[nycphp-talk] phpGACL access control

csnyder chsnyder at
Sat Aug 25 23:52:39 EDT 2007

On 8/24/07, Cliff Hirsch <cliff at> wrote:
> > As for phpGACL, the feedback I got was that most ACLs out there are
> > good at answering one question, from the following list:
> >
> > 1) "Can I access this object?"
> > 2) "Who can access this object?"
> >
> > The trouble is finding an ACL that is equally adept at doing both.
> I understand #1. That's the main point -- access control. But why do I need
> #2? To see if I need to bar the door for someone as the # of rules, groups,
> users grows increasingly complex?

I think number 2 translates to things like "Who else can read posts to
this forum?" or "What developers have commit access" or even reports
like "List all editors by site".

Chris Snyder

More information about the talk mailing list