PHPackages a2design-inc/laravel4-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. a2design-inc/laravel4-acl ActiveLibrary[Authentication & Authorization](/categories/authentication) a2design-inc/laravel4-acl ========================= ACL component for Laravel 4 v1.0.2(9y ago)01.4k1MITPHPPHP >=5.3.0 Since Aug 12Pushed 9y ago10 watchersCompare [ Source](https://github.com/a2design-inc/laravel-acl)[ Packagist](https://packagist.org/packages/a2design-inc/laravel4-acl)[ Docs](http://vivify-ideas.github.io/laravel-acl)[ RSS](/packages/a2design-inc-laravel4-acl/feed)WikiDiscussions master Synced 2mo ago READMEChangelog (1)Dependencies (3)Versions (10)Used By (0) Laravel ACL =========== [](#laravel-acl) ACL component for Laravel 4. (As of `v1.0.0-RC6`, laravel-acl is no longer compatible with Laravel 4.0. For Laravel 4.0 use version `v1.0.0-RC5` or earlier versions) [![Build Status](https://camo.githubusercontent.com/eee9588fba2d1f7998f865dfd59dee67a62570fbf5b9c8d5ce2f0d01a45291ad/68747470733a2f2f7472617669732d63692e6f72672f5669766966792d49646561732f6c61726176656c2d61636c2e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/Vivify-Ideas/laravel-acl) - [Installation](#installation) - [Configuration](#configuration) - [Provider](#provider) - [Super users](#superusers) - [Guest user](#guestuser) - [Permissions](#permissions) - [Groups](#groups) - [Usage](#usage) Installation ------------ [](#installation) First you need to install this package through Composer. Edit your project's `composer.json` file to require `vivify-ideas/acl`. ``` "require": { "vivify-ideas/acl": "dev-master" }, "minimum-stability" : "dev" ``` Next, update Composer from the Terminal: ``` composer update ``` Once this operation completes, you will need to add the service provider into your app. Open `app/config/app.php`, and add a new item to the providers array. ``` 'VivifyIdeas\Acl\AclServiceProvider', ``` And also add new alias into aliases array. ``` 'Acl' => 'VivifyIdeas\Acl\Facades\Acl', ``` The last step is to create database structure for keeping ACL. You can do this easily by running the following `artisan` command: ``` php artisan acl:install ``` This will use current permission provider (`Eloquent`) to create necessary DB structure. When finished, you should have six new tables in your database: `acl_permissions`, `acl_groups`, `acl_user_permissions`, `acl_roles`, `acl_roles_permissions` and `acl_users_roles`. That's it! You're all set to go. Configuration ------------- [](#configuration) After runing `artisan acl:install` command, you will get a new config file in `app/config/packages/vivify-ideas/acl/config.php`. There you will notice several different settings. ### Provider [](#provider) ``` 'provider' => 'eloquent' ``` Here you can set the provider class that you want to use. Main feature of this ACL component is `PermissionsProvider`, which abstract storage of permissions. Currently `Eloquent` is the only one permission provider available (you can assume that permissions will be stored in DB that you specified on your project). ### SuperUsers [](#superusers) ``` 'superusers' => array() ``` Here you can define user IDs that will have superuser rights. These users will be allowed all permissions. ### GuestUser [](#guestuser) ``` 'guestuser' => 0 ``` Put here ID that will used for setting permissions to guest users. ### Permissions [](#permissions) ``` 'permissions' => array() ``` Here you need to put permissions for every resource that will be protected by ACL. Any resource that is not definied here or has its `allowed` field set to `true` will be freely accessable by any authenticated user or possibly a guest. Permissions need to be in following format: ``` array( array( 'id' => 'PERMISSION_ID', 'allowed' => true|false, 'route' => array('GET:/resource/(\d+)/edit', 'PUT:/resource/(\d+)'), 'resource_id_required' => true|false, 'name' => 'Permission name', 'group_id' => 'GROUP_ID_1', // optional ), array( 'id' => 'PERMISSION_ID_2', 'allowed' => true|false, 'route' => 'GET:/resource/(\d+)', 'resource_id_required' => true|false, 'name' => 'Permission 2 name' 'group_id' => 'GROUP_ID_2', // optional ) ) ``` ### Groups [](#groups) ``` 'groups' => array() ``` The purpose of groups is to limit access to groups of resources that share the same base path. For example you want to alllow user to access the page at `admin/products` path Every permission can belong to a group. You can have groups that belongs to other group. Every group can have a route. Use the following format: ``` array( array( 'id' => 'ADMIN_PRIVILEGES', 'name' => 'Administrator Privileges', 'route' => 'GET:/admin/(\d+)', 'children' => array( array( 'id' => 'MANAGE_STUFF', 'name' => 'Manage Stuff', 'route' => 'GET:/resource/(\d+)' ), array( 'id' => 'MANAGE_PRODUCTS', 'name' => 'Manage Products', 'route' => 'GET:/resource/(\d+)' ), array( 'id' => 'MANAGE_USERS', 'name' => 'Manage Users', 'route' => 'GET:/resource/(\d+)', 'children' => array( array( 'id' => 'MANAGE_SPEC_USER', 'name' => 'Manage spec user', 'route' => 'GET:/resource/(\d+)' ) ) ) ) ), array( 'id' => 'STUFF_PRIVILEGES', 'name' => 'Stuff