Zf-fr/rbac vs zend-permissions-rbac

"rbac (not to be confused with ZfcRbac) is a pure PHP implementation of the RBAC (Role based access control) concept. Actually, it is a Zend Framework 3 prototype of the ZF2 Zend\Permissions\Rbac component.

It aims to fix some design mistakes that were made to make it more usable and more efficient."

My question is has there be a reconciliation between the two components and if yes has the ZF-rbac component been updated with proposed fix?

As far as I know, no backporting work was done there. You should probably open an issue on ZfcRbac and link it from here too.

I’ve reached out to the authors of the zf-fr RBAC component probably around 18 months ago to find out what the exact differences are between the components (they have no documentation, so it wasn’t readily apparent), and what the migration steps might be for end-users. I never received this information, unfortunately, so while it claims to fix some design mistakes, I’m not entirely certain what those are.

@matthew From the comments https://github.com/zf-fr/rbac/issues/24#issuecomment-254194724 says

but to be honest it was too much work to explain, to do a migration guide, to add the necessary code needed to provide bridge… so I gave up :slight_smile:

Right - and that’s the problem. If they cannot take the time to document and/or explain these things, then we can only take them at their word that the problems exist. I don’t think that’s a fair assumption, and our issue tracker doesn’t indicate that folks are having issues with the architecture, to be honest.


May be you should ask to remove the text zf3 implementation which confuse people. I could have opened the issue, but as you are the lead of the project it makes more sense.

It as a library can stay and help others but less confusion.