Role Based Access Control

Question

Are there any open source, PHP based, role based access control system that can be used for CodeIgniter?

Answer 1

Found out about Khaos ACL which is a CI library... I'm also checking out phpgacl and how to use it for CI... Have'nt checked Zend ACL yet. But maybe it can be "ported" to CI

Answer 2

I know the trail is cold, but a new project has popped up :

PHP-RBAC is a PHP Hierarchical NIST Level 2 Standard Role Based Access Control and is pretty mature. It is also an OWASP project.

I hope you enjoy it at http://phprbac.net

Answer 3

Here are two RBAC libraries for PHP I found:

• https://github.com/leighmacdonald/php_rbac
• https://github.com/brandonlamb/php-rbac

I actually used the first one in PolyAuth: https://github.com/Polycademy/PolyAuth/

It's a full featured auth library that includes NIST level 1 RBAC. And yes, RBAC is not the same as an ACL. I use Codeigniter as well, all you have to do is use the PDO driver and pass in the connection id. See this tutorial for how to do that: http://codebyjeff.com/blog/2013/03/codeigniter-with-pdo

Answer 4

Ion Auth Library uses users and groups - https://github.com/benedmunds/CodeIgniter-Ion-Auth but there are no working RBAC system to use them and manage. But you can white your functions.

Answer 5

Brandon Savage gave a presentation on his PHP package "ApplicationACL" that may or may not accomplish role-based access. PHPGACL might work as well, but I can't tell you for sure.

What I can tell you, however, is the Zend_ACL component of the Zend Framework will do role-based setups (however you'll have to subclass to check multiple roles at once). Granted the pain of this is you'll have to pull out Zend_ACL, I do not believe it has any external dependencies, from the monolithic download (or SVN checkout).

The nice thing about Zend_ACL is though its storage agnostic. You can either rebuild it every time or it's designed to be serialized (I use a combination of both, serialize for the cache and rebuild from the DB).