PHPackages piggly/php-capabilities-manager - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. piggly/php-capabilities-manager ActiveLibrary[Authentication & Authorization](/categories/authentication) piggly/php-capabilities-manager =============================== A simple object to manage capabilities by checking allowed operations. 1.0.1(5y ago)16MITPHPPHP ^7.2 || ^8.0 Since May 8Pushed 5y agoCompare [ Source](https://github.com/piggly-dev/php-capabilities-manager)[ Packagist](https://packagist.org/packages/piggly/php-capabilities-manager)[ Docs](https://github.com/piggly-dev/php-capabilities-manager)[ RSS](/packages/piggly-php-capabilities-manager/feed)WikiDiscussions master Synced 6d ago READMEChangelogDependencies (1)Versions (3)Used By (0) Capabilities Manager Library ============================ [](#capabilities-manager-library) [![Latest Version on Packagist](https://camo.githubusercontent.com/29a6f75260c5a4af73ecf7a41fbdda09cfaff1544e55c94f2f2a5fd2746ce8e3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f706967676c792f7068702d6361706162696c69746965732d6d616e616765722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/piggly/php-capabilities-manager) [![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE) The **Capability Manager** is a library which allows better controlling and checking for Capabilities and allowed operations to each Capability. How? ---- [](#how) It's a common practice to systems have some `scopes`, `roles` or even `permissions` and `capabilities` to Users or Clients. And often, they also attached to operations. This library assumes the following operations exists: OperationDescriptionreadCan only read resources.writeCan create and edit resources.deleteCan send a resource to trash.destroyCan permanently delete a resource.anyCan do any of all operations available.You can, of course, customize them by using`\Piggly\CapabilitiesManager\Enum\CapabilityOperations`class. Adding new operations with `add()` method, removing with `remove()` method and using `set()` method to a completely new `array` of operations. After, these operations can be attached to capabilities. For example, see below some capabilities samples: CapabilityDescriptionmanage\_optionsCan manages options.postsCan manages posts.commentsCan manages comments.pagesCan manages pages.> You can, if want or your system need, just ignore operations behavior and use only capabilities keys. This library can support it. If an user may be allowed to only read posts, his capabilities will be `posts:read`. We can achieve this in a smart and simple way: ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities(); $caps->add((new Capability())->setKey('posts')->add('read')); ``` What if the same user can also read/edit comments? ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities(); $caps ->add((new Capability())->setKey('posts')->add('read')) ->add((new Capability())->setKey('comments')->add('read', 'write')); ``` > Keep in mind `Capability` object does not care about care about operations order, which means `add('read', 'write')` is same as `add('write', 'read')`. Somehow, the same user can do any operations at `page` capability. So: ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities(); $caps ->add((new Capability())->setKey('posts')->add('read')) ->add((new Capability())->setKey('comments')->add('read', 'write')) ->add((new Capability())->setKey('pages')->allowAny(); ``` ### Capabitities Syntax [](#capabitities-syntax) But, there also a simple and compact way to add/create capabilities. By using the capability syntax, which is: `:,...,`. See below: ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities(); $caps ->add(new Capability('posts:read')) ->add(new Capability('comments:read,write')) ->add(new Capability('pages')); ``` Or even more compact by separating capabilities syntax with a space char: ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities('posts:read comments:read,write pages'); ``` If you don't attach operations at syntax, such as `page` above, capability syntax will allow the `any` operation to that capability. If you want to change this behaviour, you will need to send some default operations. ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; $caps = new Capabilities('posts:read comments:read,write pages', ['read']); ``` Now `pages` will only have `read` operation. > A `Capability` object will throw an `InvalidArgumentException` if something wrong with capability syntax. For example, if you create `comments:read,write,unknown`, an exception will be thrown because `unknown` is not a valid operation. And how it can help me? ----------------------- [](#and-how-it-can-help-me) After creating capabilities, you can a lot of things to them, such as: - Check if one `Capabilities` object has the exactly same capabilities and operations of another by using `isMatching()` method; - Check if one `Capabilities` object fits another by using `isFitting()` method; - Check if a capability and operation is allowed at `Capabilities` object with `isAllowed()` method; - Check if any of required operations for a capabitity is allowed at `Capabilities` object with `isAnyAllowed()` method; - Check if all of required operations for a capability is allowed at `Capabilities` object with `isAllAllowed()` method; - You can manage capabilities with `add()`, `merge()`, `remove()`, `removeMany()` and `get()` methods at `Capabilities` object; - You can `serialize` the `Capabilities` object, convert to `json`, convert to `array` or even to `string`. ### Real-world minimal example [](#real-world-minimal-example) ``` use Piggly\CapabilitiesManager\Capability; use Piggly\CapabilitiesManager\Capabilities; // Getting sent capabitities $caps = filter_input ( INPUT_POST, 'capabilities', FILTER_SANITIZE_STRING ); // Create capabilities try { $caps = new Capabilities($caps); } catch ( Exception $e ) { return 'You capability syntax is invalid.'; } // You can save this capabilities to user of many ways: $user->setCapabilities($caps->toJson())->save(); // json format $user->setCapabilities((string)$caps)->save(); // string format $user->setCapabilities(serialize($caps))->save(); // serialized format // ... soon, you can read accordingly $caps = (new Capabilities())->fromJson($user->getCapabilities()); // json format $caps = new Capabilities($user->getCapabilities()); // string format $caps = unserialize($user->getCapabilities()); // unserialized format // To better control user data, you have to do the User object manages Capabilities object: // Class below is a simple sample class User { // ... public function setCapabilities ( Capabilities $caps ) { $this->caps = $caps; } public function getCapabilities () : Capabilities { return $caps; } public function save () { // ... $this->caps = (string) $caps; DB::save($this); } public function load () { $data = DB::load($this); // ... $this->caps = new Capabilities($data['caps']); } } // ... then, user may try to access a middleware requiring some capability and operation $required_capability = 'posts'; $required_operation = 'read'; if ( !$caps->isAllowed($required_capability, $required_operation) ) { /** User cannot access it **/ } ``` `Capabilities` class is flexible and can achive many goals by managing users/clients capabitities at any kind of system. Changelog --------- [](#changelog) See the [CHANGELOG](CHANGELOG.md) file for information about all code changes. Testing the code ---------------- [](#testing-the-code) This library uses the PHPUnit. We carry out tests of all the main classes of this application. ``` vendor/bin/phpunit ``` Contributions ------------- [](#contributions) See the [CONTRIBUTING](CONTRIBUTING.md) file for information before submitting your contribution. Credits ------- [](#credits) - [Caique Araujo](https://github.com/caiquearaujo) - [All contributors](../../contributors) Support the project ------------------- [](#support-the-project) Piggly Studio is an agency located in Rio de Janeiro, Brazil. If you like this library and want to support this job, be free to donate any value to BTC wallet `3DNssbspq7dURaVQH6yBoYwW3PhsNs8dnK` ❤. License ------- [](#license) MIT License (MIT). See [LICENSE](LICENSE). ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community6 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 1835d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8e37ceaff3cd04951d33004f062082f01b41c9b2adf5b2c241429bbf12362a5b?d=identicon)[piggly](/maintainers/piggly) --- Top Contributors [![caiquearaujo](https://avatars.githubusercontent.com/u/23598990?v=4)](https://github.com/caiquearaujo "caiquearaujo (6 commits)") --- Tags managerpermissionsscopescapabilitiesoperationspiggly ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/piggly-php-capabilities-manager/health.svg) ``` [![Health](https://phpackages.com/badges/piggly-php-capabilities-manager/health.svg)](https://phpackages.com/packages/piggly-php-capabilities-manager) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[socialiteproviders/manager Easily add new or override built-in providers in Laravel Socialite. 42442.0M544](/packages/socialiteproviders-manager)[jeremykenedy/laravel-roles A Powerful package for handling roles and permissions in Laravel. Supports Laravel 5.3 up to 12. 1.0k826.8k7](/packages/jeremykenedy-laravel-roles)[pktharindu/nova-permissions Laravel Nova Grouped Permissions (ACL) 136387.1k](/packages/pktharindu-nova-permissions) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)