PHPackages                             yiisoft/rbac-php - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Framework](/categories/framework)
4. /
5. yiisoft/rbac-php

ActiveLibrary[Framework](/categories/framework)

yiisoft/rbac-php
================

Yii RBAC PHP File Storage

2.1.0(1mo ago)2481.2k↑15.5%8[5 issues](https://github.com/yiisoft/rbac-php/issues)[1 PRs](https://github.com/yiisoft/rbac-php/pulls)1BSD-3-ClausePHPPHP 8.1 - 8.5CI passing

Since Apr 8Pushed 1w ago13 watchersCompare

[ Source](https://github.com/yiisoft/rbac-php)[ Packagist](https://packagist.org/packages/yiisoft/rbac-php)[ Docs](https://www.yiiframework.com/)[ GitHub Sponsors](https://github.com/sponsors/yiisoft)[ OpenCollective](https://opencollective.com/yiisoft)[ RSS](/packages/yiisoft-rbac-php/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (2)Dependencies (23)Versions (13)Used By (1)

 [ ![](https://camo.githubusercontent.com/8317c17418b39410a660f5149071d26c5023c0d5fb2b7ebb771324812f666d73/68747470733a2f2f796969736f66742e6769746875622e696f2f646f63732f696d616765732f7969695f6c6f676f2e737667) ](https://github.com/yiisoft)

Yii RBAC PHP File Storage
=========================

[](#yii-rbac-php-file-storage)

[![Latest Stable Version](https://camo.githubusercontent.com/471893a6cb330e45431f1eb8f19bd107f7626dedd3cf626cd365bd40c03d3f7d/68747470733a2f2f706f7365722e707567782e6f72672f796969736f66742f726261632d7068702f76)](https://packagist.org/packages/yiisoft/rbac-php)[![Total Downloads](https://camo.githubusercontent.com/8e21c58279b723bf577895d2f2a296ba5c26a003537e8c60bf40f47289ea83ca/68747470733a2f2f706f7365722e707567782e6f72672f796969736f66742f726261632d7068702f646f776e6c6f616473)](https://packagist.org/packages/yiisoft/rbac-php)[![Build status](https://github.com/yiisoft/rbac-php/actions/workflows/build.yml/badge.svg)](https://github.com/yiisoft/rbac-php/actions/workflows/build.yml)[![codecov](https://camo.githubusercontent.com/a220f83882fb83893025a1d6c351cd4faff10fdef00329479d99ba3bbdf8c21e/68747470733a2f2f636f6465636f762e696f2f67682f796969736f66742f726261632d7068702f67726170682f62616467652e7376673f746f6b656e3d5955384c56424e435138)](https://codecov.io/gh/yiisoft/rbac-php)[![Mutation testing badge](https://camo.githubusercontent.com/912cbda4bee78d8760b1539404580ce0b278df8d6ffae1266936c87ff630e744/68747470733a2f2f696d672e736869656c64732e696f2f656e64706f696e743f7374796c653d666c61742675726c3d687474707325334125324625324662616467652d6170692e737472796b65722d6d757461746f722e696f2532466769746875622e636f6d253246796969736f6674253246726261632d7068702532466d6173746572)](https://dashboard.stryker-mutator.io/reports/github.com/yiisoft/rbac-php/master)[![static analysis](https://github.com/yiisoft/rbac-php/workflows/static%20analysis/badge.svg)](https://github.com/yiisoft/rbac-php/actions?query=workflow%3A%22static+analysis%22)[![type-coverage](https://camo.githubusercontent.com/c35dc8d53682a5f8f61d0f3b94f77bf33b012b6e4446ab44feaca5d2d632fead/68747470733a2f2f73686570686572642e6465762f6769746875622f796969736f66742f726261632d7068702f636f7665726167652e737667)](https://shepherd.dev/github/yiisoft/rbac-php)

This package provides PHP file-based storage for [RBAC (Role-Based Access Control)](https://github.com/yiisoft/rbac)package.

