faruque-ashad / multi_guard_role_permission
Multi-guard role permission system for managing role permissions for users.
Requires
- php: >=8.0
- illuminate/support: ^10.0 || ^11.0
Requires (Dev)
- orchestra/testbench: ^8.0
- phpunit/phpunit: ^10.0
This package is auto-updated.
Last update: 2025-06-07 12:34:57 UTC
README
Table of Contents
Description
Multi Guard Role Permission is a powerful Laravel package designed to provide a flexible and secure access control system. With this package, you can define user roles with detailed permissions and even customize permissions at the individual user level, going beyond the limitations of predefined roles. It’s an intuitive solution to strengthen access control and enhance security within your Laravel project.
Installation
👉 To install this package, you'll need to have Laravel version 9 or higher and PHP version 8.0.0 or higher installed on your machine. You can download the latest version of PHP from the official PHP resource: https://www.php.net/downloads.php. Ensure your environment meets these requirements before proceeding with the installation.
-
Install auth package in laravel project (JWT, laravel/ui etc).
-
Install package:
composer require faruque-ashad/multi_guard_role_permission -
Run migrate command:
php artisan migrate -
Add auth guards:
php artisan add:auth {guard name} -
After add auth guard, hit
applicatoin_url/guardsget api for guard list.GEThttp://localhost:8000/guards or use bellow routeuse FaruqueAshad\MultiGuardRolePermission\Http\Controllers\RolePermissionController; use Symfony\Component\HttpFoundation\Response; // auth guards Route::get('/guards', function () { return sendResponse( 'Data fetch successfully.', \FaruqueAshad\MultiGuardRolePermission\Models\AuthGuard::all(), Response::HTTP_OK ); })->name('guards');Resonse:
{ "code": 200, "success": true, "message": "Data fetch successfully.", "data": [ { "id": 1, "name": "admin", "created_at": "2023-10-12T08:27:57.000000Z", "updated_at": "2023-10-12T08:27:57.000000Z", }, { "id": 2, "name": "customer", "created_at": "2023-10-12T08:27:51.000000Z", "updated_at": "2023-10-12T08:27:51.000000Z", } ], "errors": [] } -
Follow bellow route middleware pattern for permissions. User must be login for access the routes.
Route::middleware('check.auth:{your-guard}')->group(function () { // users can access this block routes after login Route::middleware('permission:{your-guard}')->group(function () { // user can access this block routes if user logged in and if user have permission // demo route Route::group(['prefix' => 'test', 'as' => 'test.'], function () { Route::get('/index', function () { return response()->json([ 'code' => 200, 'success' => true, 'message' => 'Permission testing', 'data' => [], 'errors' => [] ]); })->name('index'); }); }); });
-
Suppose you have two
auth guardslikeadminandcustomer. Then you can use bellow route pattern for permission.- For admin.
Route::middleware('check.auth:admin')->group(function () { // users can access this block routes after login Route::middleware('permission:admin')->group(function () { // user can access this block routes if user logged in and if user have permission // demo routes Route::group(['prefix' => 'test', 'as' => 'test.'], function () { Route::get('/admin/dashboard', function () { return response()->json([ 'code' => 200, 'success' => true, 'message' => 'Admin Permission testing', 'data' => [], 'errors' => [] ]); })->name('admin.dashboard'); }); }); });
- For customer
Route::middleware('check.auth:customer')->group(function () { // users can access this block routes after login Route::middleware('permission:customer')->group(function () { // user can access this block routes if user loggedin and if user have permission // demo routes Route::group(['prefix' => 'test', 'as' => 'test.'], function () { Route::get('/profile', function () { return response()->json([ 'code' => 200, 'success' => true, 'message' => 'Customer Permission testing', 'data' => [], 'errors' => [] ]); })->name('customer.profile'); }); }); });
-
For guard wise route permission list use bellow route.
use FaruqueAshad\MultiGuardRolePermission\Http\Controllers\RolePermissionController; Route::get('permission/module/{guard}', [RolePermissionController::class, 'module_permission'])->name('permission.route.list');
{ "code": 200, "success": true, "message": "Data fetch successfully.", "data": [ { "module": "test", "permission": [ { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " a", "route": "test/a", "is_permit": 0, "route_name": "test.a", "method": "GET" }, { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " b", "route": "test/b", "is_permit": 0, "route_name": "test.b", "method": "GET" } ] } ], "errors": [] } -
Role CRUD route
use FaruqueAshad\MultiGuardRolePermission\Http\Controllers\RolePermissionController; Route::group(['prefix' => 'role', 'as' => 'role.'], function () { // use `guard` params for gurad wise role list // use `search` params for search role Route::get('/list', [RolePermissionController::class, 'index'])->name('list'); Route::post('/create', [RolePermissionController::class, 'store'])->name('create'); Route::get('/show/{id}', [RolePermissionController::class, 'show'])->name('show'); Route::put('/update/{id}', [RolePermissionController::class, 'update'])->name('update'); Route::delete('/delete/{id}', [RolePermissionController::class, 'destroy'])->name('delete'); });
// example: Request data for role create and update { "auth_guard_id" : 1, // from '{base_url}/gurds' api. "name" : "admin", "is_admin" : 0, // 1 means admin role and 0 means other role. If admin then there is no permission for this role. "role_permissions" : [ // permission data from '{base_url}/permission/{guard}' api. { "module": "test", "permission": [ { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " a", "route": "test/a", "is_permit": 1, // 1 means add permission for test.a route "route_name": "test.a", "method": "GET" }, { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " b", "route": "test/b", "is_permit": 0, // 0 means permission not added "route_name": "test.b", "method": "GET" } ] } ] }
-
user permission list from bellow route
use FaruqueAshad\MultiGuardRolePermission\Http\Controllers\RolePermissionController; Route::post('/user/permission/list', [RolePermissionController::class, 'get_user_permission_list'])->name('user.permission.list');
// example: Request data { "auth_user_id" : 1, // your user id "role_id" : 1 }
-
Assaign user permission using bellow route
use FaruqueAshad\MultiGuardRolePermission\Http\Controllers\RolePermissionController; Route::post('/user/permission/add', [RolePermissionController::class, 'user_permission'])->name('user.permission.add');
// example: Request data { "auth_user_id" : 1, // your user id "role_id" : 2, "role_permissions" : [ // permission data from 'user/permission/list' api. { "module": "test", "permission": [ { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " a", "route": "test/a", "is_permit": 1, // 1 means permission added "route_name": "test.a", "method": "GET" }, { "auth_guard_id": 0, "role_id": 0, "auth_user_id": 0, "module": "test", "operation": " b", "route": "test/b", "is_permit": 0, // 0 means permission not added "route_name": "test.b", "method": "GET" } ] } ] }
-
For user role use
userRole($guard_name, $user_id)function .// response like bellow { "role_id": 1, "role: "Admin", "is_admin": 1 }