# Introduction Welcome to the official documentation of LmcRbacMvc! In this part, the following questions will be answered: * Why should I use an authorization module? * What is the Rbac model? * How can I integrate LmcRbacMvc into my application? ## Why should I use an authorization module? The authorization part of an application is an essential aspect of securing your application. While the authentication part tells you who is using your website, the authorization answers if the given identity has the permission to perform specific actions. ## What is the Rbac model? Rbac stands for **role-based access control**. We use a very simple (albeit powerful) implementation of this model through the use of the [zf-fr/rbac](https://github.com/zf-fr/rbac) library. The basic idea of Rbac is to use roles and permissions: * **Users** can have one or many **Roles** * **Roles** request access to **Permissions** * **Permissions** are granted to **Roles** By default, LmcRbacMvc can be used for two kinds of Rbac model: * Flat RBAC model: in this model, roles cannot have children. This is ideal for smaller applications, as it is easier to understand, and the database design is simpler (no need for a join table). * Hierarchical RBAC model: in this model, roles can have child roles. When evaluating if a given role has a permission, this model also checks recursively if any of its child roles also have the permission. ## How can I integrate LmcRbacMvc into my application? LmcRbacMvc offers multiple ways to protect your application: * Using **Guards**: these classes act as "firewalls" that block access to routes and/or controllers. Guards are usually configured using PHP arrays, and are executed early in the MVC dispatch process. Typically this happens right after the route has been matched. * Using **AuthorizationService**: a complementary method is to use the `AuthorizationService` class and inject it into your service classes to protect them from unwanted access. While it is advised to use both methods to make your application even more secure, this is completely optional and you can choose either of them independently. To find out about how you can easily make your existing application more secure, please refer to the following section: * [Cookbook: A real world example](07.%20Cookbook.md#a-real-world-application) ### Navigation * Continue to [the **Quick Start**](02.%20Quick%20Start.md) * Back to [the Index](README.md)