PHPackages 7lab/laravel-roles - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. 7lab/laravel-roles Abandoned → [sevenlab/laravel-roles](/?search=sevenlab%2Flaravel-roles)Library[Authentication & Authorization](/categories/authentication) 7lab/laravel-roles ================== Powerful package for handling roles and permissions in Laravel. 6.0(5y ago)03.2k1MITPHPPHP >=7.2 Since Jan 15Pushed 3y ago2 watchersCompare [ Source](https://github.com/SevenLabnl/laravel-roles)[ Packagist](https://packagist.org/packages/7lab/laravel-roles)[ RSS](/packages/7lab-laravel-roles/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (8)Versions (53)Used By (0) Roles And Permissions For Laravel ================================= [](#roles-and-permissions-for-laravel) Powerful package for handling roles and permissions in Laravel. - [Installation](#installation) - [Composer](#composer) - [Service Provider](#service-provider) - [Config File And Migrations](#config-file-and-migrations) - [HasRoleAndPermission Trait And Contract](#hasroleandpermission-trait-and-contract) - [Migrate from Bican roles](#Migrate-from-bican-roles) - [Usage](#usage) - [Creating Roles](#creating-roles) - [Attaching, Detaching and Syncing Roles](#attaching-detaching-and-syncing-roles) - [Checking For Roles](#checking-for-roles) - [Levels](#levels) - [Creating Permissions](#creating-permissions) - [Attaching, Detaching and Syncing Permissions](#attaching-detaching-and-syncing-permissions) - [Checking For Permissions](#checking-for-permissions) - [Permissions Inheriting](#permissions-inheriting) - [Entity Check](#entity-check) - [Blade Extensions](#blade-extensions) - [Middleware](#middleware) - [Config File](#config-file) - [More Information](#more-information) - [License](#license) Installation ------------ [](#installation) This package is very easy to set up. There are only couple of steps. ### Composer [](#composer) Pull this package in through Composer ``` composer require 7Lab/laravel-roles ``` > If you are still using Laravel 5.0, you must pull in version `1.7.*`. ### Service Provider [](#service-provider) Add the package to your application service providers in `config/app.php` file. ``` 'providers' => [ ... /** * Third Party Service Providers... */ Ultraware\Roles\RolesServiceProvider::class, ], ``` ### Config File And Migrations [](#config-file-and-migrations) Publish the package config file and migrations to your application. Run these commands inside your terminal. ``` php artisan vendor:publish --provider="Ultraware\Roles\RolesServiceProvider" --tag=config php artisan vendor:publish --provider="Ultraware\Roles\RolesServiceProvider" --tag=migrations ``` And also run migrations. ``` php artisan migrate ``` > This uses the default users table which is in Laravel. You should already have the migration file for the users table available and migrated. ### HasRoleAndPermission Trait And Contract [](#hasroleandpermission-trait-and-contract) Include `HasRoleAndPermission` trait and also implement `HasRoleAndPermission` contract inside your `User` model. Migrate from bican roles ------------------------ [](#migrate-from-bican-roles) If you migrate from bican/roles to ultraware/roles yoe need to update a few things. - Change all calls to `can`, `canOne` and `canAll` to `hasPermission`, `hasOnePermission`, `hasAllPermissions`. - Change all calls to `is`, `isOne` and `isAll` to `hasRole`, `hasOneRole`, `hasAllRoles`. Usage ----- [](#usage) ### Creating Roles [](#creating-roles) ``` use Ultraware\Roles\Models\Role; $adminRole = Role::create([ 'name' => 'Admin', 'slug' => 'admin', 'description' => '', // optional 'level' => 1, // optional, set to 1 by default ]); $moderatorRole = Role::create([ 'name' => 'Forum Moderator', 'slug' => 'forum.moderator', ]); ``` > Because of `Slugable` trait, if you make a mistake and for example leave a space in slug parameter, it'll be replaced with a dot automatically, because of `str_slug` function. ### Attaching, Detaching and Syncing Roles [](#attaching-detaching-and-syncing-roles) It's really simple. You fetch a user from database and call `attachRole` method. There is `BelongsToMany` relationship between `User` and `Role` model. ``` use App\User; $user = User::find($id); $user->attachRole($adminRole); // you can pass whole object, or just an id $user->detachRole($adminRole); // in case you want to detach role $user->detachAllRoles(); // in case you want to detach all roles $user->syncRoles($roles); // you can pass Eloquent collection, or just an array of ids ``` ### Checking For Roles [](#checking-for-roles) You can now check if the user has required role. ``` if ($user->hasRole('admin')) { // you can pass an id or slug // } ``` You can also do this: ``` if ($user->isAdmin()) { // } ``` And of course, there is a way to check for multiple roles: ``` if ($user->hasRole(['admin', 'moderator'])) { /* | Or alternatively: | $user->hasRole('admin, moderator'), $user->hasRole('admin|moderator'), | $user->hasOneRole('admin, moderator'), $user->hasOneRole(['admin', 'moderator']), $user->hasOneRole('admin|moderator') */ // The user has