Skip to content
Basic roles and permissions handling for Laravel 5.5 and up
PHP
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github
src
tests
.gitattributes
.gitignore
.styleci.yml
.travis.yml
LICENSE
README.md
composer.json
composer.lock
phpunit.xml.dist

README.md

Laravel Basic Roles and Permissions

Basic roles and permissions handling for Laravel 5.5 and up.

laravel roles

StyleCI Total Downloads Latest Stable Version Latest Unstable Version Travis CI License

Contents

Installation

To get the latest version of Laravel Roles, simply require the project using Composer:

$ composer require andrey-helldar/laravel-roles

Or manually update require block of composer.json and run composer update.

{
    "require-dev": {
        "andrey-helldar/laravel-roles": "^1.6"
    }
}

If you don't use auto-discovery, add the ServiceProvider to the providers array in app/Providers/AppServiceProvider.php:

public function register()
{
    $this->app->register(\Helldar\Roles\ServiceProvider::class);
}

Copy the package config to your local config with the publish command:

php artisan vendor:publish --provider="Helldar\Roles\ServiceProvider"

You can create the DB tables by running the migrations:

php artisan migrate

This command will create such roles, permissions, user_roles and role_permissions tables.

Using

User model

First, add the Helldar\Roles\Traits\HasRoles trait to your User model:

use Illuminate\Foundation\Auth\User as Authenticatable;
use Helldar\Roles\Traits\HasRoles;

class User extends Authenticatable
{
    use HasRoles;

    // ...
}

Middleware

You can add middlewares in $routeMiddleware of app/Http/Kernel.php file:

use Helldar\Roles\Http\Middleware\Permission;
use Helldar\Roles\Http\Middleware\Permissions;
use Helldar\Roles\Http\Middleware\Role;
use Helldar\Roles\Http\Middleware\Roles;

protected $routeMiddleware = [
    // ...
    
    'role'        => Role::class,        // Checks for the entry of one of the specified permissions.
    'roles'       => Roles::class,       // Checks the entry of all of the specified permissions.
    'permission'  => Permission::class,  // Checks for the occurrence of one of the specified roles.
    'permissions' => Permissions::class, // Checks the entry of all of the specified roles.
]

Now you can check if one of the conditions is met:

// Example, user has been a `foo` role and a `baz` permission

// success access
app('router')
    ->middleware('role:foo,bar', 'permission:foo,bar')
    ->get(...)

// success access
app('router')
    ->middleware('role:foo,bar')
    ->get(...)

// failed access
app('router')
    ->middleware('permission:foo,bar')
    ->get(...)

Or check the entry of all conditions:

// Example, user has been a `foo` role and a `baz` permission

// failed access
app('router')
    ->middleware('roles:foo,bar', 'permissions:foo,bar')
    ->get(...)

// failed access
app('router')
    ->middleware('roles:foo,bar')
    ->get(...)

// success access
app('router')
    ->middleware('roles:foo')
    ->get(...)

// failed access
app('router')
    ->middleware('permissions:foo,bar')
    ->get(...)

// success access
app('router')
    ->middleware('permissions:baz')
    ->get(...)

Creating

use Helldar\Roles\Models\Role;
use Helldar\Roles\Models\Permission;

$role = Role::create(['name' => 'admin']);
$permission = Permission::create(['name' => 'update']);

$role->assignPermission($permission);

// or

$user = User::find(1);

$role = $user->createRole('Mega Admin'); // creating Role instance with "mega_admin" name.

$role->createPermission('Post edit'); // creating Permission instance with "post_edit" name.

Assign, revoke and sync permissions

This package allows for users to be associated with permissions and roles. Every role is associated with multiple permissions. A Role and a Permission are regular Eloquent models.

Assign permissions

To add roles and permissions, use the following methods:

use \Helldar\Roles\Models\Role;

// For User
$user->assignRole('role_name');
$user->assignRole(Role::find(1));
$user->assignRole(1);

$user->assignRoles($role_1, 'role_name_2', 3, ...);


// For Role
use \Helldar\Roles\Models\Permission;

$role->assignPermission('permission_name');
$role->assignPermission(Permission::find(1));
$role->assignPermission(1);

$role->assignPermissions($permission_1, 'permission_2', 3, ...);


// For Permission
use \Helldar\Roles\Models\Role;

$permission->assignRole('role_name');
$permission->assignRole(Role::find(1));
$permission->assignRole(1);

$permission->assignRoles($role_1, 'role_2', 3, ...);

Revoke permissions

To revoke roles and permissions, use the following methods:

use \Helldar\Roles\Models\Role;

// For User
$user->revokeRole('role_name');
$user->revokeRole(Role::find(1));
$user->revokeRole(1);

$user->revokeRoles($role_1, 'role_name_2', 3, ...);


// For Role
use \Helldar\Roles\Models\Permission;

$role->revokePermission('permission_name');
$role->revokePermission(Permission::find(1));
$role->revokePermission(1);

$role->revokePermissions($permission_1, 'permission_2', 3, ...);


// For Permission
use \Helldar\Roles\Models\Role;

$permission->revokeRole('role_name');
$permission->revokeRole(Role::find(1));
$permission->revokeRole(1);

$permission->revokeRoles($role_1, 'role_2', 3, ...);

Syncing permissions

To synchronization roles and permissions, use the following methods:

// For User
$user->syncRoles([1, 2, 3, ...]);


// For Role
$role->syncPermissions([1, 2, 3, ...]);


// For Permission
$permission->syncRoles([1, 2, 3, ...]);

Blade

If you enabled the use of directives in the config file, you can still using can() blade directive with additional role() and permission() directives:

@can('permission_name')
    I can see this text
@endcan

@if(auth()->user()->can('permission_name'))
    I can see this text
@endif


@role('role_name')
    I can see this text
@endrole

@role(auth()->user()->hasRole('role_name'))
    I can see this text
@endrole


@permission('permission_name')
    I can see this text
@endpermission

@permission(auth()->user()->hasPermission('permission_name'))
    I can see this text
@endpermission

You can only use blade directives with role/permission id or slug.

Note: use can() and role() / permission() is enabling separately. See config file.

Checking for permissions

For user:

$user = User::find(1);

// with role slug:
$user->hasRole('role_slug'): bool

// with role ID:
$user->hasRole(1): bool

// with role instance:
$user->hasRole(Role::find(1)): bool

// with permission slug:
$user->hasPermission('permission_slug'): bool

// with permission instance:
$user->hasPermission(Permission::find(1)): bool

For role:

$role = Role::find(1);

// with permission slug:
$role->hasPermission('permission_slug'): bool

// with permission ID:
$role->hasPermission(1): bool

// with permission instance:
$role->hasPermission(Permission::find(1)): bool

Also in the settings you can specify the name of the role for global access:

[
    'root_roles' => ['admin', 'foo', 'bar'],
]

or specify false to disable verification.

Artisan commands

You can create/delete a role or a permission from a console with artisan commands:

php artisan acl:role-create {name}
php artisan acl:role-delete {id|ID or role name}

php artisan acl:permission-create {name}
php artisan acl:permission-delete {id|ID or permission name}

You can also invoke the creation of roles and permissions from your application:

Artisan::call('acl:role-create', ['name' => $name]);
Artisan::call('acl:role-delete', ['name' => $name]);

Artisan::call('acl:permission-create', ['name' => $name]);
Artisan::call('acl:permission-delete', ['name' => $name]);

License

This package is released under the MIT License.

You can’t perform that action at this time.