PHPackages imarc/auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. imarc/auth ActiveLibrary[Authentication & Authorization](/categories/authentication) imarc/auth ========== RBAC and ACLs 1.4.2(7y ago)411.0k↓20.4%21MITPHPPHP >=5.4.0 Since Feb 20Pushed 2y ago3 watchersCompare [ Source](https://github.com/imarc/auth)[ Packagist](https://packagist.org/packages/imarc/auth)[ RSS](/packages/imarc-auth/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (2)Versions (20)Used By (1) Imarc's RBAC and ACL Authorization ================================== [](#imarcs-rbac-and-acl-authorization) This project combines more traditional RBAC methods with user centric and dynamic overrides for a nice middle ground. It allows you to define a role based access control list as well as create entity or model level instance overrides and dynamic logic for more complex checks. ACLs ---- [](#acls) ### Creating an ACL [](#creating-an-acl) ``` $acl = new Auth\ACL(); ``` ### Adding a Role Access [](#adding-a-role-access) - First parameter is the name of the role (case insenstive) - Second parameter is a class of objects or string (case insenstive) - Third parameter is array of allowed actions ``` $acl->allow('Admin', 'User', ['create', 'read', 'update', 'delete']); ``` ### Aliasing Access [](#aliasing-access) ``` $acl->alias('manage', ['create', 'read', 'update', 'delete']); ``` ### Adding Using Alias [](#adding-using-alias) ``` $acl->allow('Admin', 'Article', ['manage']); ``` Authorization Manager --------------------- [](#authorization-manager) You can create an authorization manager for your authorized user. The object you pass to the constructor must implement the `Auth\EntityInterface` which contains two methods: - getRoles() - returns an array of all the roles the object/entity contains - getPermissions() - returns user specific ACLs which overload roles ### Creating the Manager [](#creating-the-manager) ``` $manager = new Auth\Manager($user); ``` ### Adding an ACL [](#adding-an-acl) ``` $manager->add($acl) ``` ### Checking the Managed Entity's Role [](#checking-the-managed-entitys-role) ``` $manager->is('Admin'); ``` ### Checking the Managed Entity's Effective Permission [](#checking-the-managed-entitys-effective-permission) ``` $manager->can('create', 'Article'); ``` Or with an object of matching class: ``` $manager->can('create', $article); ``` #### Checking Entities Implementing AuthInterface [](#checking-entities-implementing-authinterface) The `AuthInterface` provides a way in which entities can provide custom logic to authorize managed entities against themselves. Using the previous example: ``` $manager->can('create', $article); ``` If the `$article` parameter is an object implementing `AuthInterface` the manager will call the `can()` method on it passing the manager instance as the first parameter, and the permission which is being checked as the second. The article can then do something such as the following: ``` public function can(Manager $manager, $permission) { if ($manager->has($permission, $this)) { return TRUE; } return $manager->entity == $this->getOwner(); } ``` In this example the entity checks to see if its owner is the managed entity to provide permission for any action which is not otherwise granted. #### Code Check and Testing [](#code-check-and-testing) Run Analysis: ``` php vendor/bin/phpstan -l7 analyse src/ ``` Run Tests: ``` php vendor/bin/phpunit --bootstrap vendor/autoload.php test/cases ``` ### Health Score 36 — LowBetter than 82% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity29 Limited adoption so far Community12 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~175 days Total 19 Last Release 942d ago Major Versions 1.4.2 → 2.0-beta12019-07-22 PHP version history (2 changes)1.0.0PHP >=5.4.0 2.0-beta1PHP >=7.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/4ab2b91daf2aa6e4c7f98f785a3135daa3e9998bd7021d89df05a374e28ecde5?d=identicon)[mattsah](/maintainers/mattsah) --- Top Contributors [![mattsah](https://avatars.githubusercontent.com/u/586346?v=4)](https://github.com/mattsah "mattsah (20 commits)") --- Tags authaclrbac ### Embed Badge ![Health badge](/badges/imarc-auth/health.svg) ``` [![Health](https://phpackages.com/badges/imarc-auth/health.svg)](https://phpackages.com/packages/imarc-auth) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[zizaco/entrust This package provides a flexible way to add Role-based Permissions to Laravel. Supports laravel 5|6|7|8 6.0k5.3M61](/packages/zizaco-entrust)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[casbin/casbin a powerful and efficient open-source access control library for php projects. 1.3k1.4M54](/packages/casbin-casbin)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)