PHPackages kerigard/laravel-roles - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. kerigard/laravel-roles AbandonedArchivedLibrary[Authentication & Authorization](/categories/authentication) kerigard/laravel-roles ====================== Permissions and roles for Laravel v1.1.3(3y ago)09MITPHPPHP ^8.0.2|^8.1 Since Jul 31Pushed 3y ago1 watchersCompare [ Source](https://github.com/Kerigard/laravel-roles)[ Packagist](https://packagist.org/packages/kerigard/laravel-roles)[ Docs](https://github.com/kerigard/laravel-roles)[ RSS](/packages/kerigard-laravel-roles/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (5)Dependencies (3)Versions (6)Used By (0) Laravel Roles ============= [](#laravel-roles) [![Build Status](https://github.com/Kerigard/laravel-roles/workflows/tests/badge.svg)](https://github.com/Kerigard/laravel-roles/actions) [![Total Downloads](https://camo.githubusercontent.com/622234608183dc62c050d86fcff58463b5c548063d5eb6603c22f899b349950b/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f4b657269676172642f6c61726176656c2d726f6c6573)](https://packagist.org/packages/Kerigard/laravel-roles) [![Latest Stable Version](https://camo.githubusercontent.com/d94cc0fb266ff1a85aff5d79a9bd30f800d863b380da47e27002080139e586e0/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f4b657269676172642f6c61726176656c2d726f6c6573)](https://packagist.org/packages/Kerigard/laravel-roles) [![License](https://camo.githubusercontent.com/10242f2e8d871bb6ef39dec25aa9016c8363e3e50225ae9ac267992b3e7e0ae0/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f4b657269676172642f6c61726176656c2d726f6c6573)](https://packagist.org/packages/Kerigard/laravel-roles) Permissions and roles for Laravel 9.20 and up. Installation ------------ [](#installation) Install package via composer: ``` composer require kerigard/laravel-roles ``` Publish the configuration and migration files using the `vendor:publish` artisan command: ``` php artisan vendor:publish --provider="Kerigard\LaravelRoles\RolesServiceProvider" ``` Customize the `roles.php` configuration file according to your requirements. After that run the migrations: ``` php artisan migrate ``` Usage ----- [](#usage) ### Connecting traits [](#connecting-traits) To start using permission and role checking, your User model must use the `Kerigard\LaravelRoles\Traits\HasRoles` and `Kerigard\LaravelRoles\Traits\HasPermissions` traits: ``` use Kerigard\LaravelRoles\Traits\HasPermissions; use Kerigard\LaravelRoles\Traits\HasRoles; class User extends Authenticatable { use HasPermissions; use HasRoles; } ``` > It is not necessary to connect both traits at the same time. ### Creating roles and permissions [](#creating-roles-and-permissions) Create roles and permissions, after which create a relationship between them: ``` use Kerigard\LaravelRoles\Models\Permission; use Kerigard\LaravelRoles\Models\Role; $role = Role::create(['name' => 'Manager', 'slug' => 'manager']); $permission = Permission::create(['name' => 'Edit articles', 'slug' => 'edit-articles']); $role->attachPermission($permission); ``` > You can override models through a config file. Connect a role or permission to a user: ``` $user->attachRole(1); $user->attachRole($adminRole); $user->attachRole('super-admin'); $user->attachRole([1, $adminRole, 'manager']); $user->attachPermission(1); $user->attachPermission($editPostsPermission); $user->attachPermission('edit-articles'); $user->attachPermission([1, $editPostsPermission, 'edit-articles']); ``` You can disable a role or permission for a user: ``` $user->detachRole(1); $user->detachRole($adminRole); $user->detachRole('super-admin'); $user->detachRole([1, $adminRole, 'manager']); $user->detachAllRoles(); $user->detachPermission(1); $user->detachPermission($editPostsPermission); $user->detachPermission('edit-articles'); $user->detachPermission([1, $editPostsPermission, 'edit-articles']); $user->detachAllPermissions(); ``` Or just sync the specified roles or permissions. Any roles or permissions that are not listed will be disabled: ``` $user->syncRoles(1); $user->syncRoles($adminRole); $user->syncRoles('super-admin'); $user->syncRoles([1, $adminRole, 'manager']); $user->syncPermissions(1); $user->syncPermissions($editPostsPermission); $user->syncPermissions('edit-articles'); $user->syncPermissions([1, $editPostsPermission, 'edit-articles']); ``` Use this method if you don't want old roles or permissions to be disabled when syncing: ``` $user->syncRolesWithoutDetaching($role); $user->syncPermissionsWithoutDetaching($permission); ``` ### Permissions check [](#permissions-check) To check for permission, run: ``` $user->hasPermission('edit-articles'); $user->hasPermission(1); $user->hasPermission($permission); // has