PHPackages                             spareparts/overseer - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. spareparts/overseer

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

spareparts/overseer
===================

Attribute-based authorization manager.

v0.1.1(6y ago)322.5k2MITPHPPHP &gt;=5.5.0CI failing

Since Jan 9Pushed 6y ago1 watchersCompare

[ Source](https://github.com/SpareParts/Overseer)[ Packagist](https://packagist.org/packages/spareparts/overseer)[ RSS](/packages/spareparts-overseer/feed)WikiDiscussions master Synced yesterday

READMEChangelog (2)Dependencies (3)Versions (3)Used By (0)

Overseer
========

[](#overseer)

Action-based authorization manager

Quick disclaimer: This is pretty much a work in progress. At this point this is more of a "proof-of-concept" than working code. Though the logic is sound and I fully intend to finish this into an awesome 1.0 release.

[![Build Status](https://camo.githubusercontent.com/c0d2afb7460a05a4ffaed60aea87b707a62ea203b416ed9c1cbad9b953a9d8c1/68747470733a2f2f7472617669732d63692e6f72672f537061726550617274732f4f766572736565722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/SpareParts/Overseer)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/b0603d256e3d5b7cf9b6b1cb743af867fdafea8a29c638f1a2d8edb0787b211b/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f537061726550617274732f4f766572736565722f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/SpareParts/Overseer/?branch=master)[![Build Status](https://camo.githubusercontent.com/ebf24636eeabe7c4fcc67463eec446051af19a6dafa12e4d8fd411781339536d/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f537061726550617274732f4f766572736565722f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/SpareParts/Overseer/build-status/master)[![Code Coverage](https://camo.githubusercontent.com/141a0473833d1ac946d6fb5e57fda5bbada1fdf360c5680a739fde468b2bbaec/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f537061726550617274732f4f766572736565722f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/SpareParts/Overseer/?branch=master)

What is this and why should I care?
-----------------------------------

[](#what-is-this-and-why-should-i-care)

Overseer is an "action-based" auth manager, meaning it is based on authorizing possible "actions" (such as read, edit, delete, etc.) with given "subject" (such as Article, Product, Category etc.).

Overseer focuses on decoupling auth logic from the rest of the application. When solving problems as "user that is the owner of this product can edit it" other auth managers tend to wire the logic directly into the said product class or pile all possible actions (read, write, delete, ...) into one big method. Either way it breaks S of the SOLID principles (single responsibility principle) and that's where Overseer jumps in.

Basic building stones of Overseer are "voting assemblies", consisting of "voters". Each combination of action and subject can have (doesn't have to, though) its own voting assembly, thus separating concerns and responsibilities involved.

Installation
------------

[](#installation)

### Composer

[](#composer)

This is how we do it, boys.

```
composer require spareparts/overseer

```

Basic usage
-----------

[](#basic-usage)

Let's imagine we have an article site, and we want to make sure the admin can read the article always, while its author only unless it's not banned.

This is how we create the voting assembly for this specific subject and action. It contains four voters,

```
$assembly = new VotingAssembly(
	$subjectName = 'article',
	$actionName = 'read',
	$strategy = StrategyEnum::FIRST_VOTE_DECIDES(),
	$voters = [
		new RoleVoter(VotingDecisionEnum::ALLOWED(), 'admin'),
		new ClosureVoter(function (DummyArticle $article, IdentityContext $context) {
			// allow the owner to edit
			if ($subject->ownerId === $context->getId()) {
				return new SingleVoterResult(VotingDecisionEnum::ALLOWED());
			}
			return null;
		}),
		new ClosureVoter(function (DummyArticle $article) {
			// deny access if the article is banned
			if ($subject->isBanned()) {
				return new SingleVoterResult(VotingDecisionEnum::ALLOWED());
			}
			return null;
		}),
		new RoleVoter(VotingDecisionEnum::ALLOWED(), 'user'),
	]
);

$authorizationManager = new GenericVotingManager([
	// our article edit assembly
	$assembly,
	// other assemblies...
	// ...
]);

```

Now let's use it

```
$context = new IdentityContext($userId, $userRoles);
$authorized = $authorizationManager->vote('edit', $article, $context);
if ($authorized->getDecision() === VotingDecisionEnum::ALLOWED()) {
	// we can edit!
}

```

###  Health Score

29

—

LowBetter than 57% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity25

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity49

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 88.9% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~981 days

Total

2

Last Release

2481d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/e74b43adbacdd780dde71aab93728639c3874b69ef44d17251be46c49eafd850?d=identicon)[SpareParts](/maintainers/SpareParts)

---

Top Contributors

[![SpareParts](https://avatars.githubusercontent.com/u/1478737?v=4)](https://github.com/SpareParts "SpareParts (16 commits)")[![adam-lutka](https://avatars.githubusercontent.com/u/17009072?v=4)](https://github.com/adam-lutka "adam-lutka (1 commits)")[![AdamLutka](https://avatars.githubusercontent.com/u/38178278?v=4)](https://github.com/AdamLutka "AdamLutka (1 commits)")

---

Tags

aclattribute authorizationauthorization manager

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/spareparts-overseer/health.svg)

```
[![Health](https://phpackages.com/badges/spareparts-overseer/health.svg)](https://phpackages.com/packages/spareparts-overseer)
```

###  Alternatives

[spatie/laravel-permission

Permission handling for Laravel 12 and up

12.9k102.4M1.4k](/packages/spatie-laravel-permission)[zizaco/entrust

This package provides a flexible way to add Role-based Permissions to Laravel. Supports laravel 5|6|7|8

6.1k5.3M63](/packages/zizaco-entrust)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k3.9M129](/packages/bezhansalleh-filament-shield)[santigarcor/laratrust

This package provides a flexible way to add Role-based Permissions to Laravel

2.3k5.8M47](/packages/santigarcor-laratrust)[casbin/casbin

a powerful and efficient open-source access control library for php projects.

1.3k1.5M54](/packages/casbin-casbin)[nette/security

🔑 Nette Security: provides authentication, authorization and a role-based access control management via ACL (Access Control List)

3889.7M331](/packages/nette-security)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
