Tags aclmiddlewareslimzendpsr-7psr7slimzendaclpermissions ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/geggleto-psr7-acl/health.svg) ``` [![Health](https://phpackages.com/badges/geggleto-psr7-acl/health.svg)](https://phpackages.com/packages/geggleto-psr7-acl) ``` ### Alternatives [league/route Fast routing and dispatch component including PSR-15 middleware, built on top of FastRoute. 6633.1M115](/packages/league-route)[dflydev/fig-cookies Cookies for PSR-7 HTTP Message Interface. 2268.5M102](/packages/dflydev-fig-cookies)[neomerx/cors-psr7 Framework agnostic (PSR-7) CORS implementation (www.w3.org/TR/cors/) 682.4M19](/packages/neomerx-cors-psr7)[jasny/auth Authentication, authorization and access control for Slim Framework and other PHP micro-frameworks 11816.4k1](/packages/jasny-auth)[phpro/http-tools HTTP tools for developing more consistent HTTP implementations. 28137.8k](/packages/phpro-http-tools)[wellrested/wellrested Simple PHP Library for RESTful APIs 4818.7k4](/packages/wellrested-wellrested) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)