Small library to reproduce the logic of the unix filesystem access control list.
composer require innmind/acluse Innmind\ACL\{
ACL,
User,
Group,
Mode,
};
$acl = ACL::of('r---w---x user:group');
$acl->allows(User::of('foo'), Group::of('bar'), Mode::read); // false
$acl->allows(User::of('foo'), Group::of('bar'), Mode::write); // false
$acl->allows(User::of('foo'), Group::of('bar'), Mode::execute); // true
$acl->allows(User::of('foo'), Group::of('group'), Mode::read); // false
$acl->allows(User::of('foo'), Group::of('group'), Mode::write); // true
$acl->allows(User::of('foo'), Group::of('group'), Mode::execute); // true
$acl->allows(User::of('user'), Group::of('bar'), Mode::read); // true
$acl->allows(User::of('user'), Group::of('bar'), Mode::write); // false
$acl->allows(User::of('user'), Group::of('bar'), Mode::execute); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::read); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::write); // true
$acl->allows(User::of('user'), Group::of('group'), Mode::execute); // true
$acl->toString(); // outputs "r---w---x user:group"
$otherAcl = $acl->addUser(Mode::write);
$acl->toString(); // outputs "r---w---x user:group"
$otherAcl->toString(); // outputs "rw--w---x user:group"The goal is to reproduce the logic of the filesystem ACL but at the application level so it can be persisted in a user entity and being completely decoupled from the real filesystem.