An interface for checking access

2.0.0 2023-08-07 07:09 UTC

This package is auto-updated.

Last update: 2024-07-18 05:30:03 UTC



Yii Access

Latest Stable Version Total Downloads Build status Scrutinizer Code Quality Code Coverage Mutation testing badge static analysis type-coverage

This package provides an interface for checking if certain user has certain permission. Optional parameters could be passed for fine-grained access checks. Additionally, DenyAll and AllowAll implementations are available out of the box.


  • PHP 8.0 or higher.


The package could be installed with Composer:

composer require yiisoft/access

General usage

An access checker such as RBAC implements the interface. A user identity may use it then for checking access:

use Yiisoft\Access\AccessCheckerInterface;

class UserService
    private AccessCheckerInterface $accessChecker;
    public function __construct(AccessCheckerInterface $accessChecker)
        $this->accessChecker = $accessChecker;
    public function can(string $permissionName, array $parameters = []): bool
        return $this->accessChecker->userHasPermission(
    public function getCurrentUser(): User
        // ...

In the handler it may look like the following:

public function actionList(UserService $userService)
    if (!$userService->can('list_posts')) {
        // access denied

    // list posts


If you need help or have a question, the Yii Forum is a good place for that. You may also check out other Yii Community Resources.


The Yii Access is free software. It is released under the terms of the BSD License. Please see LICENSE for more information.

Maintained by Yii Software.

Support the project

Open Collective

Follow updates

Official website Twitter Telegram Facebook Slack