PHPackages psbits/acl-deployment - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [DevOps & Deployment](/categories/devops) 4. / 5. psbits/acl-deployment ActiveTypo3-cms-extension[DevOps & Deployment](/categories/devops) psbits/acl-deployment ===================== Versioning and deployment of users, user groups and their privileges 2.0.1(5mo ago)2820↓50%GPL-3.0-or-laterPHPPHP ^8.3 Since Apr 4Pushed 5mo ago1 watchersCompare [ Source](https://github.com/phantasie-schmiede/acl-deployment)[ Packagist](https://packagist.org/packages/psbits/acl-deployment)[ RSS](/packages/psbits-acl-deployment/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (2)Versions (11)Used By (0) PSBits ACL Deployment ===================== [](#psbits-acl-deployment) Optimized import from (or export to) JSON of TYPO3 users and user groups ------------------------------------------------------------------------ [](#optimized-import-from-or-export-to-json-of-typo3-users-and-user-groups) --- The file format used here offers better readability and maintainability than simple database dumps. You can split user data into multiple files (e.g. one for backend and one for fronent) and define default values as well es variables for often used configurations to keep the files small and easy to read. --- - [What does it do?](#what-does-it-do) - [Why should you use it?](#why-should-you-use-it) - [How it works](#how-it-works) - [Export](#export) - [Default values](#default-values) - [Variables](#variables) - [Page tree access (be\_groups only!)](#page-tree-access-be_groups-only) - [File imports](#file-imports) - [Deployment](#deployment) ### What does it do? [](#what-does-it-do) This package is an extension for TYPO3 CMS that provides a way to manage user configuration on a file basis instead of using the database as the primary system. You can edit the JSON files directly or use the TYPO3 backend to edit the users and groups as usual. The data can be exported to JSON via the command line. Tables supported: - be\_groups - be\_users - fe\_groups - fe\_users - pages (perms\_groupid only) - sys\_filemounts **IMPORTANT!** No sensitive data (passwords, mfa configuration, etc.) will be exported. ### Why should you use it? [](#why-should-you-use-it) This package was created to - deploy user configuration to different environments (e.g. staging, production) in a consistent and reliable way - apply the benefits of version control to non-sensitive user data ### How it works [](#how-it-works) #### Export [](#export) It's a good idea to first export the current user configuration. ``` ./vendor/bin/typo3 aclDeployment:deploy ./path/to/your/configuration.json ``` ArgumentDescriptionExample`filename`target path and filename relative to web root or starting with `EXT:``EXT:my_extension/Configuration/aclDeployment.json`Shortened example output (comments are not part of the JSON, of course, but are added here for helpful explanations): ``` { "be_groups": { // table name "_default": { "pid": 0 }, "_variables": { }, "Advanced editor": { // The key is used as title and must be unique obviously. Providing a title inside this record would have no effect. "non_exclude_fields": "pages:backend_layout_next_level,pages:backend_layout,pages:description,pages:media,", "subgroup": [ // Groups are referenced by their title. "Basic editor", "Root page" ] }, "Basic editor": { "tables_modify": "pages,tt_content", "tables_select": "pages,tt_content", "subgroup": [ "News page" ] }, // special groups only for access rights to the page tree "News page": { "_pageTreeAccess": 5 // This group allows access to the page with UID 5 and all pages below unless another group is specified. }, "Root page": { "_pageTreeAccess": 1, "subgroup": [ "News page" ] } }, "be_users": { // table name "_default": { "lang": "default", "pid": 0 }, "_variables": { }, "jadoe": { // The key is used as username and must be unique obviously. Providing a username inside this record would have no effect. "groups": [ // Groups are referenced by their title. "Basic editor", "Another group" ], "name": "Jane Doe" }, "jodoe": { "groups": [ "Advanced editor" ], "name": "John Doe" } } } ``` As can be seen in the example, **no UIDs are used in the configuration!** The commands will resolve the UIDs of the groups, users and filemounts automatically. This is done by looking up the title and replacing it with the UID (and vice versa). This way, you don't have to worry about keeping the UIDs in sync and searching the JSON file for references is easier. #### Default values [](#default-values) The ExortCommand defines sets of default values for each table. These defaults are written to "\_default" in the JSON file. Only the values that are different from that need to be specified in the single records. #### Variables [](#variables) The "\_variables" section is used to define variables that can be used in the configuration. This is useful for values that are used multiple times in the configuration, for example, if you have a set of groups or a description that is used for multiple users. Variables are referenced by their