at least one of the roles } if ($user->hasRole(['admin', 'moderator'], true)) { /* | Or alternatively: | $user->hasRole('admin, moderator', true), $user->hasRole('admin|moderator', true), | $user->hasAllRoles('admin, moderator'), $user->hasAllRoles(['admin', 'moderator']), $user->hasAllRoles('admin|moderator') */ // The user has all roles } ``` ### Levels [](#levels) When you are creating roles, there is optional parameter `level`. It is set to `1` by default, but you can overwrite it and then you can do something like this: ``` if ($user->level() > 4) { // } ``` > If user has multiple roles, method `level` returns the highest one. `Level` has also big effect on inheriting permissions. About it later. ### Creating Permissions [](#creating-permissions) It's very simple thanks to `Permission` model. ``` use Ultraware\Roles\Models\Permission; $createUsersPermission = Permission::create([ 'name' => 'Create users', 'slug' => 'create.users', 'description' => '', // optional ]); $deleteUsersPermission = Permission::create([ 'name' => 'Delete users', 'slug' => 'delete.users', ]); ``` ### Attaching, Detaching and Syncing Permissions [](#attaching-detaching-and-syncing-permissions) You can attach permissions to a role or directly to a specific user (and of course detach them as well). ``` use App\User; use Ultraware\Roles\Models\Role; $role = Role::find($roleId); $role->attachPermission($createUsersPermission); // permission attached to a role $user = User::find($userId); $user->attachPermission($deleteUsersPermission); // permission attached to a user ``` ``` $role->detachPermission($createUsersPermission); // in case you want to detach permission $role->detachAllPermissions(); // in case you want to detach all permissions $role->syncPermissions($permissions); // you can pass Eloquent collection, or just an array of ids $user->detachPermission($deleteUsersPermission); $user->detachAllPermissions(); $user->syncPermissions($permissions); // you can pass Eloquent collection, or just an array of ids ``` ### Checking For Permissions [](#checking-for-permissions) ``` if ($user->hasPermission('create.users')) { // you can pass an id or slug // } if ($user->canDeleteUsers()) { // } ``` You can check for multiple permissions the same way as roles. You can make use of additional methods like `hasOnePermission` or `hasAllPermissions`. ### Permissions Inheriting [](#permissions-inheriting) Role with higher level is inheriting permission from roles with lower level. There is an example of this `magic`: You have three roles: `user`, `moderator` and `admin`. User has a permission to read articles, moderator can manage comments and admin can create articles. User has a level 1, moderator level 2 and admin level 3. It means, moderator and administrator has also permission to read articles, but administrator can manage comments as well. > If you don't want permissions inheriting feature in you application, simply ignore `level` parameter when you're creating roles. ### Entity Check [](#entity-check) Let's say you have an article and you want to edit it. This article belongs to a user (there is a column `user_id` in articles table). ``` use App\Article; use Ultraware\Roles\Models\Permission; $editArticlesPermission = Permission::create([ 'name' => 'Edit articles', 'slug' => 'edit.articles', 'model' => 'App\Article', ]); $user->attachPermission($editArticlesPermission); $article = Article::find(1); if ($user->allowed('edit.articles', $article)) { // $user->allowedEditArticles($article) // } ``` This condition checks if the current user is the owner of article. If not, it will be looking inside user permissions for a row we created before. ``` if ($user->allowed('edit.articles', $article, false)) { // now owner check is disabled // } ``` ### Blade Extensions [](#blade-extensions) There are four Blade extensions. Basically, it is replacement for classic if statements. ``` @role('admin') // @if(Auth::check() && Auth::user()->hasRole('admin')) // user has admin role @endrole @permission('edit.articles') // @if(Auth::check() && Auth::user()->hasPermission('edit.articles')) // user has edit articles permissison @endpermission @level(2) // @if(Auth::check() && Auth::user()->level() >= 2) // user has level 2 or higher @endlevel @allowed('edit', $article) // @if(Auth::check() && Auth::user()->allowed('edit', $article)) // show edit button @endallowed @role('admin|moderator', true) // @if(Auth::check() && Auth::user()->hasRole('admin|moderator', true)) // user has admin and moderator role @else // something else @endrole ``` ### Middleware [](#middleware) This package comes with `VerifyRole`, `VerifyPermission` and `VerifyLevel` middleware. You must add them inside your `app/Http/Kernel.php` file. ``` /** * The application's route middleware. * * @var array */ protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'role' => \Ultraware\Roles\Middleware\VerifyRole::class, 'permission' => \Ultraware\Roles\Middleware\VerifyPermission::class, 'level' => \Ultraware\Roles\Middleware\VerifyLevel::class, ]; ``` Now you can easily protect your