PHPackages                             micc83/rooles - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. micc83/rooles

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

micc83/rooles
=============

A very simple roles and permissions manager for Laravel 5

3.0.0(5y ago)111.6k3[4 PRs](https://github.com/micc83/rooles/pulls)MITPHPPHP ^7.4|^8.0

Since Aug 28Pushed 3y ago3 watchersCompare

[ Source](https://github.com/micc83/rooles)[ Packagist](https://packagist.org/packages/micc83/rooles)[ Docs](https://github.com/micc83/rooles)[ RSS](/packages/micc83-rooles/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (2)Versions (12)Used By (0)

Laravel Rooles [![Build Status](https://camo.githubusercontent.com/a46b9880bbed35f32cef3ae9dcc03450867648aa05a624f7f31b4e887d99691d/68747470733a2f2f7472617669732d63692e6f72672f6d69636338332f726f6f6c65732e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/micc83/rooles) [![Scrutinizer Code Quality](https://camo.githubusercontent.com/014ec6972cf55d7be9c39f7cd62713f73ea3ccba35fd4bbb3e4eaf98790ec02e/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f6d69636338332f726f6f6c65732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/micc83/rooles/?branch=master)
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[](#laravel-rooles--)

#### Simple roles and permissions manager for Laravel ^7.0

[](#simple-roles-and-permissions-manager-for-laravel-70)

### Why another Laravel RBAC (Role based access control) ?!?

[](#why-another-laravel-rbac-role-based-access-control-)

Well, good point! Most of the ACL systems out here such as [romanbican/roles](https://github.com/romanbican/roles), [kodeine/laravel-acl](https://github.com/kodeine/laravel-acl) or [Sentinel](https://cartalyst.com/manual/sentinel/) are packed with tons of amazing features... which most of the time I'm not using! :D

That's why I thought to build a minimal **Laravel roles and permissions manager** that provides a very simple RBAC implementation. Each user can be assigned a single Role, while permissions for each Role are stored in a single config file. With the package are provided a very intuitive and well documented API, a Trait to check permissions directly on the Eloquent User Model and two Middlewares to easily protect routes and Controllers.

However, as your application grown, you might need a more complex ACL system, that's why the package comes with a couple of Contracts that you can leverage to improve or replace functionalities at need. You can see **Rooles** not only as a fully working RBAC but also as a *starting point to develop your own custom roles and permission manager*.

### Setup

[](#setup)

Run the following from your terminal from within the path containing the Laravel `composer.json` file:

```
$ composer require micc83/rooles
```

Open `config/app.php` and add the following line at the end of the providers array:

```
Rooles\RoolesServiceProvider::class
```

Run the following command from your terminal to publish the migration file (it will simply add a `role` column to the default Users table), the config file and a default blade template for the *403-Forbidden* view (It will not be published if one has already been created):

```
$ php artisan vendor:publish
```

In order to be able to use route and Controllers middlewares (so to be able to filter who's able to access a given route or Controller method) open `App/Http/Kernel.php` and add the following lines at the end of the `$routeMiddleware` array:

```
'perms' => \Rooles\PermsMiddleware::class,
'role'  => \Rooles\RoleMiddleware::class,
```

As **Rooles** works on top of the default *Auth* system of Laravel and with the *Eloquent* User Model you must add the `Rooles\Traits\UserRole` trait to the User Class located in `App/User.php` as follow:

```
use \Rooles\Traits\UserRole;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract
{

    use Authenticatable, CanResetPassword, UserRole;

    // ...
}
```

> **Important note on Laravel version &gt;= 1.1.11** From this version on Laravel implements its own permission manager trough the `Authorizable` trait/contract so, in order to have the User model work with Rooles, you must remove any reference to both the `Authorizable` trait and interface from the Eloquent user model.

### Setting up users role

[](#setting-up-users-role)

Only a single Role can be assigned to each User. You can hardcode the role inside the User Eloquent model adding the role attribute as follow:

```
protected $attributes = [
    'role' => 'admin'
];
```

Or run the provided migration to add the `role` column to the Users Table so to be able to change Users role at runtime:

```
$user = User::find(1);
$user->role = 'admin';
$user->save();
```

### Setting up permissions

[](#setting-up-permissions)

All the permissions for any given role are set in the `config/rooles.php` file as follow:

```
