PHPackages                             adexaja/rbac - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. adexaja/rbac

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

adexaja/rbac
============

Powerful RBAC package for Laravel 5.1

1.1.2(10y ago)035↓100%MITPHPPHP &gt;=5.5.9

Since Jun 22Pushed 9y ago1 watchersCompare

[ Source](https://github.com/adexaja/RBAC)[ Packagist](https://packagist.org/packages/adexaja/rbac)[ RSS](/packages/adexaja-rbac/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (1)Versions (11)Used By (0)

RBAC For Laravel 5.3 Less Model
===============================

[](#rbac-for-laravel-53-less-model)

Powerful package for handling roles and permissions in Laravel 5.3

Based on the [Bican/Roles](https://github.com/romanbican/roles/) Package.

### So whats Different?

[](#so-whats-different)

The difference is how [Inheritance](#inheritance) work. With Bican/Roles, permissions are inherited based on your highest `role level`.

Instead this package uses a `parent_id` column to enable roles to be inherited from each other.

This enables us to only pull permissions of roles that our users inherits, or that are directly assigned to the user.

- [Installation](#installation)
    - [Composer](#composer)
    - [Service Provider](#service-provider)
    - [Config File And Migrations](#config-file-and-migrations)
    - [HasRoleAndPermission Trait And Contract](#hasroleandpermission-trait-and-contract)
- [Usage](#usage)
    - Roles
        - [Creating Roles](#creating-roles)
        - [Attaching And Detaching Roles](#attaching-and-detaching-roles)
        - [Deny Roles](#deny-roles)
        - [Checking For Roles](#checking-for-roles)
    - Permissions
        - [Creating Permissions](#creating-permissions)
        - [Attaching And Detaching Permissions](#attaching-and-detaching-permissions)
        - [Deny Permissions](#deny-permissions)
        - [Checking For Permissions](#checking-for-permissions)
    - [Inheritance](#inheritance)
    - [Entity Check](#entity-check)
    - [Blade Extensions](#blade-extensions)
    - [Middleware](#middleware)
- [Config File](#config-file)
- [More Information](#more-information)
- [License](#license)

Installation
------------

[](#installation)

This package is very easy to set up. There are only couple of steps.

### Composer

[](#composer)

Pull this package in through Composer (file `composer.json`).

```
{
    "require": {
        "php": ">=5.5.9",
        "laravel/framework": "5.1.*",
        "dcn/rbac": "~1.1.0"
    }
}
```

Run this command inside your terminal.

```
composer update

```

### Service Provider

[](#service-provider)

Add the package to your application service providers in `config/app.php` file.

```
'providers' => [

    /*
     * Laravel Framework Service Providers...
     */
    Illuminate\Foundation\Providers\ArtisanServiceProvider::class,
    Illuminate\Auth\AuthServiceProvider::class,
    ...

    /**
     * Third Party Service Providers...
     */
    DCN\RBAC\RBACServiceProvider::class,

],
```

### Config File And Migrations

[](#config-file-and-migrations)

Publish the package config file and migrations to your application. Run these commands inside your terminal.

```
php artisan vendor:publish --provider="DCN\RBAC\RBACServiceProvider" --tag=config
php artisan vendor:publish --provider="DCN\RBAC\RBACServiceProvider" --tag=migrations

```

And also run migrations.

```
php artisan migrate

```

> There must be created migration file for users table, which is in Laravel out of the box.

### HasRoleAndPermission Trait And Contract

[](#hasroleandpermission-trait-and-contract)

Include `HasRoleAndPermission` trait and also implement `HasRoleAndPermission` contract inside your `User` model.

```
use DCN\RBAC\Traits\HasRoleAndPermission;
use DCN\RBAC\Contracts\HasRoleAndPermission as HasRoleAndPermissionContract;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract, HasRoleAndPermissionContract
{
    use Authenticatable, CanResetPassword, HasRoleAndPermission;
```

And that's it!

