PHPackages ubc-web-services/ubc\_cwl\_auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ubc-web-services/ubc\_cwl\_auth ActiveDrupal-module[Authentication & Authorization](/categories/authentication) ubc-web-services/ubc\_cwl\_auth =============================== Bridges Drupal authentication with UBC CWL 1.0.0-rc9(2mo ago)0293PHP Since Oct 7Pushed 2mo agoCompare [ Source](https://github.com/ubc-web-services/ubc_cwl_auth)[ Packagist](https://packagist.org/packages/ubc-web-services/ubc_cwl_auth)[ RSS](/packages/ubc-web-services-ubc-cwl-auth/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (8)Dependencies (6)Versions (10)Used By (0) UBC CWL AUTH ============ [](#ubc-cwl-auth) ### About [](#about) This module's purpose is to bring together the functionality required to handle our use cases for permissions based authentication, which **can** be used in conjunction with CWL authentication. The contrib module to handle a CWL integration in this case is **samlauth** (). This module and it's dependencies should work the same in Drupal 10 and Drupal 11. Upon installation, the install file will conditionally create the 'CWL' role. Additionally it will create a Taxonomy Vocabulary called 'Visibility', and create 2 terms, 'General' and 'CWL'. Those two taxonomy terms will also have role permissions attached to them, via the **permissions\_by\_term** module. The functionality provided by this module is to subscribe to 403 events, and redirect any 403s where the user does not have the CWL role to /saml/login. This redirect path will then kickoff a CWL login handshake via the **samlauth** module, if installed. Or if samlauth is not installed, a custom page or custom functionality can be put at that route. ### Files [](#files) **Event Subscriber** - Subscribes to Exceptions, but only implements logic on 403. Checks for 'CWL' role and redirects accordingly. **AccessDeniedController** - Redirects user to the CWL Login page **ubc\_cwl\_auth.services** - Registers event subscriber **ubc\_cwl\_auth.routing** - Defines ubc\_cwl\_auth.ubc\_cwl\_redirect **ubc\_cwl\_auth.install** - Conditionaly creates taxonomy vocab and terms and configures them. This needs to happen after the configuration in config/install have been imported. Conditionally creates CWL role. ### Dependencies [](#dependencies) **private\_files\_download\_permission** - Allows you to create subdirectories in the private files folder, and set User role permissions on them. Therefore any private files uploaded to that folder will take on the User permission requirements. **entity\_bundle\_permissions** - Allows you to create granular access control permissions on Entities, including Content Types and Media. Note, that if you have UBC Media Entity Configuration installed, you will need to set permissions for both modules. You can open up permissions on UBC Media Entity Configuration to Anonymous, and then restrict them in the Entity Bundle Permissions permissions. **permissions\_by\_term** - Allows you to use a taxonomy vocabulary to set User role permissions. This creates a preferable Edit form experience over the private content module. **jsonapi\_extras** - Not actually a dependency, but required to see JSON endpoints, for testing access control of content exposed through endpoints. ### Configuration of Uses Cases [](#configuration-of-uses-cases) #### Single Node CWL Protection [](#single-node-cwl-protection) Add a taxonomy reference field to any content type, referencing the Visibility taxonomy. Make the field mandatory and create a default value of 'General'. Any node with 'General' visibility is accessible to Anonymous and Authenticated users. Any node with 'CWL' visibility is accessible to 'CWL', 'Content Editor', and 'Administrators'. Those specific role permissions can be customized after installation under the 'Permissions' section of the taxonomy term edit page. #### Content Type CWL Protection [](#content-type-cwl-protection) For any content type, configure Access and CRUD permissions by going to the content type's 'Manage Permissions' operation (which is part of the **entity\_bundle\_permissions** module). #### Media CWL Protection [](#media-cwl-protection) For any Media type, configure Access and CRUD permissions by going to the content type's 'Manage Permissions' operation (which is part of the **entity\_bundle\_permissions** module). Note: if the **UBC Media Entity Configuration** module is installed, that module's permissions can potentially conflict with the permissions of the **entity\_bundle\_permissions** module. You can resolved this by providing full access within the **UBC Media Entity Configuration** permissions, and then restricting permissions with the **entity\_bundle\_permissions** module. #### Views CWL Protection [](#views-cwl-protection) For Views, restrict access permissions by the 'CWL' role. #### Feeds CWL Protection [](#feeds-cwl-protection) If Entities have permissions based access control configured, then JSON feeds accessed without authentication should adhere to the access control you've setup. ### Health Score 35 — LowBetter than 80% of packages Maintenance85 Actively maintained with recent releases Popularity13 Limited adoption so far Community9 Small or concentrated contributor base Maturity27 Early-stage or recently created project Bus Factor1 Top contributor holds 55.6% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~23 days Recently: every ~16 days Total 7 Last Release 75d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/bb2057c95b72281166d1223f90909ff8440a29a5ee5f450cf0d71194563dda94?d=identicon)[occupant](/maintainers/occupant) ![](https://www.gravatar.com/avatar/b6c1e9ad0b426341d05e305d124a5e013c722962ce6ce98c036318e6f1e8dc76?d=identicon)[gocaps](/maintainers/gocaps) --- Top Contributors [![gocaps](https://avatars.githubusercontent.com/u/3074378?v=4)](https://github.com/gocaps "gocaps (15 commits)")[![occupant](https://avatars.githubusercontent.com/u/130125?v=4)](https://github.com/occupant "occupant (12 commits)") ### Embed Badge ![Health badge](/badges/ubc-web-services-ubc-cwl-auth/health.svg) ``` [![Health](https://phpackages.com/badges/ubc-web-services-ubc-cwl-auth/health.svg)](https://phpackages.com/packages/ubc-web-services-ubc-cwl-auth) ``` ### Alternatives [openeuropa/oe_authentication Authentication against the OpenEuropa Authentication service. 17314.8k2](/packages/openeuropa-oe-authentication) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)