lm-commons / rbac
Clone of zfr/rbac v1.2.0 for PHP 8 support
Installs: 9 692
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 1
Open Issues: 0
Requires
- php: ^8.0
Requires (Dev)
- php-coveralls/php-coveralls: ^2.2
- phpspec/prophecy-phpunit: ^2.0
- phpunit/phpunit: ^10.0 || ^11.0
- squizlabs/php_codesniffer: ^3.5.5
Replaces
- zfr/rbac: 1.2.0
README
IMPORTANT!!
The only purpose of this package is to provide a version of zfr/rbac 1.2 that support PHP 8 and fixes the deprecation notices.
Rbac (not to be confused with ZfcRbac/LmcRbac) is a pure PHP implementation of the RBAC (Role based access control) concept. Actually, it is a Zend Framework 3 prototype of the ZF2 Zend\Permissions\Rbac component.
It aims to fix some design mistakes that were made to make it more usable and more efficient.
It differs on those points:
- A
PermissionInterface
has been introduced. RoleInterface
no longer havesetParent
andgetParent
methods, and cannot have children anymore (this is used to implement a simpler "flat RBAC").- A new
HierarchicalRoleInterface
has been introduced to allow roles to have children. - Method
hasPermission
on a role no longer recursively iterate the children role, but only check its own permissions. To properly check if a role is granted, you should use theisGranted
method of theRbac
class. Rbac
class is no longer a container. Instead, it just has aisGranted
method. The container was complex to properly handle because of role duplication, which could lead to security problems if not used correctly.
This library is used in LM-Commons/LmcRbacMvc v3.