routes. ``` $router->get('/example', [ 'as' => 'example', 'middleware' => 'role:admin', 'uses' => 'ExampleController@index', ]); $router->post('/example', [ 'as' => 'example', 'middleware' => 'permission:edit.articles', 'uses' => 'ExampleController@index', ]); $router->get('/example', [ 'as' => 'example', 'middleware' => 'level:2', // level >= 2 'uses' => 'ExampleController@index', ]); ``` It throws `\Ultraware\Roles\Exceptions\RoleDeniedException`, `\Ultraware\Roles\Exceptions\PermissionDeniedException` or `\Ultraware\Roles\Exceptions\LevelDeniedException` exceptions if it goes wrong. You can catch these exceptions inside `app/Exceptions/Handler.php` file and do whatever you want. ``` /** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { if ($e instanceof \Ultraware\Roles\Exceptions\RoleDeniedException) { // you can for example flash message, redirect... return redirect()->back(); } return parent::render($request, $e); } ``` Config File ----------- [](#config-file) You can change connection for models, slug separator, models path and there is also a handy pretend feature. Have a look at config file for more information. More Information ---------------- [](#more-information) For more information, please have a look at [HasRoleAndPermission](https://github.com/ultraware/roles/blob/master/src/Contracts/HasRoleAndPermission.php) contract. License ------- [](#license) This package is free software distributed under the terms of the MIT license. ### Health Score 35 — LowBetter than 80% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity19 Limited adoption so far Community20 Small or concentrated contributor base Maturity71 Established project with proven stability Bus Factor1 Top contributor holds 53.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~56 days Recently: every ~339 days Total 53 Last Release 1217d ago Major Versions 0.9 → 1.02015-01-26 1.7.1 → 2.0.02015-06-09 2.1.7 → 5.1.02016-12-01 5.8.1 → 6.02021-03-30 PHP version history (6 changes)0.9PHP >=5.4.0 2.0.0PHP >=5.5.9 5.1.0PHP >=5.6.4 5.5.x-devPHP >=7.0.0 5.6.0PHP >=7.1.3 5.8.x-devPHP >=7.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/d61c99270ee7e02c01b8166941c03819f68b572539f25624d959e06653b93103?d=identicon)[SevenLab](/maintainers/SevenLab) --- Top Contributors [![romanbican](https://avatars.githubusercontent.com/u/6573175?v=4)](https://github.com/romanbican "romanbican (96 commits)")[![Ricky-rick](https://avatars.githubusercontent.com/u/9480194?v=4)](https://github.com/Ricky-rick "Ricky-rick (50 commits)")[![lucasmichot](https://avatars.githubusercontent.com/u/513603?v=4)](https://github.com/lucasmichot "lucasmichot (7 commits)")[![interphased](https://avatars.githubusercontent.com/u/1676931?v=4)](https://github.com/interphased "interphased (4 commits)")[![nielskramerr](https://avatars.githubusercontent.com/u/12908597?v=4)](https://github.com/nielskramerr "nielskramerr (3 commits)")[![Kyslik](https://avatars.githubusercontent.com/u/2067589?v=4)](https://github.com/Kyslik "Kyslik (3 commits)")[![Yangwendaxia](https://avatars.githubusercontent.com/u/3424048?v=4)](https://github.com/Yangwendaxia "Yangwendaxia (2 commits)")[![JoeyHoutenbos](https://avatars.githubusercontent.com/u/1810441?v=4)](https://github.com/JoeyHoutenbos "JoeyHoutenbos (2 commits)")[![lucidlemon](https://avatars.githubusercontent.com/u/2458762?v=4)](https://github.com/lucidlemon "lucidlemon (2 commits)")[![bbashy](https://avatars.githubusercontent.com/u/1149200?v=4)](https://github.com/bbashy "bbashy (2 commits)")[![niknetniko](https://avatars.githubusercontent.com/u/1756811?v=4)](https://github.com/niknetniko "niknetniko (1 commits)")[![PawelDmochowskiDRAST](https://avatars.githubusercontent.com/u/17060755?v=4)](https://github.com/PawelDmochowskiDRAST "PawelDmochowskiDRAST (1 commits)")[![greggilbert](https://avatars.githubusercontent.com/u/169482?v=4)](https://github.com/greggilbert "greggilbert (1 commits)")[![branchzero](https://avatars.githubusercontent.com/u/7685609?v=4)](https://github.com/branchzero "branchzero (1 commits)")[![sniper7kills](https://avatars.githubusercontent.com/u/5902574?v=4)](https://github.com/sniper7kills "sniper7kills (1 commits)")[![tflori](https://avatars.githubusercontent.com/u/4855611?v=4)](https://github.com/tflori "tflori (1 commits)")[![UnrulyNatives](https://avatars.githubusercontent.com/u/6769986?v=4)](https://github.com/UnrulyNatives "UnrulyNatives (1 commits)")[![williamoliveira](https://avatars.githubusercontent.com/u/6340344?v=4)](https://github.com/williamoliveira "williamoliveira (1 commits)")[![mul14](https://avatars.githubusercontent.com/u/113989?v=4)](https://github.com/mul14 "mul14 (1 commits)") --- Tags laravelauthaclrolespermissionsilluminate ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/7lab-laravel-roles/health.svg) ``` [![Health](https://phpackages.com/badges/7lab-laravel-roles/health.svg)](https://phpackages.com/packages/7lab-laravel-roles) ``` ### Alternatives [geniusts/roles Powerful package for handling roles and permissions in Laravel 6 6416.6k](/packages/geniusts-roles) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)