PHPackages ipunkt/roles - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ipunkt/roles ActiveLibrary[Authentication & Authorization](/categories/authentication) ipunkt/roles ============ Role based permission checking for the ipunkt/permissions package 013PHP Since Sep 24Pushed 11y ago5 watchersCompare [ Source](https://github.com/ipunkt/roles)[ Packagist](https://packagist.org/packages/ipunkt/roles)[ RSS](/packages/ipunkt-roles/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) ipunkt/roles ============ [](#ipunktroles) About ===== [](#about) Role based permission checking for ipunkt/permissions Install ------- [](#install) Add to your composer.json following lines ``` "require": { "ipunkt/roles": "dev-master" } ``` Configuration ------------- [](#configuration) Add ``` 'Ipunkt\Roles\RolesServiceProvider' ``` to your service provider list. Migrate by doing ``` php artisan migrate --package=ipunkt/roles ``` How it works ------------ [](#how-it-works) - A resource type has actions which can be performed on it. - A Role has permissions to perform actions. - A permission can affect the whole resource type or just a single resource - A permission on a single resource takes precedence over a permission on the whole resource type - A User has Roles. ### Special Names [](#special-names) The name `\*` is special both for actions and resources. When used for actions, it will match all actions When used for resources, it will match all resources Note however that other more specific permissions take precedence over this. Example: Role Subadmin has permission allowing to do '\*' on '\*' Role Subadmin has permission forbidding to do '\*' on 'supersecrettable' $userWithSubadmin->can('anything', $superSecretModel) will return false, because \*.supersecrettable is more specific than \*.\* Use --- [](#use) ### Checking Permissions [](#checking-permissions) `Ipunkt\Roles\PermissionChecker\RolePermissionChecker` will be set as the default permission checker for `ipunkt\permissions`unless you disable it in the config. There are 3 ways to use this package - Commands - Web Interface - Through the repositories ### Commands [](#commands) commandparametersdescriptionresource:makeresource nameCreates a new resource with the given nameresource:listLists all resourcesresource:destroyresource idDestroy the resource with the given idresource:addactionresource id, action nameAdd an action with the given name to the resource with the given idresource:listactionsresource idList all actions the resource with the given id hasresource:removeactionresource id, action nameRemove the action with the given name on the resource with the given idroles:superuseruser idAssign the role 'Superuser' to the given user which has permission to do '\*' on '\*'. If necessary this roles will be created### Web Interface [](#web-interface) The web interface protects itself through ipunkt/permissions, so make sure you have permission to do \* on resources and roles. TODO: config variable to disable the web interface entirely #### Resources [](#resources) Access /permissions/privilege or the route permissions.privilege.index #### Creating Roles [](#creating-roles) Access /permissions/role or the route permissions.role.index ### Through the repositories [](#through-the-repositories) `Ipunkt\Roles\Roles\RoleRepositoryInterface` is injected with the repository to work with roles. `Ipunkt\Roles\Resources\ResourceRepositoryInterface` is injected with the repository to work with resources. Advanced Use ------------ [](#advanced-use) It is theoreticaly possible to switch out the default eloquent roles to something else by implementing the RoleInterface, PermissionInterface and PrivilegeInterface for a different ORM/Database and replacing the repositories. However this remains untested. ### Assigning Roles [](#assigning-roles) There is a package ipunkt/auth-roles which connects these roles with ipunkt/auth users and brings an interface to assign roles to them. If you wish to implement your own connection to a user model make sure to overwrite Ipunkt\\Permissions\\Repositories\\RoleRepositoryInterface in the IoC. The simplest way to do this is extend EloquentRoleRepository and override allByUserId($id) ### Health Score 20 — LowBetter than 14% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community5 Small or concentrated contributor base Maturity41 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/2f1ab6ff16fc96d20efd363563c961db68587721536c6559d692f461588a1246?d=identicon)[svensp](/maintainers/svensp) ### Embed Badge ![Health badge](/badges/ipunkt-roles/health.svg) ``` [![Health](https://phpackages.com/badges/ipunkt-roles/health.svg)](https://phpackages.com/packages/ipunkt-roles) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)