Requirements
------------

[](#requirements)

- PHP 8.1 - 8.5.

Installation
------------

[](#installation)

The package could be installed with [Composer](https://getcomposer.org):

```
composer require yiisoft/rbac-php
```

See [yiisoft/rbac](https://github.com/yiisoft/rbac) for RBAC package installation instructions.

General usage
-------------

[](#general-usage)

The storage is suitable for authorization data that is not too big (for example, the authorization data for a personal blog system) or for fairly static RBAC hierarchy.

Authorization data is stored in PHP files. PHP should be able to read and write these files. Non-existing files will be created automatically on any write operation.

### Using storages

[](#using-storages)

The storages are not intended to be used directly. Instead, use them with `Manager` from [Yii RBAC](https://github.com/yiisoft/rbac) package:

```
use Yiisoft\Rbac\Manager;
use Yiisoft\Rbac\Permission;
use Yiisoft\Rbac\Php\AssignmentsStorage;
use Yiisoft\Rbac\Php\ItemsStorage;
use Yiisoft\Rbac\RuleFactoryInterface;

$directory = __DIR__ . '/rbac';
$itemsStorage = new ItemsStorage($directory . '/items.php');
$assignmentsStorage = new AssignmentsStorage($directory . '/assignments.php');
/** @var RuleFactoryInterface $rulesContainer */
$manager = new Manager(
    itemsStorage: $itemsStorage,
    assignmentsStorage: $assignmentsStorage,
    // Requires https://github.com/yiisoft/rbac-rules-container or other compatible factory.
    ruleFactory: $rulesContainer,
),
$manager->addPermission(new Permission('posts.create'));
```

> Note that it's not necessary to use both PHP storages. Combining different implementations is possible. A quite popular case is to manage items via PHP file while store assignments in database (see [Cycle](https://github.com/yiisoft/rbac-cycle-db) and [Yiisoft DB](https://github.com/yiisoft/rbac-db)implementations).

More examples can be found in [Yii RBAC](https://github.com/yiisoft/rbac) documentation.

### File structure

[](#file-structure)

In case you decide to manually edit the files, make sure to keep the following structure.

#### Items

[](#items)

Required and optional fields:

```
return [
    [
        'name' => 'posts.update',
        'description' => 'Update a post', // Optional
        'rule_name' => 'is_author', // Optional
        'type' => 'permission', // or 'role'
        'created_at' => 1683707079, // UNIX timestamp, optional
        'updated_at' => 1683707079, // UNIX timestamp, optional
    ],
];
```

While it's recommended to maintain created and updated timestamps, if any is missing, the file modification time will be used instead as a fallback.

The structure for an item with children:

```
return [
    [
        'name' => 'posts.redactor',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.viewer',
            'posts.create',
            'posts.update',
        ],
    ],
];
```

The complete example for managing posts:

```
return [
    [
        'name' => 'posts.admin',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.redactor',
            'posts.delete',
            'posts.update.all',
        ],
    ],
    [
        'name' => 'posts.redactor',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.viewer',
            'posts.create',
            'posts.update',
        ],
    ],
    [
        'name' => 'posts.viewer',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.view',
        ],
    ],
    [
        'name' => 'posts.view',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.create',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.update',
        'rule_name' => 'is_author',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.delete',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.update.all',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
];
```

#### Assignments

[](#assignments)

```
return [
    [
        'item_name' => 'posts.redactor',
        'user_id' => 'john',
        'created_at' => 1683707079, // Optional
    ],
    // ...
    [
        'item_name' => 'posts.admin',
        'user_id' => 'jack',
        'created_at' => 1683707079,
    ],
];
```

While it's recommended to maintain created timestamps, if it is missing, the file modification time will be used instead as a fallback.

