PHPackages                             efficiently/authority-controller - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. efficiently/authority-controller

ActiveLibrary[Authentication & Authorization](/categories/authentication)

efficiently/authority-controller
================================

AuthorityController is an PHP authorization library for Laravel 5 which restricts what resources a given user is allowed to access.

2.2.0(10y ago)15533.2k17[2 PRs](https://github.com/efficiently/authority-controller/pulls)MITPHPPHP >=5.5.9

Since Oct 25Pushed 8y ago17 watchersCompare

[ Source](https://github.com/efficiently/authority-controller)[ Packagist](https://packagist.org/packages/efficiently/authority-controller)[ RSS](/packages/efficiently-authority-controller/feed)WikiDiscussions master Synced 1w ago

READMEChangelogDependencies (5)Versions (23)Used By (0)

AuthorityController [![Build Status](https://camo.githubusercontent.com/418313094129099b916d57fe93600c127e5b9c757854a578468e6aa47df2cc63/68747470733a2f2f7472617669732d63692e6f72672f656666696369656e746c792f617574686f726974792d636f6e74726f6c6c65722e706e673f6272616e63683d6d6173746572)](http://travis-ci.org/efficiently/authority-controller)
==================================================================================================================================================================================================================================================================================================================================================

[](#authoritycontroller-)

AuthorityController is an PHP authorization library for [Laravel 5.3](http://laravel.com) which restricts what resources a given user is allowed to access.

All permissions are defined in a single location:

```
config/authority-controller.php

```

and not duplicated across controllers, routes, views, and database queries.

For [**Laravel 5.2**](http://laravel.com/docs/5.2) supports see [AuthorityController 2.2 branch](https://github.com/efficiently/authority-controller/tree/2.2)

For [Laravel 5.0 or 5.1](http://laravel.com/docs/5.1) supports see [AuthorityController 2.1 branch](https://github.com/efficiently/authority-controller/tree/2.1)

For [Laravel 4.1 or 4.2](http://laravel.com/docs/4.2) supports see [AuthorityController 1.2 branch](https://github.com/efficiently/authority-controller/tree/1.2)

#### Demo application

[](#demo-application)

You can see in action this package with this Laravel 5.3 [**demo application**](https://github.com/efficiently/laravel_authority-controller_app#readme).

#### Origins and Inspirations

[](#origins-and-inspirations)

It's an extension of the [`authority-laravel`](https://github.com/authority-php/authority-laravel) package.

And a port of the best [Ruby](https://ruby-lang.org) authorization library: [CanCan](https://github.com/ryanb/cancan).

[Authority](https://github.com/authority-php/authority) ports some features of CanCan and this package ports [*almost*](https://github.com/efficiently/authority-controller/blob/master/README.md#missing-features) all the other features.

Installation
------------

[](#installation)

#### With [Composer](https://getcomposer.org/)

[](#with-composer)

1. Add `authority-controller` package to your `composer.json` file to require AuthorityController:

```
composer require efficiently/authority-controller:dev-master
```

2. Add the service provider to `config/app.php`:

```
    Efficiently\AuthorityController\AuthorityControllerServiceProvider::class,
```

3. Add the aliases (facades) to your Laravel app config file:

```
    'Params'    => Efficiently\AuthorityController\Facades\Params::class,
    'Authority' => Efficiently\AuthorityController\Facades\Authority::class,
```

4. This will allow you to access the Authority class through the static interface you are used to with Laravel components.

```
Authority::can('update', SomeModel::class);
```

Configuration
-------------

[](#configuration)

##### Create Roles and Permissions Tables

[](#create-roles-and-permissions-tables)

We have provided a basic table structure to get you started in creating your roles and permissions.

Publish them to your migrations directory or copy them directly.

```
php artisan vendor:publish --provider="Efficiently\AuthorityController\AuthorityControllerServiceProvider" --tag="migrations"
```

Run the migrations

```
php artisan migrate
```

This will create the following tables

- roles
- role\_user
- permissions

To utilize these tables, you can add the following methods to your `User` model. You will also need to create Role and Permission Model stubs (replacing `App\Authority\` with you own namespace)..

```
    //app/User.php
    public function roles()
    {
        return $this->belongsToMany(Authority\Role::class)->withTimestamps();
    }

    public function permissions()
    {
        return $this->hasMany(Authority\Permission::class);
    }

    public function hasRole($key)
    {
        $hasRole = false;
        foreach ($this->roles as $role) {
            if ($role->name === $key) {
                $hasRole = true;
                break;
            }
        }

        return $hasRole;
    }
```

```
    //app/Authority/Role.php