Usage
-----

[](#usage)

### Creating Roles

[](#creating-roles)

```
use DCN\RBAC\Models\Role;

$adminRole = Role::create([
    'name' => 'Admin',
    'slug' => 'admin',
    'description' => '', // optional
    'parent_id' => NULL, // optional, set to NULL by default
]);

$moderatorRole = Role::create([
    'name' => 'Forum Moderator',
    'slug' => 'forum.moderator',
]);
```

> Because of `Slugable` trait, if you make a mistake and for example leave a space in slug parameter, it'll be replaced with a dot automatically, because of `str_slug` function.

### Attaching And Detaching Roles

[](#attaching-and-detaching-roles)

It's really simple. You fetch a user from database and call `attachRole` method. There is `BelongsToMany` relationship between `User` and `Role` model.

```
use App\User;

$user = User::find($id);

$user->attachRole($adminRole); //you can pass whole object, or just an id
```

```
$user->detachRole($adminRole); // in case you want to detach role
$user->detachAllRoles(); // in case you want to detach all roles
```

### Deny Roles

[](#deny-roles)

To deny a user a role and all of its children roles, see the following example.

We recommend that you plan your roles accordingly if you plan on using this feature. As you could easily lock out users without realizing it.

```
use App\User;

$role = Role::find($roleId);

$user = User::find($userId);
$user->attachRole($role, FALSE); // Deny this role, and all of its decedents to the user regardless of what has been assigned.
```

### Checking For Roles

[](#checking-for-roles)

You can now check if the user has required role.

```
if ($user->roleIs('admin')) { // you can pass an id or slug
    //
}
```

You can also do this:

```
if ($user->isAdmin()) {
    //
}
```

And of course, there is a way to check for multiple roles:

```
if ($user->roleIs('admin|moderator')) { // or $user->roleIs('admin, moderator') and also $user->roleIs(['admin', 'moderator'])
    // if user has at least one role
}

if ($user->roleIs('admin|moderator', true)) { // or $user->roleIs('admin, moderator', true) and also $user->roleIs(['admin', 'moderator'], true)
    // if user has all roles
}
```

As well as Wild Cards:

```
if ($user->roleIs('admin|moderator.*')) { // or $user->roleIs('admin, moderator.*') and also $user->roleIs(['admin', 'moderator.*'])
    //User has admin role, or a moderator role
}
```

### Creating Permissions

[](#creating-permissions)

It's very simple thanks to `Permission` model.

```
use DCN\RBAC\Models\Permission;

$createUsersPermission = Permission::create([
    'name' => 'Create users',
    'slug' => 'create.users',
    'description' => '', // optional
]);

$deleteUsersPermission = Permission::create([
    'name' => 'Delete users',
    'slug' => 'delete.users',
]);
```

### Attaching And Detaching Permissions

[](#attaching-and-detaching-permissions)

You can attach permissions to a role or directly to a specific user (and of course detach them as well).

```
use App\User;
use DCN\RBAC\Models\Role;

$role = Role::find($roleId);
$role->attachPermission($createUsersPermission); // permission attached to a role

$user = User::find($userId);
$user->attachPermission($deleteUsersPermission); // permission attached to a user
```

```
$role->detachPermission($createUsersPermission); // in case you want to detach permission
$role->detachAllPermissions(); // in case you want to detach all permissions

$user->detachPermission($deleteUsersPermission);
$user->detachAllPermissions();
```

### Deny Permissions

[](#deny-permissions)

You can deny a user a permission, or you can deny an entire role a permission.

To do this, when attaching a permission simply pass a second parameter of false. This will deny that user that permission regardless of what they are assigned. Denied permissions take precedent over inherited and granted permissions.

```
use App\User;
use DCN\RBAC\Models\Role;

$role = Role::find($roleId);
$role->attachPermission($createUsersPermission, FALSE); // Deny this permission to all users who have or inherit this role.

$user = User::find($userId);
$user->attachPermission($deleteUsersPermission, FALSE); // Deny this permission to this user regardless of what roles they are in.
```

### Checking For Permissions

[](#checking-for-permissions)

```
if ($user->may('create.users') { // you can pass an id or slug
    //
}

if ($user->canDeleteUsers()) {
    //
}
```

You can check for multiple permissions the same way as roles.