all permissions $user->hasPermission(['edit-articles', 'register-articles']); // has any permissions $user->hasAnyPermission(['edit-articles', 'register-articles']); $user->doesNotHasPermission($permission); $user->doesNotHasAnyPermission(['edit-articles', 'register-articles']); // or check that the role contains the permission $role->hasPermission('edit-articles'); ``` All permissions are registered with Laravel Gates, so you can use the `can` function: ``` $user->can('edit-articles'); $user->can(['edit-articles', 'register-articles']); $user->canAny(['edit-articles', 'register-articles']); ``` In a controller, you can use the `authorize` function to throw an exception if the user doesn't have permissions: ``` class PostController extends Controller { public function index() { $this->authorize('view-posts'); return Post::all(); } } ``` ### Roles check [](#roles-check) To check if a role exists, run: ``` $user->hasRole('manager'); $user->hasRole(1); $user->hasRole($role); // has all roles $user->hasRole(['manager', 'admin']); // kas any roles $user->hasAnyRole(['manager', 'admin']); $user->doesNotHasRole($role); $user->doesNotHasAnyRole(['manager', 'admin']); ``` If you want to check the role in the controller and raise an exception if it is missing, then you need to replace the trait import in the `app\Http\Controllers\Controller.php` file: ``` // from use Illuminate\Foundation\Auth\Access\AuthorizesRequests; // to use Kerigard\LaravelRoles\Traits\AuthorizesRequests; ``` After that, you can use the `authorizeRole` function in all controllers to check the role: ``` class PostController extends Controller { public function index() { $this->authorizeRole('editor'); return Post::all(); } } ``` ### Blade directives [](#blade-directives) You can use directives in blade files to write conditions conveniently: ``` @can('edit-articles') // @endcan @canany(['edit-articles', 'register-articles']) // @endcanany @is('manager') // @endis @isany(['manager', 'admin']) // @endisany ``` ### Middlewares [](#middlewares) In the `app/Http/Kernel.php` file, you can specify a middleware for checking roles and permissions: ``` protected $routeMiddleware = [ 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'is' => \Kerigard\LaravelRoles\Middlewares\AuthorizeRole::class, ]; ``` Then you can secure your routes: ``` Route::put('users', [UserController::class, 'update'])->middleware('can:edit-users'); // or Route::put('users', [UserController::class, 'update'])->can('edit-users'); Route::get('users', [UserController::class, 'index'])->middleware('is:admin'); // or Route::get('users', [UserController::class, 'index'])->is('admin'); ``` ### Custom statuses [](#custom-statuses) When throwing exceptions by default, Laravel returns a `403` error code with the message `This action is unauthorized`. You can specify your own error codes and messages for each role and permission: ``` Role::create([ 'name' => 'Admin', 'slug' => 'admin', 'status' => 404, 'message' => 'Not found', ]); Permission::create([ 'name' => 'Edit users', 'slug' => 'edit-users', 'status' => 404, 'message' => 'Not found', ]); ``` ### Super admin [](#super-admin) In the configuration, you can enable the super admin role. For users with this role, all permissions and role checks will be `true`. Changelog --------- [](#changelog) Please see the [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. License ------- [](#license) MIT. Please see the [LICENSE FILE](LICENSE.md) for more information. ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~52 days Total 5 Last Release 1172d ago PHP version history (2 changes)v1.0.0PHP ^8.0.2 v1.1.3PHP ^8.0.2|^8.1 ### Community Maintainers ![](https://www.gravatar.com/avatar/8bf41af862d8b4e4b8fee30d6a8a338395a39e303e2c04a8c9ec92d130db018f?d=identicon)[kerigard](/maintainers/kerigard) --- Top Contributors [![Kerigard](https://avatars.githubusercontent.com/u/46793484?v=4)](https://github.com/Kerigard "Kerigard (17 commits)") --- Tags laravelrolespermissions ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/kerigard-laravel-roles/health.svg) ``` [![Health](https://phpackages.com/badges/kerigard-laravel-roles/health.svg)](https://phpackages.com/packages/kerigard-laravel-roles) ``` ### Alternatives [santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[jeremykenedy/laravel-roles A Powerful package for handling roles and permissions in Laravel. Supports Laravel 5.3 up to 12. 1.0k826.8k7](/packages/jeremykenedy-laravel-roles)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro)[smarch/watchtower Front-end for the Shinboi Auth system of Users / Roles / Permissions in Laravel 5 523.0k](/packages/smarch-watchtower) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)