### Concurrency

[](#concurrency)

By default, working with PHP storage does not support concurrency. This might be OK if you store its files under VCS for example. If your scenario is different and, let's say, some kind of web interface is used - then, to enable concurrency, do not use the storage directly - wrap it with decorator instead:

```
use Yiisoft\Rbac\Manager;
use Yiisoft\Rbac\Permission;
use Yiisoft\Rbac\Php\AssignmentsStorage;
use Yiisoft\Rbac\Php\ConcurrentAssignmentsStorageDecorator;
use Yiisoft\Rbac\Php\ConcurrentItemsStorageDecorator;
use Yiisoft\Rbac\Php\ItemsStorage;
use Yiisoft\Rbac\RuleFactoryInterface;

$directory = __DIR__ . DIRECTORY_SEPARATOR . 'rbac';
$itemsSstorage = new ConcurrentItemsStorageDecorator(ItemsStorage($directory));
$assignmentsStorage = new ConcurrentAssignmentsStorageDecorator(AssignmentsStorage($directory));
/** @var RuleFactoryInterface $rulesContainer */
$manager = new Manager(
    itemsStorage: $itemsStorage,
    assignmentsStorage: $assignmentsStorage,
    // Requires https://github.com/yiisoft/rbac-rules-container or other compatible factory.
    ruleFactory: $rulesContainer,
),
```

> Note that it will have an impact on performance so don't use it unless you really have to.

#### Configuring file updated time

[](#configuring-file-updated-time)

A closure can be used to customize getting file modification time:

```
use Yiisoft\Rbac\Php\AssignmentsStorage;
use Yiisoft\Rbac\Php\ItemsStorage;

$directory = __DIR__ . '/rbac',
$getFileUpdatedAt = static fn (string $filePath): int|false => @filemtime($filePath)
$itemsStorage = new ItemsStorage(
    $directory . '/items.php',
    getFileUpdatedAt: static fn (string $filePath): int|false => @filemtime($filePath),
);
$itemsStorage = new AssignmentsStorage(
    $directory . '/assignments.php',
    getFileUpdatedAt: static fn (string $filePath): int|false => @filemtime($filePath),
);
```

This is useful for 2 things:

- Using for empty timestamps when files are edited manually.
- Detection of file changes when concurrency is enabled. This helps to optimize perfomance by preventing of unnecessary loads (when file contents has not been changed).

### Syncing storages manually

[](#syncing-storages-manually)

The storages stay synced thanks to manager, but there can be situations where you need to sync them manually. One of them is [editing storage manually](https://github.com/yiisoft/rbac-php/?tab=readme-ov-file#file-structure).

Let's say PHP files are used for both items and assignments and some items were deleted.

```
return [
    [
        'name' => 'posts.admin',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.redactor',
            'posts.delete',
            'posts.update.all',
        ],
    ],
-   [
-       'name' => 'posts.redactor',
-       'type' => 'role',
-       'created_at' => 1683707079,
-       'updated_at' => 1683707079,
-       'children' => [
-           'posts.viewer',
-           'posts.create',
-           'posts.update',
-       ],
-   ],
    [
        'name' => 'posts.viewer',
        'type' => 'role',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
        'children' => [
            'posts.view',
        ],
    ],
    [
        'name' => 'posts.view',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.create',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
-   [
-       'name' => 'posts.update',
-       'rule_name' => 'is_author',
-       'type' => 'permission',
-       'created_at' => 1683707079,
-       'updated_at' => 1683707079,
-   ],
    [
        'name' => 'posts.delete',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
    [
        'name' => 'posts.update.all',
        'type' => 'permission',
        'created_at' => 1683707079,
        'updated_at' => 1683707079,
    ],
];
```

Then related entries in assignments storage needs to be deleted as well:

```
return [
-   [
-       'item_name' => 'posts.redactor',
-       'user_id' => 'john',
-       'created_at' => 1683707079,
-   ],
    [
        'item_name' => 'posts.admin',
        'user_id' => 'jack',
        'created_at' => 1683707079,
    ],
];
```

When using database as a second storage, this can be done within a migration. Depending on chosen implementation, refer to either [RBAC Cycle example](https://github.com/yiisoft/rbac-cycle-db?tab=readme-ov-file#syncing-storages-manually) or [RBAC DB example](https://github.com/yiisoft/rbac-db?tab=readme-ov-file#syncing-storages-manually).