### Inheritance

[](#inheritance)

> If you don't want the inheritance feature in you application, simply ignore the `parent_id` parameter when you're creating roles.

Roles that are assigned a parent\_id of another role are automatically inherited when a user is assigned or inherits the parent role.

Here is an example:

You have 5 administrative groups. Admins, Store Admins, Store Inventory Managers, Blog Admins, and Blog Writers.

RoleParentAdminsStore AdminsAdminsStore Inventory ManagersStore AdminsBlog AdminsAdminsBlog WritersBlog AdminsThe `Admins Role` is the parent of both `Store Admins Role` as well as `Blog Admins Role`.

While the `Store Admins Role` is the parent to `Store Inventory Managers Role`.

And the `Blog Admins Role` is the parent to `Blog Writers`.

This enables the `Admins Role` to inherit both `Store Inventory Managers Role` and `Blog Writers Role`.

But the `Store Admins Role` only inherits the `Store Inventory Managers Role`,

And the `Blog Admins Role` only inherits the `Blog Writers Role`.

Another Example:

idslugparent\_id1adminNULL2admin.user13admin.blog14blog.writer35developmentNULLHere, `admin` inherits `admin.user`, `admin.blog`, and `blog.writer`.

While `admin.user` doesn't inherit anything, and `admin.blog` inherits `blog.writer`.

Nothing inherits `development` and, `development` doesn't inherit anything.

### Entity Check

[](#entity-check)

Let's say you have an article and you want to edit it. This article belongs to a user (there is a column `user_id` in articles table).

```
use App\Article;
use DCN\RBAC\Models\Permission;

$editArticlesPermission = Permission::create([
    'name' => 'Edit articles',
    'slug' => 'edit.articles',
    'model' => 'App\Article',
]);

$user->attachPermission($editArticlesPermission);

$article = Article::find(1);

if ($user->allowed('edit.articles', $article)) { // $user->allowedEditArticles($article)
    //
}
```

This condition checks if the current user is the owner of article. If not, it will be looking inside user permissions for a row we created before.

```
if ($user->allowed('edit.articles', $article, false)) { // now owner check is disabled
    //
}
```

### Blade Extensions

[](#blade-extensions)

There are three Blade extensions. Basically, it is replacement for classic if statements.

```
@role('admin') // @if(Auth::check() && Auth::user()->roleIs('admin'))
    // user is admin
@endrole

@permission('edit.articles') // @if(Auth::check() && Auth::user()->may('edit.articles'))
    // user can edit articles
@endpermission

@allowed('edit', $article) // @if(Auth::check() && Auth::user()->allowed('edit', $article))
    // show edit button
@endallowed

@role('admin|moderator', 'all') // @if(Auth::check() && Auth::user()->roleIs('admin|moderator', 'all'))
    // user is admin and also moderator
@else
    // something else
@endrole
```

### Middleware

[](#middleware)

This package comes with `VerifyRole` and `VerifyPermission` middleware. You must add them inside your `app/Http/Kernel.php` file.

```
/**
 * The application's route middleware.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'role' => \DCN\RBAC\Middleware\VerifyRole::class,
    'permission' => \DCN\RBAC\Middleware\VerifyPermission::class,
];
```

Now you can easily protect your routes.

```
$router->get('/example', [
    'as' => 'example',
    'middleware' => 'role:admin',
    'uses' => 'ExampleController@index',
]);

$router->post('/example', [
    'as' => 'example',
    'middleware' => 'permission:edit.articles',
    'uses' => 'ExampleController@index',
]);
```

It throws `\DCN\RBAC\Exception\RoleDeniedException` or `\DCN\RBAC\Exception\PermissionDeniedException` exceptions if it goes wrong.

