I am wondering about the difference between ACL and RBAC ? I’ve read this : “RBAC differs from access control lists (ACL) by putting the emphasis on roles and their permissions rather than objects (resources).”
But both have Roles and seems to do the same not exactly the same way but very similar.
OK. If I understood correctly, the difference is the “philosophy” and the way it’s done. But in the case of a web site or application, both could achieve the same result.
Based on these definitions of ACLs and RBAC, then I’m quite confused as to why laminas-permissions-acl includes a GenericRole class. Can someone clarify, please?