muan/laravel-acl

ACL package for Laravel

Maintainers

Details

github.com/mustardandrew/muan-laravel-acl

Source

Issues

Installs: 136

Dependents: 1

Suggesters: 0

Security: 0

Stars: 4

Watchers: 2

Forks: 0

Open Issues: 0

Type:package

1.3 2020-03-10 10:52 UTC

Requires

  • php: >=7.0

MIT 2ff975dfd905159ca06f68afe473b26d805feaa9

  • Mustard Andrew <mustard.andrew.woop@gmail.com>

packageacllaravelpermissionrole

This package is auto-updated.

Last update: 2025-06-10 22:33:04 UTC

README

Muan Acl is a PHP package for Laravel Framework, used for manipulation of access control list. Package is providing an easier way to control roles and permissions of users on your site.

Requirements

  • PHP >=7.0

Install

  1. Type next command in your terminal:
composer require muan/laravel-acl
  1. Add the service provider to your config/app.php file in section providers:

Laravel 5.5 uses Package Auto-Discovery, so does not require you to manually add the ServiceProvider.

'providers' => [
    // ...
    Muan\Acl\AclServiceProvider::class,
    // ...
],
  1. Run the migrations:
php artisan migrate

Usage

Use the following traits on your User model:

// ...

use Muan\Acl\Traits\{HasRolesTrait, HasPermissionsTrait};
 
class User extends Authenticatable
{
    use HasRolesTrait, HasPermissionsTrait;
    
    // ... Your User Model Code
}

Using observer

To bind the base role to the user after registration, you can specify a public property $baseRole.

For example:

class User extends Authenticatable
{
    // ...
    
    /**
     * Attach base role
     */
    public $baseRole = 'user';
    
    // ...
}

Using in code

Check role

if ($user->hasRole('admin')) {
    // User is admin
}
// or
if ($user->hasRole('admin', 'writer')) {
    // User is admin or writer
}

Attach role

$user->attachRole(10, "moderator")

The same function, detach role

$user->detachRole('moder');
// ...
$user->detachRole('admin', '3', '2');

Clear all roles

$user->clearRoles();

Check permission

if ($user->hasPermission('create post')) {
    // User has permission "create post"
}

Attach permissions

$user->attachPermission("update post");

Detach permissions

$user->detachPermission("remove post");

Clear all permissions

$user->clearPermissions();

See the code for more information... =)

Commands for manipulation

Permissions

Create new permission

php artisan permission:add "create post"

Rename permission

php artisan permission:rename "create post" create.post

Remove permission

php artisan permission:remove "create post"

Show all permissions

php artisan permission:list

Roles

Create new role

php artisan role:add admin

Rename role

php artisan role:rename admin superuser

Remove role

php artisan role:remove admin

View all roles

php artisan role:list

Attach permissions to role

php artisan role:attach admin --id=2 --id=3 --name="create post"

Detach permissions from role

php artisan role:detach admin --id=3 --name="destroy user"

Clear all attached permissions

php artisan role:clear

View information about role and show all attached permissions

php artisan role:view admin

Users

Attach roles

php artisan user:role-attach 5 --id=2 --name=moderator

Detach roles

php artisan user:role-detach 5 --id=2 --name=admin

Detached all roles from user

php artisan user:role-clear

Attach permissions

php artisan user:permission-attach 5 --id=7 --name="remove comment"

Detach permissions

php artisan user:permission-detach 5 --id=2 --name="read secret post"

Detached all permission from user

php artisan user:permission-clear

View information about user, all attached roles and permissions

php artisan user:view 5

where 5 is ID of user.

Using blade directives

You also can use directives to verify the currently logged in user has any roles or permissions.

Check roles:

@role('admin')
   <!-- User has role admin -->
@elserole('writer')   
   <!-- User has role writer -->
   <!-- ... -->
@else
   <!-- User with other roles -->
@endrole

or check more roles in one directive:

 @role(['admin', 'writer'])
    <!-- User has next roles: admin, writer -->
 @endrole

Check permissions:

@can('create post')
    <!-- User can create post -->
@elsecan('edit post')
    <!-- User can edit post  -->
@endcan

Using middlewares

You can use role middleware for check access to some routes

Route::middleware(['role:admin'])->group(function() {
    
    // Only for user with role admin
    Route::get('/admin', function() {
        // some code
    });

});

also you can use permission middleware

Route::middleware(['permission:create post'])->group(function() {
    
    // Only for user with permission create post
    Route::get('/admin/post', function() {
        // some code
    });
    
});

or use role and permission middleware together

Route::middleware(['role:moderator', 'permission:remove post'])->group(function() {
    
    // Only for user with role moderator and with permission create post
    Route::get('/admin/post/remove', function() {
        // some code
    });
    
});

License

Muan Laravel Acl package is licensed under the MIT License.