Privileges', ) ) ``` ### Roles [](#roles) ``` 'roles' => array() ``` Roles are sets of permissions that can be assigned to different users. Permissions based on roles are applied after general permissions, but before user specific permissions. This means that you can override role based permissions with user specific permissions. Usage ----- [](#usage) When you are satisfied with your configuration file, run the following artisan command: ``` php artisan acl:update ``` This command needs to be run every time you update config file with new permissions and wish to add them to the database. If you want to delete all permissions (including user permissions), and again reload permissions from config file you can use this command: ``` php artisan acl:reset ``` ### Available Artisan commands [](#available-artisan-commands) Here is the list of all artisan commands: - `acl:install` Create ACL table structure. - `acl:install clean` Delete all acl tables, reset config file to default version and again create ACL table structure. - `acl:update` Update all ACL permissions in the database from config file. - `acl:reset` Reset all ACL permissions. This will delete both user and system permissions and install permissions from config file ### Add Acl Filter To Your Application [](#add-acl-filter-to-your-application) Now we need to add appropriate filter to application and to set usage in `routes.php` file. You can add this filter to your `filters.php` file and adjust it to suit your own needs: ``` Route::filter('acl', function($route, $request) { // we need this because laravel delete form sends POST request with {_method: 'DELETE'} as parameter $method = $request->has('_method') ? $request->input('_method') : $request->server('REQUEST_METHOD'); if (!Acl::checkRoute($method, $request->server('REQUEST_URI'))) { App::abort(403); } }); ``` And then in `routes.php` use this filter according to your needs. ``` Route::group(array('before' => 'acl', 'prefix' => '/admin'), function() { ... }); ``` ### Checking permissions [](#checking-permissions) Here are few ways how to check user permissions: ``` // Whether a user with ID 2 can see a list of all products Acl::user(2)->permission('LIST_PRODUCTS')->check(); // Whether a user with ID 1 can edit product with ID 2 Acl::user(1)->permission('EDIT_PRODUCT', 2)->check(); // Can currently authenticated user edit product with ID 2 Acl::permission('EDIT_PRODUCT', 2)->check(); // Whether a user with ID 1 can edit and delete product with ID 2 Acl::user(1)->permission('EDIT_PRODUCT', 2) ->permission('DELETE_PRODUCT', 2) ->check(); // Can user with ID 1 access /products URL Acl::user(1)->checkRoute('GET', '/products') // Can currently authenticated user access /products URL Acl::checkRoute('GET', '/products'); // Get me array of product IDs that user with ID 1 can edit Acl::user(1)->permission('EDIT_PRODUCT')->getResourceIds(); // Get me array of product IDs that user with ID 1 can not edit Acl::user(1)->permission('EDIT_PRODUCT')->getResourceIds(false); ``` ### Health Score 31 — LowBetter than 68% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity15 Limited adoption so far Community18 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 64.1% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~192 days Recently: every ~337 days Total 8 Last Release 3304d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/18dd207483a4ff5272a672f9a85618fd21ee3785e91d5865658928d31f4a5e1a?d=identicon)[MrMYSTIC](/maintainers/MrMYSTIC) --- Top Contributors [![milosh012](https://avatars.githubusercontent.com/u/1167990?v=4)](https://github.com/milosh012 "milosh012 (41 commits)")[![goranprijic](https://avatars.githubusercontent.com/u/1355263?v=4)](https://github.com/goranprijic "goranprijic (10 commits)")[![salesan](https://avatars.githubusercontent.com/u/2605067?v=4)](https://github.com/salesan "salesan (6 commits)")[![MrMYSTIC](https://avatars.githubusercontent.com/u/1566816?v=4)](https://github.com/MrMYSTIC "MrMYSTIC (3 commits)")[![rabbiabram](https://avatars.githubusercontent.com/u/1196791?v=4)](https://github.com/rabbiabram "rabbiabram (2 commits)")[![Maidomax](https://avatars.githubusercontent.com/u/1213091?v=4)](https://github.com/Maidomax "Maidomax (1 commits)")[![vivifyideas](https://avatars.githubusercontent.com/u/5213794?v=4)](https://github.com/vivifyideas "vivifyideas (1 commits)") --- Tags laravelacl ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/a2design-inc-laravel4-acl/health.svg) ``` [![Health](https://phpackages.com/badges/a2design-inc-laravel4-acl/health.svg)](https://phpackages.com/packages/a2design-inc-laravel4-acl) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp)[casbin/laravel-authz An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel. 324339.9k4](/packages/casbin-laravel-authz)[yajra/laravel-acl Laravel ACL is a simple role, permission ACL for Laravel Framework. 112103.9k1](/packages/yajra-laravel-acl)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro)[beatswitch/lock-laravel A Laravel Driver for Lock. 15529.1k1](/packages/beatswitch-lock-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)