<?php

use Laminas\Permissions\Acl\Acl;
use Laminas\Permissions\Acl\Resource\ResourceInterface;

// Resource object. A Resource can also be a string instead of an object
class ValueObject implements ResourceInterface
{
    private $id;
    private $name;
    
    public function __construct($id, $name)
    {
        $this->id = (int) $id;
        $this->name = (string) $name;
    }
    
    /**
     * Method of ResourceInterface
     *
     * @return string
     */
    public function getResourceId()
    {
        return 'ValueObject-' . $this->id;
    }
}

// custom privileges
$read = 'R';
$write = 'W';
$troll = 'T'; // Allowance to troll others with the resource 

// Create one Resource (ResourceId: "ValueObject-1")
$vo1 = new ValueObject(1, 'one');

$acl = new Acl();

/*
   You may prefer Role objects than strings
   because Role objects are used anyways in
   Acl.
   
   addRole(newRole, parentRole)
 */
$acl->addRole('ANONYMOUS');
$acl->addRole('USER', 'ANONYMOUS');
$acl->addRole('ADMIN', 'USER');

// Add resources, usually unique data
$acl->addResource($vo1);

// set who is allowed to do stuff with Resources
$acl->allow('USER', $vo1, $read);
$acl->allow('ADMIN', $vo1, [$write, $troll]);

// Let's see who has which permission
echo 'ANONYMOUS read $vo1';
dump(
    $acl->isAllowed('ANONYMOUS', $vo1, $read)
);
echo 'USER read $vo1';
dump(
    $acl->isAllowed('USER', $vo1, $read)
);
echo 'USER trolls with $vo1';
dump(
    $acl->isAllowed('USER', $vo1, $troll)
);
echo 'ADMIN read $vo1';
dump(
    $acl->isAllowed('ADMIN', $vo1, $read)
);
echo 'ADMIN trolls with $vo1';
dump(
    $acl->isAllowed('ADMIN', $vo1, $troll)
);

ANONYMOUS read $vo1

^ false

USER read $vo1

^ true

USER trolls with $vo1

^ false

ADMIN read $vo1

^ true

ADMIN trolls with $vo1

^ true

• Convert XML to Json in Laminas
• Using multiple filters with priority in Laminas
• locating files in a directory for classes only with Laminas

PHP 8.3, Laminas MVC 3.2, Symfony 5.2, Laravel 8.28, PHPUnit 9.5, Doctrine ORM 2.8