name, e.g. `@myVariable`. The value of a variable is used, when the value of a field matches it **exactly**. Example: ``` { "be_groups": { "_variables": { "@myVariable": "This is a description." }, "Content Editor": { "description": "@myVariable" // Variable will be replaced. } "SEO Editor": { "description": "@myVariable, some other description" // Variable will not be replaced! } } } ``` You do not have to use the "@" sign, but it is recommended to keep to a naming convention to avoid confusion with other values. #### Page tree access (be\_groups only!) [](#page-tree-access-be_groups-only) The "\_pageTreeAccess" property is used to define access to the page tree. The value is the UID of the page that the group should have access to. This will set the `perms_groupid` field of the page. The value can be a single UID, an array or a comma-separated list of UIDs. The perms\_groupid will be inherited by all child pages, unless they have a different value set. If a child page has a different value set, all pages above it in the tree will receive visibility for everybody, so that the users can see the rootline of the page. **Important:** The deploy command will update the TSconfig field of page records and synchronize the property `TCEMAIN.permissions.groupid` with the values of \_pageTreeAccess. This is necessary to ensure that newly created pages will inherit the correct permissions from the parent page. If a page has no \_pageTreeAccess value set, the `TCEMAIN.permissions.groupid` will be removed from the TSconfig field if it was set before! #### File imports [](#file-imports) There is a special property named *"files"* on the first level that can be used to split the configuration into multiple files. This might be useful when dealing with a lot of records. The files will be imported in the given order and merged into one configuration. If a field value of a record is defined in multiple files, the last definition will be used. Example: ``` { "files": [ "EXT:my_extension/Configuration/UserDeployment/backend.json", "EXT:my_extension/Configuration/UserDeployment/frontend.json" ], } ``` #### Deployment [](#deployment) The configuration can be deployed to the database via the command line: ``` ./vendor/bin/typo3 aclDeployment:deploy --dry-run --remove ./path/to/your/configuration.json ``` OptionShortDescription`--dry-run``-d`Only show what would be done, but do not execute the changes.`--remove``-x`Remove all records (soft delete) that are not in the configuration file.**Steps:** 1. Check if "files" is defined. If so, load the additional files and merge them into one configuration. 2. Iterate over the given tables and records. 3. Get the default values for the table and merge them with the record values. If a field is not defined in the record, the default value will be used. 4. Look for variable references and replace them with the actual values. 5. Resolve group references and replace them with the actual UIDs. 6. Check if the record already exists in the database. 1. If it does, update the record with the new values. 2. If it does not, create a new record with the given values. 7. If the `--remove` option is set, remove all records that are not in the configuration file. This will only soft delete the records, so they can be restored later if needed. ### Health Score 43 — FairBetter than 91% of packages Maintenance73 Regular maintenance activity Popularity21 Limited adoption so far Community7 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~28 days Recently: every ~59 days Total 10 Last Release 151d ago Major Versions 1.1.5 → 2.0.02025-06-26 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/81441019?v=4)[psbits](/maintainers/psbits)[@psbits](https://github.com/psbits) --- Top Contributors [![phantasie-schmiede](https://avatars.githubusercontent.com/u/82803710?v=4)](https://github.com/phantasie-schmiede "phantasie-schmiede (2 commits)") --- Tags typo3-extensionconfigurationtypo3deployment ### Embed Badge ![Health badge](/badges/psbits-acl-deployment/health.svg) ``` [![Health](https://phpackages.com/badges/psbits-acl-deployment/health.svg)](https://phpackages.com/packages/psbits-acl-deployment) ``` ### Alternatives [timokoerber/laravel-one-time-operations Run operations once after deployment - just like you do it with migrations! 6481.7M11](/packages/timokoerber-laravel-one-time-operations)[andres-montanez/magallanes The Deployment Tool for PHP Applications 6901.1M6](/packages/andres-montanez-magallanes)[dg/ftp-deployment A tool for automated deployment of web applications to an FTP server. 615845.5k8](/packages/dg-ftp-deployment)[jalogut/magento2-deployer-plus Magento 2 deployment tool based on deployer.org 201415.5k](/packages/jalogut-magento2-deployer-plus)[in2code/in2publish_core Content publishing extension to connect stage and production server 40135.8k](/packages/in2code-in2publish-core)[sourcebroker/deployer-extended-typo3 Customisation for `sourcebroker/deployer-typo3-\*` stack 38201.6k2](/packages/sourcebroker-deployer-extended-typo3) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)