Documentation
-------------

[](#documentation)

- [Internals](docs/internals.md)

If you need help or have a question, the [Yii Forum](https://forum.yiiframework.com/c/yii-3-0/63) is a good place for that. You may also check out other [Yii Community Resources](https://www.yiiframework.com/community).

License
-------

[](#license)

The Yii RBAC PHP File Storage is free software. It is released under the terms of the BSD License. Please see [`LICENSE`](./LICENSE.md) for more information.

Maintained by [Yii Software](https://www.yiiframework.com/).

Support the project
-------------------

[](#support-the-project)

[![Open Collective](https://camo.githubusercontent.com/a2b15f8e2268d4e3842e00d41ff7a57cce2ad8bd8d8769c5dc4fa05a546a4f62/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4f70656e253230436f6c6c6563746976652d73706f6e736f722d3765616466313f6c6f676f3d6f70656e253230636f6c6c656374697665266c6f676f436f6c6f723d376561646631266c6162656c436f6c6f723d353535353535)](https://opencollective.com/yiisoft)

Follow updates
--------------

[](#follow-updates)

[![Official website](https://camo.githubusercontent.com/d6b0929173e28cc627430d2519ca1853466a70f37395877eaf4820cb3e1e1909/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f506f77657265645f62792d5969695f4672616d65776f726b2d677265656e2e7376673f7374796c653d666c6174)](https://www.yiiframework.com/)[![Twitter](https://camo.githubusercontent.com/d077c362ac639792171af8bc002ee827816733dfc0925f70b557e6d151022226/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f747769747465722d666f6c6c6f772d3144413146323f6c6f676f3d74776974746572266c6f676f436f6c6f723d314441314632266c6162656c436f6c6f723d3535353535353f7374796c653d666c6174)](https://twitter.com/yiiframework)[![Telegram](https://camo.githubusercontent.com/4e38dd12535575c39c65bea7119b95e663abb2d1f4e3d669a27bbda07ef603f0/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f74656c656772616d2d6a6f696e2d3144413146323f7374796c653d666c6174266c6f676f3d74656c656772616d)](https://t.me/yii3en)[![Facebook](https://camo.githubusercontent.com/48204e301b34b29b0815854544f04c337fc0692096cab35e9a1f8c53a42c2307/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f66616365626f6f6b2d6a6f696e2d3144413146323f7374796c653d666c6174266c6f676f3d66616365626f6f6b266c6f676f436f6c6f723d666666666666)](https://www.facebook.com/groups/yiitalk)[![Slack](https://camo.githubusercontent.com/1a3645ba1c97e6684d0349bc478201e1621ba0d3efad516d81035364d442bad7/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f736c61636b2d6a6f696e2d3144413146323f7374796c653d666c6174266c6f676f3d736c61636b)](https://yiiframework.com/go/slack)

###  Health Score

62

—

FairBetter than 99% of packages

Maintenance90

Actively maintained with recent releases

Popularity43

Moderate usage in the ecosystem

Community29

Small or concentrated contributor base

Maturity73

Established project with proven stability

 Bus Factor3

3 contributors hold 50%+ of commits

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~748 days

Total

3

Last Release

51d ago

Major Versions

1.0.0 → 2.0.02024-03-07

PHP version history (3 changes)1.0.0PHP ^7.4|^8.0

2.0.0PHP ^8.1

2.1.0PHP 8.1 - 8.5

### Community

Maintainers

![](https://www.gravatar.com/avatar/261a6249c6f605f3956a2fae40fbb813f6b2e1e6f2bf806180c851a965426e54?d=identicon)[cebe](/maintainers/cebe)

