PHPackages abmemon/sentinelrbac - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. abmemon/sentinelrbac ActiveLibrary[Authentication & Authorization](/categories/authentication) abmemon/sentinelrbac ==================== SentinelRBAC is a powerful and flexible Role-Based Access Control (RBAC) package for Laravel. Built for modern Laravel applications, it provides a clean and scalable way to manage roles, permissions, and access gates — with zero friction. v1.0.1(1y ago)22MITPHPPHP ^8.1 Since Apr 8Pushed 1y ago1 watchersCompare [ Source](https://github.com/abmemon/SentinelRBAC)[ Packagist](https://packagist.org/packages/abmemon/sentinelrbac)[ RSS](/packages/abmemon-sentinelrbac/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (1)Versions (3)Used By (0) 🔐 SentinelRBAC ============== [](#-sentinelrbac) **SentinelRBAC** is a powerful and flexible Role-Based Access Control (RBAC) package for Laravel 10+ and 12+. It provides a clean and scalable way to manage **roles**, **permissions**, and **group-based permissions**, while supporting **Laravel Sanctum** for secure token-based APIs. --- ⚙️ Features ----------- [](#️-features) - ✅ Role-based access control - ✅ Permission-based route/view protection - ✅ Group-based permission assignment - ✅ Middleware for roles and permissions - ✅ Blade directives - ✅ Laravel Sanctum support - ✅ Artisan commands for roles & permissions - ✅ Cached permission resolution - ✅ API-ready (token auth) --- 🛠️ Installation --------------- [](#️-installation) ``` composer require abmemon/sentinelrbac ``` > 🔁 If using a local or private repo before publishing to Packagist: Add to your Laravel project’s `composer.json`: ``` "repositories": [ { "type": "vcs", "url": "https://github.com/your-username/SentinelRBAC" } ] ``` Then run: ``` composer require abmemon/sentinelrbac:dev-master ``` --- 🧱 Setup ------- [](#-setup) ### 1. Publish Config & Migrations [](#1-publish-config--migrations) ``` php artisan vendor:publish --tag=sentinelrbac php artisan migrate ``` ### 2. Add Trait to User Model [](#2-add-trait-to-user-model) ``` use ABMemon\SentinelRBAC\Traits\HasRolesAndPermissions; class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable, HasRolesAndPermissions; } ``` ✅ This gives the user: - // Roles - `$user->assignRole('admin');` - `$user->removeRole('editor');` - `$user->syncRoles(['admin', 'editor']);` - `$user->hasRole('admin');` - `$user->hasAnyRole(['admin', 'manager']);` - `$user->hasAllRoles(['admin', 'manager']);` - `$user->getRoleNames();` // Collection of role names - // Permissions - `$user->givePermissionTo('edit-posts');` - `$user->revokePermissionTo('delete-posts');` - `$user->syncPermissions(['edit-posts', 'publish-posts']);` - `$user->hasPermission('edit-posts');` - `$user->hasAnyPermission(['edit-posts', 'publish-posts']);` - `$user->getPermissionNames();` // Collection of permission names - // Group Support - `$user->groups(); // Relationship` - `$user->getAllPermissionsCached(); // Permissions from user + roles + groups` - // Utility - `$user->refreshPermissionCache();` --- 🧰 Artisan Commands ------------------ [](#-artisan-commands) ### 🎭 Create Role [](#-create-role) ``` php artisan rbac:create-role admin ``` ### 🛡 Create Permission [](#-create-permission) ``` php artisan rbac:create-permission edit-posts ``` ### 👤 Assign Role to User [](#-assign-role-to-user) ``` php artisan rbac:assign-role user@example.com admin ``` --- 🔐 Protecting Routes ------------------- [](#-protecting-routes) ### ✅ With Permission [](#-with-permission) ``` Route::middleware(['auth:sanctum', 'permission:edit-posts'])->get('/posts/edit', function () { return response()->json(['message' => 'Edit page']); }); ``` ### ✅ With Role (Optional) [](#-with-role-optional) ``` Route::middleware(['auth:sanctum', 'role:admin'])->get('/admin', function () { return response()->json(['message' => 'Admin dashboard']); }); ``` --- 🎨 Blade Directives ------------------ [](#-blade-directives) ``` @permission('edit-posts') Edit Post @endpermission @role('admin') Welcome, Admin! @endrole ``` --- 👥 Group-Based Permissions ------------------------- [](#-group-based-permissions) Groups are great for managing permissions across departments, teams, or organizations. ### 1. Assign Permission