Skip to main content

Granular Access Control for PHP

Build secure backend applications with flexible role-based permissions, fine-grained access control, and customizable restrictions for users and API clients.

Get StartedAPI Reference

Key features

Everything you need to implement enterprise-grade access control in your PHP applications.

Role-based permissions

Assign permissions to users and clients through roles with priority-based inheritance

Granular control

Control access at the module or category level with CRUD feature flags

Flexible restrictions

Apply date-based, entity-based, or custom restrictions to limit access dynamically

Built-in caching

Optimize performance with automatic permission caching and selective cache purging

Custom adapters

Use your own database and cache implementations via simple interfaces

API client support

Manage permissions for both users and API clients with the same flexible system

Quick start

Get GAC up and running in your PHP application in minutes.

1

Install via Composer

Install the GAC package using Composer:
composer require dancasdev/gac
2

Set up the database

Import the provided database schema to create the required tables:
mysql -u your_user -p your_database < vendor/dancasdev/gac/tables.sql
The schema includes tables for users, roles, modules, permissions, and restrictions. You can customize the gac_user and glb_person tables to fit your application’s needs.
3

Initialize GAC

Create a GAC instance with your database connection:
use DancasDev\GAC\GAC;

$gac = new GAC();
$gac->setDatabase([
    'host' => 'localhost',
    'dbname' => 'your_database',
    'username' => 'your_user',
    'password' => 'your_password'
]);

// Optional: Enable caching
$gac->setCache('gac', 1800, '/path/to/cache/dir');
4

Check permissions

Set the current entity and check their permissions:
// Set the user (entity type: 'user', ID: 123)
$gac->setEntity('user', 123);

// Get permissions
$permissions = $gac->getPermissions();

// Check if user has access to a module
if ($permissions->has('users')) {
    $permission = $permissions->get('users');
    
    // Check specific features
    if ($permission->hasFeature(['create', 'update'])) {
        echo "User can create and update users";
    }
}
Permissions are automatically cached on first retrieval. Subsequent requests will use the cached data for better performance.

Explore by topic

Dive deeper into GAC’s capabilities and learn how to customize it for your needs.

Understanding permissions

Learn how GAC manages module access, feature-level permissions, and role-based inheritance.

Read more

Working with restrictions

Apply time-based, entity-based, or custom restrictions to control when and where users can access resources.

Read more

Database setup guide

Detailed walkthrough of the database schema, relationships, and how to customize tables for your application.

Read more

Build custom adapters

Integrate GAC with your existing database layer and caching infrastructure using custom adapters.

Read more

Ready to secure your application?

Install GAC and start implementing enterprise-grade access control in your PHP backend today.

Get Started

Build docs developers (and LLMs) love

Get started for freeTalk to us