[nycphp-talk] phpGACL access control

Cliff Hirsch cliff at
Fri Aug 24 19:24:19 EDT 2007

> As for phpGACL, the feedback I got was that most ACLs out there are
> good at answering one question, from the following list:
> 1) "Can I access this object?"
> 2) "Who can access this object?"
> The trouble is finding an ACL that is equally adept at doing both.

I understand #1. That's the main point -- access control. But why do I need
#2? To see if I need to bar the door for someone as the # of rules, groups,
users grows increasingly complex?

I like having an instant front-end gui for setting up the ACLs. That's where
phpGACL seems to make sense. But it doesn't solve the issue of implementing it
in an application. I'm guessing thats where a really well designed and
structured front-end controller could be handy. It would just need to check
permission based on a page/action.


More information about the talk mailing list