PHPackages hypejunction/hypecapabilities - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. hypejunction/hypecapabilities AbandonedElgg-plugin[Authentication & Authorization](/categories/authentication) hypejunction/hypecapabilities ============================= Roles and capabilities API 1.2.0(7y ago)1301proprietaryPHPPHP >=7.0CI failing Since Mar 19Pushed today1 watchersCompare [ Source](https://github.com/hypeJunction/Elgg3-hypeCapabilities)[ Packagist](https://packagist.org/packages/hypejunction/hypecapabilities)[ Docs](http://hypejunction.com)[ RSS](/packages/hypejunction-hypecapabilities/feed)WikiDiscussions main Synced today READMEChangelog (3)Dependencies (1)Versions (4)Used By (0) hypeCapabilities ================ [](#hypecapabilities) [![Elgg 7.x](https://camo.githubusercontent.com/959475d1d91761b2e3ed85398ae1ebe9536a48c724e92bef53e7e2027c3d3627/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f456c67672d372e782d6f72616e67652e7376673f7374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/959475d1d91761b2e3ed85398ae1ebe9536a48c724e92bef53e7e2027c3d3627/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f456c67672d372e782d6f72616e67652e7376673f7374796c653d666c61742d737175617265) Capabilities and roles API Registering a role ------------------ [](#registering-a-role) ``` \hypeJunction->register('role_name'); ``` Assigning a role to a user -------------------------- [](#assigning-a-role-to-a-user) ``` // Site wide role elgg()->roles->assign('role_name', $user); // Group specific role elgg()->roles->assign('role_name', $user, $group); ``` Remove a role from a user ------------------------- [](#remove-a-role-from-a-user) ``` // Site wide role elgg()->roles->unassign('role_name', $user); // Group specific role elgg()->roles->unassign('role_name', $user, $group); ``` Configuring role permissions ---------------------------- [](#configuring-role-permissions) ### Creating entities of a specific type [](#creating-entities-of-a-specific-type) ``` // Prevent users with given role from creating entities of a given type elgg()->roles->role_name->onCreate('object', 'blog', Role::DENY); // Allow users to create entities of a given type regardless of context elgg()->roles->role_name->onCreate('object', 'blog', Role::ALLOW, Role::OVERRIDE); // Allow users to create entities of a given type if all other container permissins are met elgg()->roles->role_name->onCreate('object', 'blog', Role::ALLOW, Role::STACK); // Allow users to create entities when specific conditions are met // Only allow group blogs elgg()->roles->role_name->onCreate('object', 'blog', Role::DENY, function(\hypeJunction\Capabilities\Context $context) { $container = $context->getTarget(); if (!$container instanceof ElggGroup) { return Role::DENY; } }); ``` ### Update and delete permissions [](#update-and-delete-permissions) Similar to above, you can use `onUpdate` and `onDelete` methods; ### Granting administrative permissions [](#granting-administrative-permissions) Administrative permissions imply high-level administrative action on entities, e.g. approving a certain post after moderation. By default, core does not use this privilege level, but you can check if the user has admin permissions over an entity like so: ``` $params = [ 'entity' => $entity, 'user' => $user, ]; if (!elgg_trigger_plugin_hook('permissions_check:administer', "$entity->type:$entity->subtype", $params, false)) { // No permissions to approve throw new EntityPermissionsException(); } // Do something that requires high level permissions, e.g. $entity->published_status = 'published'; ``` Granting/denying admin permissions ``` // Prevent users with given role from creating entities of a given type // Allow moderator role to administer all blogs regardless of owner/container elgg()->roles->moderator->onAdminister('object', 'blog', Role::ALLOW, Role::OVERRIDE); // Allow users to create entities when specific conditions are met // Allow teacher to administer all group blogs elgg()->roles->teacher->canAdminister('object', 'blog', Role::ALLOW, function(\hypeJunction\Capabilities\Context $context) { $entity = $context->getTarget(); $actor = $context->getActor(); $container = $entity->getContainerEntity(); return $container->canEdit($actor->guid); }); ``` ### Routes [](#routes) You can allow/deny access to certain routes by route name ``` // Context parameter contain matched route elements // e.g. prevent access to user profile if users are not friends elgg()->roles->user->onRouteAccess('view:user', Role::DENY, function(\hypeJunction\Capabilities\Context $context) { $actor = $context->getActor(); $username = $context->getParam('username'); $user = get_user_by_username($username); if (!$actor || !$user instanceof ElggUser || !$actor->isFriendOf($user->guid)) { register_error('You must be friends to access user profiles'); return Role::DENY; } }); // Here is an example of how to prevent access to member pages to non-logged in users: elgg()->roles->guest->onRouteAccess('collection:user:user', Role::DENY); elgg()->roles->guest->onRouteAccess('collection:user:user:alpha', Role::DENY); elgg()->roles->guest->onRouteAccess('collection:user:user:newest', Role::DENY); elgg()->roles->guest->onRouteAccess('collection:user:user:online', Role::DENY); elgg()->roles->guest->onRouteAccess('collection:user:user:popular', Role::DENY); elgg()->roles->guest->onRouteAccess('search:user:user', Role::DENY); elgg()->roles->guest->onRouteAccess('view:user', Role::DENY); ``` ### Custom (component) capabilities [](#custom-component-capabilities) You can check and alter custom capabilities: ``` // Check a custom role elgg()->roles->can('read', 'discussions'); // Define how role responds to capability check elgg()->roles->guest->on('read', 'discussions', Role::DENY); // Override role response elgg_register_plugin_hook_handler('capability', 'read:discussions', function(Hook $hook) { }); ``` Compatibility ------------- [](#compatibility) Plugin versionElgg version7.0.07.x6.0.06.x5.0.05.x4.0.04.x ### Health Score 38 ↑ LowBetter than 85% of packages Maintenance65 Regular maintenance activity Popularity10 Limited adoption so far Community8 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~51 days Total 3 Last Release 2872d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/5071b1cd852e094b3f564962a625e04c227adc73af30c5b46b243ab8f20154a7?d=identicon)[hypeJunction](/maintainers/hypeJunction) --- Top Contributors [![hypeJunction](https://avatars.githubusercontent.com/u/1202761?v=4)](https://github.com/hypeJunction "hypeJunction (28 commits)") --- Tags elggelgg-pluginphppluginelggrolescapabilities ### Embed Badge ![Health badge](/badges/hypejunction-hypecapabilities/health.svg) ``` [![Health](https://phpackages.com/badges/hypejunction-hypecapabilities/health.svg)](https://phpackages.com/packages/hypejunction-hypecapabilities) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)