innmind/acl

Reproduce the filesystem ACL mechanism

3.1.0 2023-09-16 14:56 UTC

This package is auto-updated.

Last update: 2025-01-16 17:37:31 UTC


README

Build Status codecov Type Coverage

Small library to reproduce the logic of the unix filesystem access control list.

Installation

composer require innmind/acl

Usage

use Innmind\ACL\{
    ACL,
    User,
    Group,
    Mode,
};

$acl = ACL::of('r---w---x user:group');

$acl->allows(User::of('foo'), Group::of('bar'), Mode::read); // false
$acl->allows(User::of('foo'), Group::of('bar'), Mode::write); // false
$acl->allows(User::of('foo'), Group::of('bar'), Mode::execute); // true
$acl->allows(User::of('foo'), Group::of('group'), Mode::read); // false
$acl->allows(User::of('foo'), Group::of('group'), Mode::write); // true
$acl->allows(User::of('foo'), Group::of('group'), Mode::execute); // true
$acl->allows(User::of('user'), Group::of('bar'), Mode::read); // true
$acl->allows(User::of('user'), Group::of('bar'), Mode::write); // false
$acl->allows(User::of('user'), Group::of('bar'), Mode::execute); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::read); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::write); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::execute); // true
$acl->toString(); // outputs "r---w---x user:group"

$otherAcl = $acl->addUser(Mode::write);
$acl->toString(); // outputs "r---w---x user:group"
$otherAcl->toString(); // outputs "rw--w---x user:group"

The goal is to reproduce the logic of the filesystem ACL but at the application level so it can be persisted in a user entity and being completely decoupled from the real filesystem.