sajjadhossainshohag/laravel-permission-scanner

Permission Scanner Tool is a scans your application for @can, @canany, and permission middleware usage in controllers, routes, and Blade views. It helps developers analyze and manage role-based access control (RBAC) by extracting all permission-related directives efficiently.

Maintainers

Details

github.com/sajjadhossainshohag/laravel-permission-scanner

Source

Issues

Installs: 4

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 1

Forks: 1

Open Issues: 0

0.1.0-beta 2025-03-17 17:45 UTC

Requires

Requires (Dev)

MIT 31b0f329a1b64265c84beab3e86e8e605a183ca3

  • Sajjad Hossain Shohag <sajjadhossainshohagbd.woop@gmail.com>

authorizationsecurityAuditauthscannergatebladecanaccess-controlrole-managementlaravel-permissions-extractorcanany

This package is auto-updated.

Last update: 2025-04-19 16:33:18 UTC

README

The Laravel Permission Scanner helps you manage role-based access control in your Laravel application by scanning for the usage of @can, @canany, and permission middleware in controllers, routes, and Blade views. It provides an easy way to analyze and track permission-related directives across your app.

Note: Laravel Permission Scanner is currently in beta version.

Features

  • Scans PHP files for @can, @canany, middleware, Gate, and permission methods
  • Detects permission usage in:
    • Controllers
    • Routes
    • Blade views
    • Middleware
  • Analyzes permissions using AST parsing
  • Generates permission seeders automatically
  • Provides detailed results of found permissions across files
  • Supports debugging with detailed file and permission output

Requirements

  • PHP 8.1 or higher
  • Laravel 8.0 or higher

Installation

Install the package via Composer:

composer require sajjadhossainshohag/laravel-permission-scanner:v0.1.0-beta

Configuration

Publish the configuration file:

php artisan vendor:publish --provider="Sajjadhossainshohag\LaravelPermissionScanner\PermissionScannerServiceProvider"

This will create a config/scanner.php file where you can customize the scan paths:

return [
    'scan_paths' => [
        'resources/views',
        'app',
        'routes',
    ],
];

Usage

Basic Scanning

Run the command to scan your application:

php artisan permission:scan

This will display all found permissions in your application.

Generate Permission Seeder

To automatically generate a seeder file with found permissions:

php artisan permission:scan --seeder=PermissionsTableSeeder

This will create a new seeder file in database/seeders with all discovered permissions.

Example output:

class PermissionsTableSeeder extends Seeder
{
    public function run()
    {
        $permissions = [
            ['name' => 'edit-posts', 'guard_name' => 'web'],
            ['name' => 'delete-posts', 'guard_name' => 'web'],
            // ...
        ];

        DB::table('permissions')->insert($permissions);
    }
}

What It Scans For

The scanner detects permissions in:

  1. Blade Directives:

    • @can('permission-name')
    • @canany(['permission-1', 'permission-2'])

  2. Controller Methods:

    • $this->authorize('permission-name')
    • Gate::allows('permission-name')

  3. Route Definitions:

    • ->middleware('can:permission-name')
    • ->middleware('permission:permission-name')

  4. Policy Methods:

    • Permission-related method names and checks

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

Development

# Install dependencies
composer install

# Run tests
composer test

License

This package is open-source software licensed under the MIT license.

Credits

This package is open-source software licensed under the MIT license.