PHPackages gobline/acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. gobline/acl ActiveLibrary[Authentication & Authorization](/categories/authentication) gobline/acl =========== ACL component v2.0.1(10y ago)41241BSD-3-ClausePHPPHP >=5.6.0 Since Nov 10Pushed 9y ago1 watchersCompare [ Source](https://github.com/gobline/acl)[ Packagist](https://packagist.org/packages/gobline/acl)[ Docs](https://github.com/gobline)[ RSS](/packages/gobline-acl/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependenciesVersions (7)Used By (1) ACL (Access Control List) component =================================== [](#acl-access-control-list-component) ACL's allow an application to control access to its protected areas, files, operations and objects from requests. - a **resource** represents an area or element to which access is controlled. - a **role** represents a user, users' group or object that may request access to a resource. - a **privilege** is an access right (or permission) for a resource, such as read and write permissions to a file. Why Another ACL Component? -------------------------- [](#why-another-acl-component) The ACL component was primarily written to **add support for** defining rules on **path resources**. You will find the basic usage in the following sections but by then, if you are already a little familiar to ACL, you can already have a look at the quick excerpt below demonstrating the utility and advantage of the component. ``` $memberArea = new Gobline\Acl\Resource('/member-area', new Gobline\Acl\Matcher\StartsWithMatcher()); $acl->addRole('member') ->allow('member', $memberArea, '*'); $adminArea = new Gobline\Acl\Resource('/admin-area', new Gobline\Acl\Matcher\StartsWithMatcher()); $acl->addRole('admin') ->allow('admin', $adminArea, '*'); $acl->isAllowed('guest', '/member-area/edit/profile'); // returns false $acl->isAllowed('member', '/member-area/edit/profile'); // returns true $acl->isAllowed('member', '/admin-area/user/list'); // returns false ``` In a web application, this is particularly useful to control access on the application's areas through the URL path. Creating an ACL --------------- [](#creating-an-acl) ``` $acl = new Gobline\Acl\Acl(); ``` Adding Roles to the ACL ----------------------- [](#adding-roles-to-the-acl) ``` $acl->addRole('guest'); ``` or ``` $roleGuest = new Gobline\Acl\Role('guest'); $acl->addRole($roleGuest); ``` Defining Access Controls ------------------------ [](#defining-access-controls) After adding the relevant roles, rules can be established that define how resources may be accessed by roles. ``` $acl->allow('guest', 'page', 'view'); // the role "guest" is now allowed to "view" the "page" resource ``` ``` $acl->allow('member', 'page', ['view', 'create', 'edit']); // the role "member" is allowed to "view", "create" and "edit" the "page" resource ``` To define a rule applied to all resources, the special resource named "\*" can be used: ``` $acl->allow('guest', '*', 'view'); // the role "guest" is now allowed to "view" any resource ``` To define a rule with all privileges, the special privilege named "\*" can be used: ``` $acl->allow('admin', 'page', '*'); // the role "admin" is now allowed to access any privilege on the "page" resource ``` ``` $acl->allow('superadmin', '*', '*'); // the role "superadmin" is now allowed to access any privilege on any resource ``` Querying the ACL ---------------- [](#querying-the-acl) After adding the rules, we can query the ACL to check if a role has been given permission or not. ``` $acl->isAllowed('guest', 'page', 'edit'); // returns false $acl->isAllowed('admin', 'page', 'edit'); // returns true $acl->isAllowed('admin', 'user', 'edit'); // returns false $acl->isAllowed('superadmin', 'user', 'edit'); // returns true ``` You will note that by default, until a developer specifies an *allow* rule, `Gobline\Acl\Acl` denies access to every privilege upon every resource by every role. Resources --------- [](#resources) As you might have noticed in the examples above, the resources are registered when defining the rules, while the roles must have previously been added to the ACL. The reason for this is because the resources can not only just be a name