PHPackages                             vvasystem/php-acl - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. vvasystem/php-acl

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

vvasystem/php-acl
=================

ACL for PHP

1.0.0(6y ago)02301MITPHPPHP &gt;=7.1CI failing

Since Mar 29Pushed 3y agoCompare

[ Source](https://github.com/vvasystem/php-acl)[ Packagist](https://packagist.org/packages/vvasystem/php-acl)[ RSS](/packages/vvasystem-php-acl/feed)WikiDiscussions master Synced today

READMEChangelog (1)Dependencies (1)Versions (2)Used By (0)

php-acl
-------

[](#php-acl)

[![MIT License](https://camo.githubusercontent.com/2a417ea452c89b4868c8f3a9ee2b85006d57a8a7aa68b7549deb4551c0875bad/687474703a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d3933373064382e7376673f7374796c653d666c6174)](http://opensource.org/licenses/MIT)

ACLs (Access Control Lists) is a lightweight acl manager for PHP

### Install

[](#install)

```
$ composer require vvasystem/php-acl

```

### Examples

[](#examples)

#### Access to controller actions

[](#access-to-controller-actions)

```
use PhpAcl\AccessRegister;
use PhpAcl\Helper;

$accessRegister = AccessRegister::getInstance();
$accessRegister->addResourceAccess(AccessRegister::RES_USER_PAGES, [
    AccessRegister::A_READ   => [AccessRegister::R_USER],
    AccessRegister::A_CREATE => [AccessRegister::R_SA],
    AccessRegister::A_UPDATE => [AccessRegister::R_SA],
    AccessRegister::A_DELETE => [AccessRegister::R_SA],
]);

$accessRegister->addActionAccess('index', 'details', [
    AccessRegister::RES_USER_PAGES => AccessRegister::A_READ,
]);

//or getting from session user
$rights = [AccessRegister::R_USER];

//and check access
if (Helper::hasActionAccess('index', 'details', $rights)) {
    //...
}
```

#### Access to resource

[](#access-to-resource)

```
use PhpAcl\AccessRegister;
use PhpAcl\Guard;
use PhpAcl\Helper;
use PhpAcl\UserInterface;

//add some constants
const TEST_RIGHT_1001    = 1001;
const TEST_RIGHT_100101  = 100101;

//implementation User interface
class TestUser implements UserInterface
{
    /** @var array */
    private $rights = [];

    public function setRights(array $rights)
    {
        $this->rights = $rights;
    }

    /**
     * @return int[]
     */
    public function getRights(): array
    {
        return $this->rights;
    }

     public function hasResourceAccess(int $resourceType, int $accessType): bool
     {
        return Helper::hasResourceAccess($resourceType, $accessType, $this->getRights());
     }
}

//next...
AccessRegister::getInstance()->addResourceAccess(AccessRegister::RES_USER_PAGES, [
    AccessRegister::A_READ   => [TEST_RIGHT_100101],
    AccessRegister::A_CREATE => [TEST_RIGHT_1001],
    AccessRegister::A_UPDATE => [TEST_RIGHT_1001],
    AccessRegister::A_DELETE => [TEST_RIGHT_1001],
]);

$user = new TestUser();
$user->setRights([AccessRegister::R_SA]);

$acl = Guard::getInstance();
if ($acl->CanDelete(AccessRegister::RES_USER_PAGES, null, $user)) {
    //...
}
```

#### Add own guards

[](#add-own-guards)

```
use PhpAcl\AccessRegister;
use PhpAcl\Guard;
use PhpAcl\ResourceGuardInterface;
use PhpAcl\ResourceInterface;
use PhpAcl\UserInterface;

//implementation ResourceGuard interface
class TestResourceGuard implements ResourceGuardInterface
{

    public function checkResourceTypeAccess(int $accessType, int $resourceType, ?ResourceInterface $context, UserInterface $user): bool
    {
        // some logic
        return true;
    }

    public function checkResourceAccess(int $accessType, ResourceInterface $resource, ?ResourceInterface $context, UserInterface $user): bool
    {
        // some logic
        return true;
    }

}

//use own guard or extends DefaultResourceGuard
$acl = Guard::getInstance();

$acl->addResourceGuard(AccessRegister::RES_USER_PAGES, new TestResourceGuard());

$user = new TestUser();
$user->setRights([AccessRegister::R_USER]);

if ($acl->canUpdate(AccessRegister::RES_USER_PAGES, null, $user)) {
    //...
}
```

###  Health Score

25

—

LowBetter than 35% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity12

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity51

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

2287d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/3647630?v=4)[Victor](/maintainers/vvasystem)[@vvasystem](https://github.com/vvasystem)

---

Top Contributors

[![vvasystem](https://avatars.githubusercontent.com/u/3647630?v=4)](https://github.com/vvasystem "vvasystem (2 commits)")

---

Tags

aclphpphpacl

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/vvasystem-php-acl/health.svg)

```
[![Health](https://phpackages.com/badges/vvasystem-php-acl/health.svg)](https://phpackages.com/packages/vvasystem-php-acl)
```

###  Alternatives

[santigarcor/laratrust

This package provides a flexible way to add Role-based Permissions to Laravel

2.3k5.8M47](/packages/santigarcor-laratrust)[shanmuga/laravel-entrust

This package provides a flexible solution to add ACL to Laravel

69337.5k2](/packages/shanmuga-laravel-entrust)[swoft/auth

Auth component for swoft

127.2k1](/packages/swoft-auth)[nahid/permit

Permit is a laravel ACL and authorization package

733.6k](/packages/nahid-permit)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
