Search by 
betocampoy / champs-access
Lightweight access control core for PHP projects. Permission checking by user, resource and provider adapters.
Maintainers
v1.0.0
2026-04-27 19:29 UTC
Requires
- php: ^8.1
This package is auto-updated.
Last update: 2026-04-27 19:34:03 UTC
README
Lightweight permission checker for PHP projects.
Install
composer require betocampoy/champs-access
Basic Usage
use BetoCampoy\Champs\Access\AccessChecker; use BetoCampoy\Champs\Access\ArrayPermissionProvider; use BetoCampoy\Champs\Access\GenericUser; use BetoCampoy\Champs\Access\GenericResource; use BetoCampoy\Champs\Access\Permission; $provider = new ArrayPermissionProvider([ 'admin' => [ 'users' => [ Permission::ACCESS => true, Permission::CREATE => true, Permission::UPDATE => true, Permission::DELETE => true, ], ], ]); $checker = new AccessChecker($provider); $user = new GenericUser(1, 'admin'); $resource = new GenericResource('users', 'users'); $checker->can($user, $resource, Permission::UPDATE); // true
Assert Access
$checker->assertCan($user, $resource, Permission::DELETE);
Throws AccessDeniedException.
Multiple Permissions
$checker->canAny($user, $resource, [ Permission::UPDATE, Permission::DELETE, ]); $checker->canAll($user, $resource, [ Permission::ACCESS, Permission::UPDATE, ]);
Custom Provider
use BetoCampoy\Champs\Access\PermissionProviderInterface; final class DatabasePermissionProvider implements PermissionProviderInterface { public function permissionsFor($user, $resource): array { return [ 'acessar' => true, 'alterar' => true, ]; } }
Recommended Architecture
Package responsibilities:
- permission rules
- access checking
- reusable interfaces
Application responsibilities:
- redirects
- flash messages
- JSON responses
- HTTP 403
- database queries
- framework integration