You can catch these exceptions inside `app/Exceptions/Handler.php` file and do whatever you want.

```
/**
 * Render an exception into an HTTP response.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Exception  $e
 * @return \Illuminate\Http\Response
 */
public function render($request, Exception $e)
{
    if ($e instanceof \DCN\RBAC\Exceptions\RoleDeniedException) {
        // you can for example flash message, redirect...
        return redirect()->back();
    }

    return parent::render($request, $e);
}
```

Config File
-----------

[](#config-file)

You can change connection for models, slug separator, models path and there is also a handy pretend feature. Have a look at config file for more information.

More Information
----------------

[](#more-information)

This project is based on [Bican/Roles](https://github.com/romanbican/roles/).

License
-------

[](#license)

This package is free software distributed under the terms of the MIT license.

I don't care what you do with it.

Contribute
----------

[](#contribute)

I honestly don't know what I'm doing. If you see something that could be fixed. Make a pull request on the develop branch!.

###  Health Score

29

—

LowBetter than 60% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity8

Limited adoption so far

Community17

Small or concentrated contributor base

Maturity64

Established project with proven stability

 Bus Factor2

2 contributors hold 50%+ of commits

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~7 days

Recently: every ~15 days

Total

9

Last Release

3914d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/3ea8f7db25fbee4137e342850156a116665233da733106a0a7ab07189c2e58d3?d=identicon)[adexaja](/maintainers/adexaja)

---

Top Contributors

[![romanbican](https://avatars.githubusercontent.com/u/6573175?v=4)](https://github.com/romanbican "romanbican (82 commits)")[![sniper7kills](https://avatars.githubusercontent.com/u/5902574?v=4)](https://github.com/sniper7kills "sniper7kills (55 commits)")[![adexaja](https://avatars.githubusercontent.com/u/6724523?v=4)](https://github.com/adexaja "adexaja (7 commits)")[![lucasmichot](https://avatars.githubusercontent.com/u/513603?v=4)](https://github.com/lucasmichot "lucasmichot (4 commits)")[![interphased](https://avatars.githubusercontent.com/u/1676931?v=4)](https://github.com/interphased "interphased (4 commits)")[![Kyslik](https://avatars.githubusercontent.com/u/2067589?v=4)](https://github.com/Kyslik "Kyslik (3 commits)")[![Jesuso](https://avatars.githubusercontent.com/u/670157?v=4)](https://github.com/Jesuso "Jesuso (3 commits)")[![lucidlemon](https://avatars.githubusercontent.com/u/2458762?v=4)](https://github.com/lucidlemon "lucidlemon (2 commits)")[![elp1](https://avatars.githubusercontent.com/u/13511589?v=4)](https://github.com/elp1 "elp1 (1 commits)")[![ArtistNeverStop](https://avatars.githubusercontent.com/u/12214908?v=4)](https://github.com/ArtistNeverStop "ArtistNeverStop (1 commits)")[![UnrulyNatives](https://avatars.githubusercontent.com/u/6769986?v=4)](https://github.com/UnrulyNatives "UnrulyNatives (1 commits)")[![williamoliveira](https://avatars.githubusercontent.com/u/6340344?v=4)](https://github.com/williamoliveira "williamoliveira (1 commits)")[![greggilbert](https://avatars.githubusercontent.com/u/169482?v=4)](https://github.com/greggilbert "greggilbert (1 commits)")[![notf0und](https://avatars.githubusercontent.com/u/2713486?v=4)](https://github.com/notf0und "notf0und (1 commits)")

---

Tags

laravelauthrolespermissionsrbacilluminate

### Embed Badge

![Health badge](/badges/adexaja-rbac/health.svg)

```
[![Health](https://phpackages.com/badges/adexaja-rbac/health.svg)](https://phpackages.com/packages/adexaja-rbac)
```

###  Alternatives

[geniusts/roles

Powerful package for handling roles and permissions in Laravel 6

6416.6k](/packages/geniusts-roles)[phpzen/laravel-rbac

Role based access control for Laravel 5

383.2k](/packages/phpzen-laravel-rbac)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)