Setting Rules

You can define access control rules using the allow() and deny() methods:

$access->allow("admin", "delete-a-user");      // Allow "admin" to delete a user
$access->deny("moderator", "delete-a-user");   // Deny "moderator" from deleting a user

Checking Permissions

To check if a user or group is allowed to perform an action, use isAllowed():

use Exception;

$userType = "moderator";

if (!$access->isAllowed($userType, "delete-a-user")) {
    throw new Exception("Access denied.");
}

$user->delete();

Enforcing Permissions

For convenience, use verify(). This method will throw an AccessDeniedException if the user is not allowed:

$userType = "moderator";

$access->verify($userType, "delete-a-user");

$user->delete();