vima/core

Framework-agnostic RBAC + ABAC access control engine with pluggable storage backends and a built-in CLI.

Maintainers

Details

github.com/vimaphp/vima-core

Source

Issues

Installs: 3

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

0.0.3 2025-09-18 09:16 UTC

Requires

Requires (Dev)

MIT 45e0550e11ee972f493f8e38976def23a9c5cf87

  • Ian Ochieng <ochiengian383.woop@gmail.com>

This package is not auto-updated.

Last update: 2025-09-19 05:15:39 UTC

README

Vima Core is a framework-independent authorization library that provides a clean foundation for RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control).

It is designed to be extended by framework-specific packages (e.g. vima/laravel, vima/symfony) while staying lightweight and testable at the core.

โœจ Features

  • ๐Ÿ”‘ Entities: User, Role, Permission

  • ๐Ÿ“œ Contracts: Interfaces for storage & access logic

  • ๐Ÿ—„ Storage: In-memory repositories for testing & prototyping

  • โš™๏ธ Services:

    • AccessManager โ€“ RBAC & ABAC evaluation
    • PolicyRegistry โ€“ central registry for ABAC rules

  • ๐Ÿš€ Framework Agnostic: Works in any PHP project

  • ๐Ÿงช Pest tests included (100% coverage)

๐Ÿ“ฆ Installation

composer require vima/core

๐Ÿ”ง Basic Usage

1. Define Roles & Permissions

use Vima\Core\Entities\Role;
use Vima\Core\Entities\Permission;

$admin = Role::define('admin');
$editor = Role::define('editor');

$updatePosts = Permission::define('posts.update');
$deletePosts = Permission::define('posts.delete');

$admin->addPermission($updatePosts)->addPermission($deletePosts);
$editor->addPermission($updatePosts);

2. Create Users & Assign Roles

use Vima\Core\Entities\User;

$alice = new User(1);
$alice->assignRole($admin);

$bob = new User(2);
$bob->assignRole($editor);

3. RBAC โ€“ Check Access

use Vima\Core\Services\AccessManager;

$manager = new AccessManager();

$manager->can($alice, 'posts.delete'); // true
$manager->can($bob, 'posts.delete');   // false

4. ABAC โ€“ Define Policies

use Vima\Core\Services\PolicyRegistry;

$policies = PolicyRegistry::define([
    'posts.update' => fn(User $user, $post) => $user->getId() === $post->ownerId,
]);

$manager = new AccessManager($policies);

$post = (object) ['ownerId' => 2];

$manager->evaluatePolicy($bob, 'posts.update', $post); // true (owner matches)
$manager->evaluatePolicy($alice, 'posts.update', $post); // false

๐Ÿ›  CLI

The package ships with a lightweight CLI (via Symfony Console).

php vendor/bin/vima

Example commands:

php vendor/bin/vima list
php vendor/bin/vima make:role admin
php vendor/bin/vima make:permission posts.update

๐Ÿงช Testing

This package uses Pest for testing.

Run the test suite:

composer test

With coverage:

composer test-coverage

Expected: 100% code coverage โœ…

๐Ÿ“‚ Package Structure

src/
 โ”œโ”€โ”€ Contracts/         # Interfaces
 โ”œโ”€โ”€ Entities/          # User, Role, Permission
 โ”œโ”€โ”€ Exceptions/        # Domain-specific exceptions
 โ”œโ”€โ”€ Services/          # AccessManager, PolicyRegistry
 โ”œโ”€โ”€ Storage/           # InMemory repositories
 โ””โ”€โ”€ Console/           # CLI entrypoint
tests/                  # Pest tests

๐Ÿ”ฎ Roadmap

  • Add persistence adapters (DB, cache, file storage)
  • Framework integrations (Laravel, Symfony, CI4)
  • Policy composition (can + evaluatePolicy)
  • Middleware support for HTTP frameworks

๐Ÿ“œ License

MIT License. Do whatever you want, just donโ€™t blame us if you lock yourself out. ๐Ÿ”’