Tutorials › Zend Framework / Laminas › ACL in Laminas

ACL in Laminas

5 min read Quiz at the end

Implement ACL with roles, resources, allow/deny rules, and isAllowed() permission checks.

Access Control List (ACL)

use LaminasPermissionsAclAcl;
use LaminasPermissionsAclRoleGenericRole as Role;
use LaminasPermissionsAclResourceGenericResource as Resource;

$acl = new Acl();

// Define roles (with inheritance)
$acl->addRole(new Role("guest"));
$acl->addRole(new Role("member"), "guest");   // inherits from guest
$acl->addRole(new Role("editor"), "member");  // inherits from member
$acl->addRole(new Role("admin"),  "editor");  // inherits all

// Define resources
$acl->addResource(new Resource("posts"));
$acl->addResource(new Resource("comments"));
$acl->addResource(new Resource("users"));

// Grant permissions
$acl->allow("guest",  "posts",    ["index", "view"]);
$acl->allow("member", "comments", ["create"]);
$acl->allow("editor", "posts",    ["create", "edit"]);
$acl->allow("admin");  // allow all

// Check
$acl->isAllowed("guest",  "posts",    "view");    // true
$acl->isAllowed("guest",  "posts",    "edit");    // false
$acl->isAllowed("editor", "posts",    "create");  // true
$acl->isAllowed("admin",  "users",    "delete");  // true

← Authentication in Laminas Next: Database Adapter →

Topic Quiz · 2 questions

Test your understanding before moving on

1. What is an ACL?

💡 ACL maps roles to resources and operations for authorization.

2. What does $acl->allow("admin") without resource/action do?

💡 allow() with only a role grants that role universal access.

Quick Access

ACL in Laminas

Access Control List (ACL)

Test your understanding before moving on