or identifier, but also a pattern or regex, or even a custom object implementing the `matches()` method of the `Gobline\Acl\ResourceInterface` interface. The most straightforward example demonstrating the use of matchers, would be implementing an ACL managing access rights to files. ``` $resource = new Gobline\Acl\Resource('/home/john', new Gobline\Acl\Matcher\StartsWithMatcher()); $acl->addRole('john') ->allow('john', $resource, 'read'); $acl->isAllowed('john', '/home/john/file.txt', 'read'); // returns true $acl->isAllowed('john', '/home/john/file.txt', 'write'); // returns false $acl->isAllowed('john', '/home/matthew/file.txt', 'read'); // returns false ``` Another example: ``` $resource = new Gobline\Acl\Resource('%^/page/(.*?)/view%', new RegexMatcher()); $acl->addRole('guest') ->allow('guest', $resource, '*'); $acl->isAllowed('guest', '/page/42/view')); // returns true $acl->isAllowed('guest', '/page/42/edit')); // returns false ``` Roles Inheritance ----------------- [](#roles-inheritance) Roles can inherit from other roles, and consequently inherit their rules. ``` $acl->addRole('guest') ->addRole('member', 'guest') // "member" inherits the rules of "guest" ->addRole('moderator', 'member'); // "moderator" inherits the rules of "member" $acl->allow('guest', 'page', 'view') // guests can only view pages ->allow('member', 'page', ['create', 'edit']) // members can view, create and edit pages ->deny('moderator', 'page', 'create') // moderators cannot create a new page ->allow('moderator', 'page', 'delete'); // moderators can view, edit and delete pages ``` The example above also demonstrates the use of `deny()` (because one might wonder what is the purpose of having a `deny()` method if anything is denied by default anyway). The moderators inherit the *view* privilege from the *guest* role and the *create* and *edit* privileges from the *member* role. However, we don't want to allow a moderator to be able to create new pages, but only moderate existing pages. To achieve this, we simply add a deny rule overriding the inherited rule that granted *create* persmission, as shown above. Sharing Roles among Multiple ACL Instances ------------------------------------------ [](#sharing-roles-among-multiple-acl-instances) There are cases where you might need to have multiple ACL instances. For instance, you might need to define rules for path resources, and rules for different resources in your application. To avoid mixing different type of resources in your ACL, you can create multiple ACL instances and share a unique *role registry*. ``` $roles = new Gobline\Acl\Roles(); // registry of roles $roles->add('guest') ->add('member', 'guest') ->add('moderator', 'member'); $acl1 = new Gobline\Acl\Acl($roles); // defining rules for $acl1 $acl2 = new Gobline\Acl\Acl($roles); // defining rules for $acl2 ``` Installation ------------ [](#installation) You can install the ACL component using the dependency management tool [Composer](https://getcomposer.org/). Run the *require* command to resolve and download the dependencies: ``` composer require gobline/acl ``` ### Health Score 29 — LowBetter than 59% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community6 Small or concentrated contributor base Maturity62 Established project with proven stability How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~78 days Recently: every ~90 days Total 6 Last Release 3811d ago Major Versions v1.1.0 → v2.0.02015-12-03 PHP version history (2 changes)v1.0.0PHP >=5.5.0 v2.0.0PHP >=5.6.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/1564a230fe2f5125b0504cf6b6fe1e829face1a5d20ec663b3b8d22843312c7d?d=identicon)[mdecaffmeyer](/maintainers/mdecaffmeyer) --- Tags aclaccess control listgobline ### Embed Badge ![Health badge](/badges/gobline-acl/health.svg) ``` [![Health](https://phpackages.com/badges/gobline-acl/health.svg)](https://phpackages.com/packages/gobline-acl) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[laminas/laminas-permissions-acl Provides a lightweight and flexible access control list (ACL) implementation for privileges management 3212.3M81](/packages/laminas-laminas-permissions-acl) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)