to Group [](#1-assign-permission-to-group) ``` $group = Group::create(['name' => 'Sales']); $group->givePermissionTo('view-dashboard'); ``` ### 2. Add User to Group [](#2-add-user-to-group) ``` $user->groups()->attach($group); ``` ✅ The user now inherits the group’s permissions automatically. --- 📦 API Usage (Laravel Sanctum) ----------------------------- [](#-api-usage-laravel-sanctum) ### 🔐 Token-based Login Route [](#-token-based-login-route) ``` Route::post('/login', function (Request $request) { $user = User::where('email', $request->email)->first(); if (! $user || ! Hash::check($request->password, $user->password)) { return response()->json(['message' => 'Invalid credentials'], 401); } return response()->json([ 'token' => $user->createToken('api-token')->plainTextToken ]); }); ``` ### ✅ Authenticated Route [](#-authenticated-route) ``` Route::middleware('auth:sanctum')->get('/me', function () { return response()->json(auth()->user()); }); ``` > ⚠️ Always include `Authorization: Bearer {token}` in your API requests --- ⚡ Advanced Tips --------------- [](#-advanced-tips) - Permissions are cached per user: `user_permissions_{id}` - Use `cache()->forget("user_permissions_{$user->id}")` to clear manually - Use roles and groups to **assign** permissions, but always **check with permissions** --- 🧪 Testing Setup (Optional Seeder) --------------------------------- [](#-testing-setup-optional-seeder) You can seed: ``` // Create role and permission $admin = Role::create(['name' => 'admin']); $edit = Permission::create(['name' => 'edit-posts']); $admin->givePermissionTo($edit); // Assign to user $user = User::first(); $user->assignRole('admin'); ``` --- 🧩 Configuration File (`config/sentinelrbac.php`) ------------------------------------------------ [](#-configuration-file-configsentinelrbacphp) This file is published with: ``` php artisan vendor:publish --tag=sentinelrbac ``` You can customize model paths, permission table names, etc. --- 📜 License --------- [](#-license) MIT License — free to use, extend, and modify. --- 👤 Author -------- [](#-author) **Ahmed Bakhsh Memon** 🌐 [abmemon.com](https://abmemon.com) 🐙 [GitHub](https://github.com/abmemon) --- 🙌 Contributions --------------- [](#-contributions) Pull requests, issues, suggestions, and stars are all welcome. --- ⭐ Example API Flow (Postman) ---------------------------- [](#-example-api-flow-postman) EndpointMethodAuthDescription`/api/login`POST❌Get Sanctum token`/api/me`GET✅Return current user`/api/rbac/users/1/roles/sync`POST✅Sync roles to user`/api/rbac/users/1/permissions/sync`POST✅Sync direct permissions to user`/api/rbac/groups/1/users/sync`POST✅Sync users to group`/api/rbac/groups/1/permissions/sync`POST✅Sync permissions to group--- Enjoy clean and scalable access control with **SentinelRBAC** 🛡️🔥 ### Health Score 28 — LowBetter than 54% of packages Maintenance47 Moderate activity, may be stable Popularity5 Limited adoption so far Community7 Small or concentrated contributor base Maturity47 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 397d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e48efbe7595f3540fe1cfffb599ba1233b9b66638140d76f711ff6bc4aad007e?d=identicon)[abmemon](/maintainers/abmemon) --- Top Contributors [![abmemon](https://avatars.githubusercontent.com/u/56878874?v=4)](https://github.com/abmemon "abmemon (17 commits)") ### Embed Badge ![Health badge](/badges/abmemon-sentinelrbac/health.svg) ``` [![Health](https://phpackages.com/badges/abmemon-sentinelrbac/health.svg)](https://phpackages.com/packages/abmemon-sentinelrbac) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[olssonm/l5-very-basic-auth Laravel stateless HTTP basic auth without the need for a database 1662.5M1](/packages/olssonm-l5-very-basic-auth)[stechstudio/laravel-jwt Helper package that makes it easy to generate, consume, and protect routes with JWT tokens in Laravel 126117.6k](/packages/stechstudio-laravel-jwt)[scaler-tech/laravel-saml2 SAML2 Service Provider integration for Laravel applications, based on OneLogin toolkit 2737.5k](/packages/scaler-tech-laravel-saml2)[truckersmp/steam-socialite Laravel Socialite provider for Steam OpenID. 1516.7k](/packages/truckersmp-steam-socialite) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)