![](https://www.gravatar.com/avatar/fc29e4e7068a00fe9b9db37b8aadda1db6020adcacef810461e47b99c2b150e6?d=identicon)[samdark](/maintainers/samdark)

![](https://www.gravatar.com/avatar/ccb75e3312d6bd454ea445ea308139fd185a4ca906ca5df21cc66e6a35de25a3?d=identicon)[SilverFire](/maintainers/SilverFire)

![](https://www.gravatar.com/avatar/99106256c24a8cb23871b99fa90e48f37f1aa71608c185759b7d2a88683a5918?d=identicon)[hiqsol](/maintainers/hiqsol)

---

Top Contributors

[![samdark](https://avatars.githubusercontent.com/u/47294?v=4)](https://github.com/samdark "samdark (29 commits)")[![vjik](https://avatars.githubusercontent.com/u/525501?v=4)](https://github.com/vjik "vjik (25 commits)")[![arogachev](https://avatars.githubusercontent.com/u/8326201?v=4)](https://github.com/arogachev "arogachev (23 commits)")[![devanych](https://avatars.githubusercontent.com/u/20116244?v=4)](https://github.com/devanych "devanych (8 commits)")[![terabytesoftw](https://avatars.githubusercontent.com/u/42547589?v=4)](https://github.com/terabytesoftw "terabytesoftw (5 commits)")[![xepozz](https://avatars.githubusercontent.com/u/6815714?v=4)](https://github.com/xepozz "xepozz (4 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (4 commits)")[![Fantom409](https://avatars.githubusercontent.com/u/14968877?v=4)](https://github.com/Fantom409 "Fantom409 (4 commits)")[![darkdef](https://avatars.githubusercontent.com/u/8342004?v=4)](https://github.com/darkdef "darkdef (2 commits)")[![sankaest](https://avatars.githubusercontent.com/u/21160342?v=4)](https://github.com/sankaest "sankaest (1 commits)")[![luizcmarin](https://avatars.githubusercontent.com/u/67489841?v=4)](https://github.com/luizcmarin "luizcmarin (1 commits)")[![romkatsu](https://avatars.githubusercontent.com/u/1677515?v=4)](https://github.com/romkatsu "romkatsu (1 commits)")[![viktorprogger](https://avatars.githubusercontent.com/u/7670669?v=4)](https://github.com/viktorprogger "viktorprogger (1 commits)")[![beastbytes](https://avatars.githubusercontent.com/u/1470144?v=4)](https://github.com/beastbytes "beastbytes (1 commits)")[![thenotsoft](https://avatars.githubusercontent.com/u/44147615?v=4)](https://github.com/thenotsoft "thenotsoft (1 commits)")

---

Tags

access-controlfileshacktoberfestrbacyii3storagerbacyii

###  Code Quality

TestsPHPUnit

Static AnalysisPsalm, Rector

Code StylePHP CS Fixer

Type Coverage Yes

### Embed Badge

![Health badge](/badges/yiisoft-rbac-php/health.svg)

```
[![Health](https://phpackages.com/badges/yiisoft-rbac-php/health.svg)](https://phpackages.com/packages/yiisoft-rbac-php)
```

###  Alternatives

[yiisoft/yii

Yii Web Programming Framework

4.8k5.9M268](/packages/yiisoft-yii)[yiisoft/yii2-queue

Yii2 Queue Extension which supports queues based on DB, Redis, RabbitMQ, Beanstalk, SQS, and Gearman

1.1k11.1M166](/packages/yiisoft-yii2-queue)[yiisoft/rbac-cycle-db

Yii RBAC Cycle Database storage

1733.1k](/packages/yiisoft-rbac-cycle-db)[omnilight/yii2-scheduling

Scheduling extension for Yii2 framework

3181.1M8](/packages/omnilight-yii2-scheduling)[yiisoft/log

Yii Logging Library

43966.1k33](/packages/yiisoft-log)[yiisoft/rbac-db

Yii RBAC Database storage

1911.1k2](/packages/yiisoft-rbac-db)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
