PHPackages gtt/reverse-search-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. gtt/reverse-search-acl ActiveLibrary[Authentication & Authorization](/categories/authentication) gtt/reverse-search-acl ====================== Provides a way for Symfony's ACL infrastructure to find object identities that are accessible (with specified permission like VIEW, EDIT, etc) by specified security identity 1.0.0(9y ago)426MITPHPPHP >=5.5 Since Sep 3Pushed 8y ago3 watchersCompare [ Source](https://github.com/GlobalTradingTechnologies/reverse-search-acl)[ Packagist](https://packagist.org/packages/gtt/reverse-search-acl)[ RSS](/packages/gtt-reverse-search-acl/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (3)Versions (4)Used By (0) Symfony ACL reverse search component ==================================== [](#symfony-acl-reverse-search-component) [![Build Status](https://camo.githubusercontent.com/41650bac955be8b6b2aa502ef825d497a7c27fb1b7d87cdf6b154a8f3537ffac/68747470733a2f2f7472617669732d63692e6f72672f476c6f62616c54726164696e67546563686e6f6c6f676965732f726576657273652d7365617263682d61636c2e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/GlobalTradingTechnologies/reverse-search-acl)[![Latest Stable Version](https://camo.githubusercontent.com/f06c3c83a3164bfd6096a9f8526fdafcccd0433c0452dd8b99c2e4f5ac0c806a/68747470733a2f2f706f7365722e707567782e6f72672f6774742f726576657273652d7365617263682d61636c2f762f737461626c65)](https://packagist.org/packages/gtt/reverse-search-acl)[![Latest Unstable Version](https://camo.githubusercontent.com/ec289a629a45b8e01bbbd2d5ebaba2b238e30dac9f5385f68eea826e67030eb2/68747470733a2f2f706f7365722e707567782e6f72672f6774742f726576657273652d7365617263682d61636c2f762f756e737461626c65)](https://packagist.org/packages/gtt/reverse-search-acl)[![License](https://camo.githubusercontent.com/36eb7eca17ec54538f3bffd3c36f1715e001822211c35f2aa38a4a7aa27314b5/68747470733a2f2f706f7365722e707567782e6f72672f6774742f726576657273652d7365617263682d61636c2f6c6963656e7365)](https://packagist.org/packages/gtt/reverse-search-acl) This library extends base Symfony's [MutableAclProvider](https://github.com/symfony/security-acl/blob/master/Dbal/MutableAclProvider.php)with ability to find accessible object identities for specified security identity. You can also specify permission Ace was granted for target security identity with. This library provides convenient way create admin interfaces for ACL-based systems where you need to show assigned domain objects and permissions for fetched for requested single user in the system Requirements ============ [](#requirements) Library requires Symfony's security-acl package and doctrine/dbal component to interact with acl database How it works? ============= [](#how-it-works) As was said above the library contains extended acl provider - ReverseSearchAclProvider. Basically there is nothing more inside. The main goal of this provider being is to do reverse action against [PermissionGrantingStrategy](https://github.com/symfony/security-acl/blob/master/Domain/PermissionGrantingStrategy.php) does when it checks whether specified SecurityIdentity has access (the type of access is restricted by permission: VIEW, EDIT, etc) to specified ObjectIdentity or not. Due to performance reasons (which were actually kept in mind during Symfony's ACL system designing) ReverseSearchAclProvider solves this task by constructing and executing PDO statement similar to the other ones in [AclProvider](https://github.com/symfony/security-acl/blob/master/Dbal/AclProvider.php). Installation ============ [](#installation) Library can by installed with composer quite easy: ``` composer require gtt/reverse-search-acl ``` Usage ===== [](#usage) In order to create instance of ReverseSearchAclProvider you need to specify the same constructor parameters that are required for MutableAclProvider and prepend this list with the instance of [PermissionMapInterface](https://github.com/symfony/security-acl/blob/master/Permission/PermissionMapInterface.php) (since ReverseSearchAclProvider needs to translate specified permission to masks): ``` use Gtt\Acl\Dbal\ReverseSearchAclProvider; use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity; use Symfony\Component\Security\Acl\Permission\BasicPermissionMap; use Symfony\Component\Security\Acl\Permission\BasicPermissionMap; use