Skip to content
This repository has been archived by the owner. It is now read-only.
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Access Control Module for the Kohana Framework

Database-based ACL module for Kohana 3.3 / PHP 5.4. Users get authorization to perform certain actions through their roles. Each role can have several permissions. You define new roles and permissions in the database as you see fit.

I actually do recommend against using this module unless you specifically want the role/permission management to happen in the database (some projects need permissions managed from the GUI, by administrative users). For an alternative (and much better) implementation, see


  1. PHP >= 5.4
  2. Kohana >= 3.3
  3. Default Database, Auth and ORM modules


// ...
public function save_customer() {
	$current_user = Auth::instance()->get_user();

	if (!$current_user->can(Permission::EDIT_CUSTOMERS)) {
		throw new Authorization_Exception();

	// Save the Customer ORM model
// ...

Defining permissions

Create new entries in the permissions table as you develop your application. Associate permissions with roles and check for the user's authorization to perform some action in your code.

Permission constants

Override Permission in your APPPATH to define permission constants. Constant values correspond to the id column of the permissions table.

class Model_Permission extends ACL_Model_Permission {
	const EDIT_USERS = 1;
	const ADD_NEW_POST = 2;


Checking permissions

  • $user->can($permission); // Has the permission
  • $user->has_permissions(array $permissions); // Has all of the specified permissions
  • $user->has_any_permission(array $permission); // Has any of the specified permissions


  • Add the files to your modules folder

As a Git submodule:

git clone git:// modules/db-acl

As a Composer dependency

	"require": {
		"php": ">=5.4.0",
		"composer/installers": "*",
  • Enable in bootstrap.php (above/before auth/orm modules)
  • Run create-tables.sql (and orm/auth-schema-*.sql if you haven't already done so)
  • Make sure that your Model_User (if overwritten) uses the trait ACL_Trait_User
  • Create some permissions and start calling one of the permission methods on Model_User


Database-based ACL module for Kohana 3.3.




No packages published