Home

Awesome

Access Control Module for the Kohana Framework

Database-based ACL module for Kohana 3.3 / PHP 5.4. Users get authorization to perform certain actions through their roles. Each role can have several permissions. You define new roles and permissions in the database as you see fit.

I actually do recommend against using this module unless you specifically want the role/permission management to happen in the database (some projects need permissions managed from the GUI, by administrative users). For an alternative (and much better) implementation, see https://github.com/vendo/acl.

Dependencies

  1. PHP >= 5.4
  2. Kohana >= 3.3
  3. Default Database, Auth and ORM modules

Usage

// ...
public function save_customer() {
	$current_user = Auth::instance()->get_user();

	if (!$current_user->can(Permission::EDIT_CUSTOMERS)) {
		throw new Authorization_Exception();
	}

	// Save the Customer ORM model
	$this->save();
}
// ...

Defining permissions

Create new entries in the permissions table as you develop your application. Associate permissions with roles and check for the user's authorization to perform some action in your code.

Permission constants

Override Permission in your APPPATH to define permission constants. Constant values correspond to the id column of the permissions table.

<?php
class Model_Permission extends ACL_Model_Permission {
	const EDIT_USERS = 1;
	const ADD_NEW_POST = 2;
}

$user->can(Model_Permission::EDIT_USERS);

Checking permissions

Installation

As a Git submodule:

git clone git://github.com/anroots/kohana-db-acl.git modules/db-acl

As a Composer dependency

{
	"require": {
		"php": ">=5.4.0",
		"composer/installers": "*",
		"anroots/db-acl":"1.*"
	}
}