PHPackages                             managur/rick-role - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. managur/rick-role

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

managur/rick-role
=================

The Role Based Access Control library that's never gonna give you up, never gonna let you down, never run around and desert you

0.1.0(9mo ago)22MITPHPPHP ^8.4

Since Aug 10Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/managur/rick-role)[ Packagist](https://packagist.org/packages/managur/rick-role)[ RSS](/packages/managur-rick-role/feed)WikiDiscussions development Synced 1mo ago

READMEChangelog (1)Dependencies (16)Versions (3)Used By (0)

[![Managur](https://camo.githubusercontent.com/f0d41dae67813db0b9a70ac2048149e11bf0597087ceacc40ac8a6b75eeebc5d/68747470733a2f2f7374617469632e6d616e616775722e636f6d2f696d616765732f6d616e616775725f6c6f676f2e706e67)](https://camo.githubusercontent.com/f0d41dae67813db0b9a70ac2048149e11bf0597087ceacc40ac8a6b75eeebc5d/68747470733a2f2f7374617469632e6d616e616775722e636f6d2f696d616765732f6d616e616775725f6c6f676f2e706e67)
Rick-Role
==========================================================================================================================================================================================================================================================================================================================================================================================================================================

[](#rick-role)

> The Role Based Access Control library that's never gonna give you up, never gonna let you down, never run around and desert you

[![PHP Version](https://camo.githubusercontent.com/504ead6a583c68d8d62d7bfceed24e569ca613d7a36bed380281b3455b5c7b31/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253545382e342d626c7565)](https://php.net)[![License](https://camo.githubusercontent.com/f8df3091bbe1149f398a5369b2c39e896766f9f6efba3477c63e9b4aa940ef14/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d677265656e)](LICENSE)

What is Rick-Role?
------------------

[](#what-is-rick-role)

Rick-Role is a powerful, flexible Role Based Access Control (RBAC) library for PHP 8.4+ that provides a robust permission system through a voter-based architecture. It allows you to define complex permission rules whilst maintaining simplicity and performance.

### Core Concepts

[](#core-concepts)

**RBAC Fundamentals**: In Rick-Role, roles are containers that hold permissions. User IDs are assigned roles, and through those roles, users gain access to specific permissions. Rick-Role does not store or manage user profile data—only the mapping of user IDs to roles and the permissions those roles grant. All user information (name, email, etc.) is managed by your application's own user system or IdP.

**Voter Architecture**: While simple permission checks are supported, Rick-Role offers you the opportunity to utilise a stack of "voters" that each make decisions about permissions. Each voter can allow, deny, or abstain from a decision. The final result is determined by a configurable strategy.

**Voting Strategies**: Rick-Role supports two strategies for combining voter decisions out of the box:

- **DenyWinsStrategy** (default): Deny decisions override allow decisions
- **AllowWinsStrategy**: Allow decisions override deny decisions

**Hierarchical Roles**: Rick-Role supports hierarchical roles where one role can extend another role to inherit its permissions. This allows you to create specialised roles that build upon existing ones. When evaluating access, permissions from direct and inherited roles are pooled, and the configured strategy (DenyWins or AllowWins) determines the outcome when there are conflicts.

### Attribute Based Access Control (ABAC)

[](#attribute-based-access-control-abac)

Whilst Rick-Role is a Role Based Access Control system at its core, the voter system allows decisions to be made based on other attributes, such as object state. This is implemented via your own voters which vote based not on whether a user has a given permission, but based on the subject passed in through the `$onThis` parameter.

Installation &amp; Requirements
-------------------------------

[](#installation--requirements)

### Requirements

[](#requirements)

- PHP 8.4+
- Composer

### Installation

[](#installation)

Install Rick-Role via Composer:

```
composer require managur/rick-role
```

Quick Start
-----------

[](#quick-start)

Here's a minimal example to get you started using a SQLite database:

```