Doctrine\DBAL\DriverManager; $provider = new ReverseSearchAclProvider( new BasicPermissionMap() DriverManager::getConnection(['driver' => 'pdo_sqlite','memory' => true], new PermissionGrantingStrategy(), [] // list of base acl provider options ); ``` Now you are ready to find which domain objects (or classes itself or class/object fields) can see (permission VIEW) some user or role: ``` $sid = UserSecurityIdentity::fromAccount(new User('jimmy', 'jimmypass')); // you can also analyse roles // $sid = new RoleSecurityIdentity('ROLE_ADMIN'); $allowed = $provider->findAllowedEntries($sid, "VIEW") ``` The returned result will be an array with the following structure ``` [ // the key is FQCN of the class of the object that can be accessed by specified Security Identity instance (SID) '\F\Q\C\N' => [ // if this flag is presented class ace was inserted for current SID 'class_access' => true, // list of class field's granted to current SID 'class_field_access' => ['field1', 'field2', 'field3'], // id of the domain objects accessible by current SID 'object_access' => ['id1', 'id2', 'id3', 'id4'], // list of domain object fields (grouped by object id) granted to current SID 'object_field_access' => [ 'id2' => ['field1', 'field2'], 'id5' => ['field3'] ] ] ] ``` You can also restrict the search by specifying class and/or field of the allowed object identities to fetch: ``` $allowed = $provider->findObjectIdentities( $sid, "VIEW", ['class' => \My\Domain\Object\Class] ); ``` Restrictions ============ [](#restrictions) - Note that library reverse work of [PermissionGrantingStrategy](https://github.com/symfony/security-acl/blob/master/Domain/PermissionGrantingStrategy.php). Use it with the other ones only if you know exactly what are you doing. - If you use the both object and class aces (or object field and class field aces) you should note the [PermissionGrantingStrategy](https://github.com/symfony/security-acl/blob/master/Domain/PermissionGrantingStrategy.php) during access decisions consequentially checks object-level and then class-level ACE's to grant or deny access. Object and class access information returned by provider separately so to be sure that current SID has (or doesn't have) access to current object you should take in account the both class and object access info (ie object\_access/class\_access or object\_field\_access/class\_field\_access). - Be careful if you are using [PermissionMapInterface](https://github.com/symfony/security-acl/blob/master/Permission/PermissionMapInterface.php) instances that are really take in account specified object (second parameter in PermissionMapInterface::getMasks method) during retrieving masks process (there are no such PermissionMapInterface implementations in Symfony for now, but anyway). ### Health Score 28 — LowBetter than 54% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community9 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~213 days Total 3 Last Release 3475d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/aff38c7c201e49cb668c6f45e6577f009f9acc211fe41f3737368cdc5de2c5f0?d=identicon)[fduch](/maintainers/fduch) ![](https://www.gravatar.com/avatar/bb355559c0366ede2f505345c1063cec701c24f5c473cc6825a8b3b807970af9?d=identicon)[gtt](/maintainers/gtt) --- Top Contributors [![fduch](https://avatars.githubusercontent.com/u/1204137?v=4)](https://github.com/fduch "fduch (17 commits)") --- Tags searchsymfonyaclreverse ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/gtt-reverse-search-acl/health.svg) ``` [![Health](https://phpackages.com/badges/gtt-reverse-search-acl/health.svg)](https://phpackages.com/packages/gtt-reverse-search-acl) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[casbin/laravel-authz An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel. 324339.9k4](/packages/casbin-laravel-authz)[oneup/acl-bundle The missing link between Symfony`s Acl implementation and your application. 52106.8k](/packages/oneup-acl-bundle)[web-token/jwt-library JWT library 2011.2M83](/packages/web-token-jwt-library)[tilleuls/acl-sonata-admin-extension-bundle ACL list filtering for SonataAdmin 4532.4k](/packages/tilleuls-acl-sonata-admin-extension-bundle)[nahid/permit Permit is a laravel ACL and authorization package 732.9k](/packages/nahid-permit) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)