PHPackages myclabs/acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. myclabs/acl ActiveLibrary[Database & ORM](/categories/database) myclabs/acl =========== ACL library for Doctrine 1.2(11y ago)1013.6k8[2 issues](https://github.com/myclabs/ACL/issues)MITPHPPHP >=5.4.0 Since Mar 11Pushed 10y ago8 watchersCompare [ Source](https://github.com/myclabs/ACL)[ Packagist](https://packagist.org/packages/myclabs/acl)[ Docs](https://github.com/myclabs/ACL)[ RSS](/packages/myclabs-acl/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (1)Versions (19)Used By (0) currentMenu introduction **MyCLabs ACL is a library that helps managing permissions on your model.** [![Build Status](https://camo.githubusercontent.com/fdf8713ae7d1abb3b8702ccf6478af21d4f03b31bf81d388db0f6cb1f36b314c/68747470733a2f2f7472617669732d63692e6f72672f6d79636c6162732f41434c2e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/myclabs/ACL)[![Coverage Status](https://camo.githubusercontent.com/41f79133e3e0c2dcf981d296eac426a12a92a126a12fce6ab94a6b983ca5a9dd/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6d79636c6162732f41434c2f62616467652e706e67)](https://coveralls.io/r/myclabs/ACL)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/cdb80763b5590c12bd629a2c65c77b5b5d710c1685076d012caf1c4a36687aab/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6d79636c6162732f41434c2f6261646765732f7175616c6974792d73636f72652e706e673f733d32393937656334636235373063316366656635323064353431646161633835333532376431373365)](https://scrutinizer-ci.com/g/myclabs/ACL/)[![Latest Stable Version](https://camo.githubusercontent.com/32920a2355fb9dc6eb3f876eaf6585c614d6e980fb8fd89d2824680fc0b4b720/68747470733a2f2f706f7365722e707567782e6f72672f6d79636c6162732f61636c2f762f737461626c652e706e67)](https://packagist.org/packages/myclabs/acl)[![Total Downloads](https://camo.githubusercontent.com/cc664f33ca15db7cf6084d0dc8e288505837cbb859931008eb6e6c9b08f6da9e/68747470733a2f2f706f7365722e707567782e6f72672f6d79636c6162732f61636c2f646f776e6c6f6164732e706e67)](https://packagist.org/packages/myclabs/acl)[![License](https://camo.githubusercontent.com/bde116d72dab294c1e62217cdd182908bd45bdf2c12c326f6b10963d369767ab/68747470733a2f2f706f7365722e707567782e6f72672f6d79636c6162732f61636c2f6c6963656e73652e706e67)](https://packagist.org/packages/myclabs/acl) It is different from other ACL libraries in that it focuses on controlling access to your model classes (Doctrine entities). As such, you access control model follows your real model, which makes it possible to have access in cascade easily (e.g. if you can access a category, you can also access all the sub-categories it contains). It is also optimized as much as possible: authorizations are stored in database in a way to allow very efficient filtering at the SQL level through Doctrine queries (you can load only the objects a user can access). No other ACL system that we know of allows this. Requirements: - PHP 5.4 - Use Doctrine as the ORM for your model - Doctrine 2.5 (currently in beta) Vocabulary: - **Security identity**: the entity which will be granted some access (this is generally the user) - **Resource**: a *thing* to which we want to control the access - **Authorization**: allows a security identity (user) to do something on a resource - **Role**: a role gives authorizations to a user (e.g. an administrator, an article editor, a project owner, …) There are 2 kinds of resources: - an entity (example: article #123) - all entities of a given type (example: all articles), which is represented by the classname of the entity Overview -------- [](#overview) We hate being lost and confused, so everything you have to do with ACL is done on the ACL service. You can start by creating it: ``` // full configuration shown in the documentation $acl = new ACL($entityManager); ``` You give permissions to a user by adding it a role: ``` $acl->grant($user, new ArticleEditorRole($user, $article)); ``` Roles are classes that you write and which define the permissions a user has on a resource. You remove permissions to a user by removing the role: ``` $acl->revoke($user, $role); ``` Test permissions: ``` $acl->isAllowed($user, Actions::EDIT, $article); ``` You can also filter your queries to get only the entities the user has access to: ``` $qb = $entityManager->createQueryBuilder(); $qb->select('article')->from('Model\Article', 'article'); ACLQueryHelper::joinACL($qb, $user, Actions::EDIT); // This query will return only the articles the user can edit $articles = $qb->getQuery()->getResult(); ``` ### Features [](#features) - stored in database (you don't need to handle persistence yourself) - extremely optimized: - filters queries at database level (you don't load entities the user can't access) - joins with only 1 extra table - bypasses Doctrine's ORM to insert authorizations in database (fast and efficient) - cascade delete at database level - authorization cascading/inheritance - authorizations are rebuildable: you can change what an "ArticleEditor" can do afterwards and just rebuild the ACL - supports your custom actions on top of standard actions like "view", "edit", "delete", … ### Limitations [](#limitations) - because of Doctrine limitations you need to flush your resources before giving or testing authorizations - backed up by the database: testing `isAllowed` means one call to the database ### Health Score 39 — LowBetter than 86% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity36 Limited adoption so far Community19 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 92.7% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~11 days Total 15 Last Release 4286d ago Major Versions 0.4.2 → 1.0.02014-04-29 ### Community Maintainers ![](https://www.gravatar.com/avatar/329a6111724074f5388e95dd41a03ccf3c43f4bfe1ecf27c94c9efc6f7823228?d=identicon)[mnapoli](/maintainers/mnapoli) ![](https://www.gravatar.com/avatar/8220feb8a3d9f1df987987c33494da696aca6929179a6281cdbe45623fcbec0f?d=identicon)[myclabs](/maintainers/myclabs) --- Top Contributors [![mnapoli](https://avatars.githubusercontent.com/u/720328?v=4)](https://github.com/mnapoli "mnapoli (115 commits)")[![valentin-claras](https://avatars.githubusercontent.com/u/4446791?v=4)](https://github.com/valentin-claras "valentin-claras (6 commits)")[![benjaminbertin](https://avatars.githubusercontent.com/u/5364027?v=4)](https://github.com/benjaminbertin "benjaminbertin (2 commits)")[![jdreesen](https://avatars.githubusercontent.com/u/424602?v=4)](https://github.com/jdreesen "jdreesen (1 commits)") --- Tags doctrineaclpermission ### Embed Badge ![Health badge](/badges/myclabs-acl/health.svg) ``` [![Health](https://phpackages.com/badges/myclabs-acl/health.svg)](https://phpackages.com/packages/myclabs-acl) ``` ### Alternatives [scienta/doctrine-json-functions A set of extensions to Doctrine that add support for json query functions. 58523.9M36](/packages/scienta-doctrine-json-functions)[laravel-doctrine/orm An integration library for Laravel and Doctrine ORM 8425.3M87](/packages/laravel-doctrine-orm)[damienharper/auditor-bundle Integrate auditor library in your Symfony projects. 4542.8M](/packages/damienharper-auditor-bundle)[mostafamaklad/laravel-permission-mongodb Permission handling for Laravel 5.2 and up using mongodb 113220.0k2](/packages/mostafamaklad-laravel-permission-mongodb)[laravel-doctrine/acl ACL for Laravel and Doctrine 44445.3k7](/packages/laravel-doctrine-acl)[rcsofttech/audit-trail-bundle Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking. 1022.4k](/packages/rcsofttech-audit-trail-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)