PHPackages skibish/simple-rest-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. skibish/simple-rest-acl ActiveLibrary[Authentication & Authorization](/categories/authentication) skibish/simple-rest-acl ======================= The simplest REST ACL, yet. 1.0.0(9y ago)21.9kMITPHPPHP >=5.5.9 Since Apr 14Pushed 9y ago2 watchersCompare [ Source](https://github.com/skibish/simple-rest-acl)[ Packagist](https://packagist.org/packages/skibish/simple-rest-acl)[ RSS](/packages/skibish-simple-rest-acl/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (4)Dependencies (5)Versions (7)Used By (0) Simple REST ACL =============== [](#simple-rest-acl) > Simplest ACL build, ever. [![Build Status](https://camo.githubusercontent.com/249bbfd597510082912a1d536c722f4d958ffbd42e4eeebbfb50622744a672df/68747470733a2f2f7472617669732d63692e6f72672f736b69626973682f73696d706c652d726573742d61636c2e737667)](https://travis-ci.org/skibish/simple-rest-acl)[![Latest Stable Version](https://camo.githubusercontent.com/8d29fe2ac6674f414aced1b1c10dad979a003088d1b07a4a3aac7c99de3f4004/68747470733a2f2f706f7365722e707567782e6f72672f736b69626973682f73696d706c652d726573742d61636c2f762f737461626c652e737667)](https://packagist.org/packages/skibish/simple-rest-acl)[![Total Downloads](https://camo.githubusercontent.com/5e5e24892893a75c2a0d27f75c5309911264f971294d3d363a62aa28b61c9bed/68747470733a2f2f706f7365722e707567782e6f72672f736b69626973682f73696d706c652d726573742d61636c2f646f776e6c6f6164732e737667)](https://packagist.org/packages/skibish/simple-rest-acl)[![Coverage Status](https://camo.githubusercontent.com/bbe6c8d5bb1d40d4dc86d8d4a1399a71e7a5b9ea5d38535fa8bbabb0dc286ed3/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f736b69626973682f73696d706c652d726573742d61636c2f62616467652e737667)](https://coveralls.io/r/skibish/simple-rest-acl)[![License](https://camo.githubusercontent.com/0fa232c4b0294a2641dd72760ddedde7bf8dd43b89976d20b688f8590407370b/68747470733a2f2f706f7365722e707567782e6f72672f736b69626973682f73696d706c652d726573742d61636c2f6c6963656e73652e737667)](https://packagist.org/packages/skibish/simple-rest-acl) How to install -------------- [](#how-to-install) Run `composer require skibish/simple-rest-acl` Idea and motivation ------------------- [](#idea-and-motivation) Configure ACL by routes and methods as simply as possible. How to use it ------------- [](#how-to-use-it) First, you will need to create `acl.yml` file. Which can look like this: ``` /users: roles: ['role1' ,'role2' ,'role3'] GET: ['role1' ,'role2'] POST: all PUT: none ``` In your code you start ACL as follows: ``` $availableListOfRolesToUser = ['role1' ,'role2' ,'role3']; $httpMethod = $_SERVER['REQUEST_METHOD']; $uri = $_SERVER['REQUEST_URI']; $acl = new \Skibish\SimpleRestAcl\ACL(__DIR__ . '/config/acl.yml', new \Skibish\SimpleRestAcl\Validator($availableListOfRolesToUser)); $acl->got($httpMethod, $uri)->verify(); ``` And you are ready to go! acl.yml file configuration -------------------------- [](#aclyml-file-configuration) File has following possibilities: ``` /users: # route as for resource or regex (see explanation below). roles: # array of roles available for current resource or 'public' string (mandatory). type: # 'resource' (default, see explanation below) or 'strict' string. If strict is set - only if route is matched it will check methods. GET: ['role1' ,'role2'] # method and array of roles that can access it POST: all # or string, that all roles defined in 'roles' will apply for current method PUT: none # or this route is not accessible with any role by current method DELETE: ['role3'] ``` Better way to understand thing is using examples. Examples -------- [](#examples) ### Example #1 [](#example-1) Assume, we have following configuration: ``` /photos: roles: ['role1' ,'role2' ,'role3'] GET: ['role1' ,'role2'] POST: all PUT: none ``` And we have request `GET /photos/12` and available role is `role1`. It will match, because default `type` is `resource`. If `type` is `resource` it will match following routes: - /photos - /photos/new - /photos/{id} - /photos/{id}/edit - /photos/{id} And in `GET` we specified array of two roles `role1` and `role2`. Available role is `role1` and it is in array. So, method `verify()` in this case will return `true`. ### Example #2 [](#example-2) Assume, we have following configuration: ``` /strict/{route:\d+}: type: strict roles: [1, 2, 3] GET: [1] ``` Behind the scenes ACL uses [nikic/FastRoute](http://github.com/nikic/FastRoute) to match the routes. Thus you can use regex in route definition. But in this case **don't forget** to set `type` to `strict`. In this case only routes that have digit after `/strict` part will match. If we pass `GET /strict/foo`, method `verify()` will return `false`. If `GET /strict/42` - it will be `true`. Options ------- [](#options) Third parameter in `ACL` constructor is array of options. Currently there are two options: - `cacheFile` - path to cache file. Example: `__DIR__.'/cache/acl-cache.php'`. This configuration will cache your configuration. If you need to update cache, just delete the cache file. - `resourceRegex` - regex for `type` `resource`. By default regex is `[/{id:\d+|new}[/edit]]`. If you want it to match [RESTful Resource Controllers](https://laravel.com/docs/5.1/controllers#restful-resource-controllers), as example, overwrite this option with `[/{id:\d+|create}[/edit]]`. Code snippet: ``` $availableListOfRolesToUser = ['role1' ,'role2' ,'role3']; $httpMethod = $_SERVER['REQUEST_METHOD']; $uri = $_SERVER['REQUEST_URI']; $acl = new \Skibish\SimpleRestAcl\ACL(__DIR__ . '/config/acl.yml', new \Skibish\SimpleRestAcl\Validator($availableListOfRolesToUser, [ 'cacheFile' => __DIR__ . '/cache/acl-cache.php', 'resourceRegex' => '[/{id:\d+|create}[/edit]]', ])); $acl->got($httpMethod, $uri)->verify(); ``` Logging ------- [](#logging) If you need to log something from this library, you can use `PSR-3` compatible loggers. ``` $availableListOfRolesToUser = ['role1' ,'role2' ,'role3']; $httpMethod = $_SERVER['REQUEST_METHOD']; $uri = $_SERVER['REQUEST_URI']; $acl = new \Skibish\SimpleRestAcl\ACL(__DIR__ . '/config/acl.yml', new \Skibish\SimpleRestAcl\Validator($availableListOfRolesToUser)); $acl->setLogger(new Logger()); $acl->got($httpMethod, $uri)->verify(); ``` Missing roles ------------- [](#missing-roles) If you need to know, what roles are missing, use `$acl->getMissingRoles()`. It will return array of missing roles. Contribution ============ [](#contribution) If you see, that something can be improved, feel free to submit a pull request. ### Health Score 30 — LowBetter than 64% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity18 Limited adoption so far Community8 Small or concentrated contributor base Maturity62 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~87 days Recently: every ~108 days Total 6 Last Release 3617d ago Major Versions 0.1.4 → 1.0.02016-06-22 PHP version history (2 changes)0.1.0PHP >=5.4.0 1.0.0PHP >=5.5.9 ### Community Maintainers ![](https://www.gravatar.com/avatar/481c2468a6756626b9157e691c6e14572b2f04a1804c09420101f002be053e4d?d=identicon)[skibish](/maintainers/skibish) --- Top Contributors [![skibish](https://avatars.githubusercontent.com/u/5479211?v=4)](https://github.com/skibish "skibish (6 commits)") --- Tags aclphprestrest-acl ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/skibish-simple-rest-acl/health.svg) ``` [![Health](https://phpackages.com/badges/skibish-simple-rest-acl/health.svg)](https://phpackages.com/packages/skibish-simple-rest-acl) ``` ### Alternatives [simplesamlphp/simplesamlphp A PHP implementation of a SAML 2.0 service provider and identity provider. 1.1k12.4M193](/packages/simplesamlphp-simplesamlphp)[litesaml/lightsaml SAML 2.0 PHP library 1055.5M18](/packages/litesaml-lightsaml)[web-auth/webauthn-framework FIDO2/Webauthn library for PHP and Symfony Bundle. 50570.7k1](/packages/web-auth-webauthn-framework)[trebol/entrust This package provides a flexible way to add role-based permissions to Laravel and is a fork from Zizaco/entrust 1572.1k](/packages/trebol-entrust) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)