Database-backed Role-Based Access Control for CakePHP 5 applications with CakeDC/Users integration.
- Database-backed roles and permissions (runtime manageable via admin UI)
- Pivot tables: users_roles, users_permissions for flexible assignment
- Both role-based and direct user permission assignment
- String-based custom permissions AND controller/action auto-discovery
- CakePHP Authorization plugin integration with custom DB resolver
- Configurable multi-role support (single role default, opt-in multi-role)
- Configurable superadmin bypass role (defaults to 'superadmin')
- Permission caching with auto-invalidation (enabled by default)
- Full admin UI for managing roles, permissions, and user assignments
- View helper for permission checks in templates
- Middleware for automatic controller/action permission enforcement
- Overridable from host application
| Requirement | Version |
|---|---|
| PHP | >= 8.1 |
| CakePHP | ^5.0 |
| CakeDC/Users | ^16.0 |
| CakePHP Authorization | ^3.0 |
- Add the repository to your
composer.json:
{
"repositories": [
{
"type": "vcs",
"url": "https://github.com/CakePHPMitra/CakePHP_RBAC"
}
]
}- Install via Composer:
composer require cakephpmitra/rbac:dev-main- Load the plugin:
bin/cake plugin load RbacOr add to src/Application.php in the bootstrap() method:
$this->addPlugin('Rbac');- Run migrations:
bin/cake migrations migrate --plugin RbacTODO: Add quick start guide after implementation.
See the docs folder for detailed documentation:
- Features - Usage and helper methods
- Development - Configuration and other
See CONTRIBUTING.md for guidelines.
Report bugs and feature requests on the Issue Tracker.
MIT License - see LICENSE file.