PHPackages misaf/vendra-permission - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. misaf/vendra-permission ActiveVendra-module[Authentication & Authorization](/categories/authentication) misaf/vendra-permission ======================= Role and permission management for Vendra, built on top of Spatie Permission 10PHPCI failing Since Feb 27Pushed 2mo agoCompare [ Source](https://github.com/misaf/vendra-permission)[ Packagist](https://packagist.org/packages/misaf/vendra-permission)[ RSS](/packages/misaf-vendra-permission/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) Vendra Permission ================= [](#vendra-permission) Role and permission management for Vendra, built on top of Spatie Permission and Filament 4. Features -------- [](#features) - Filament cluster on the `admin` panel for permission management - Role and permission CRUD resources - Manage role-permission relations from role pages - Tenant-scoped Pennant feature flags for module/resource access - Feature toggle Artisan command per tenant - Policy classes and enums for role/permission actions - Translation files for `en` and `fa` - Configurable `Gate::after()` superadmin bypass role Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 11 or 12 - Filament 4 - `laravel/pennant` - `misaf/vendra-tenant` - `misaf/vendra-user` - `misaf/vendra-activity-log` - `awcodes/filament-badgeable-column` - `mokhosh/filament-jalali` - `spatie/laravel-permission` Installation ------------ [](#installation) ``` composer require misaf/vendra-permission ``` Publish Spatie permission config and migrations (if not already published in your app): ``` php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag=permission-config php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag=permission-migrations php artisan migrate ``` Optional: publish module translations: ``` php artisan vendor:publish --tag=vendra-permission-translations ``` Optional: publish module config: ``` php artisan vendor:publish --tag=vendra-permission-config ``` If you use Pennant with the database driver, ensure Pennant storage is migrated in your application. Configuration ------------- [](#configuration) If you want Spatie to use this module's models everywhere in your app, set `config/permission.php`: ``` 'models' => [ 'permission' => Misaf\VendraPermission\Models\Permission::class, 'role' => Misaf\VendraPermission\Models\Role::class, ], ``` Superadmin bypass role is configurable in `config/vendra-permission.php`: ``` 'super_admin_role' => env('VENDRA_PERMISSION_SUPER_ADMIN_ROLE', 'superadmin'), ``` The config key is `super_admin_role` (short and local to this file). The env var remains `VENDRA_PERMISSION_SUPER_ADMIN_ROLE` (prefixed to avoid global collisions). This value is used for both `Gate::after()` superadmin bypass and excluding that role from the roles table query. Pennant feature behavior is configured in `config/vendra-permission.php`: ``` 'features' => [ 'enabled' => env('VENDRA_PERMISSION_FEATURES_ENABLED', false), 'discover' => env('VENDRA_PERMISSION_FEATURES_DISCOVER', false), 'defaults' => [ 'vendra-permission.module-enabled' => false, 'vendra-permission.role-management' => false, 'vendra-permission.permission-management' => false, 'vendra-permission.bulk-role-assignment' => false, ], ], ``` When `features.discover` is enabled, the package calls: ``` Feature::discover('Misaf\\VendraPermission\\Features', __DIR__ . '/Features'); ``` if the directory exists. Filament -------- [](#filament) Resources are registered on the `admin` panel through `PermissionPlugin`: - Roles - Permissions Navigation cluster: `permissions` Access is feature-gated per tenant using `Feature::for(Tenant::current())`: - `vendra-permission.module-enabled` controls cluster access - `vendra-permission.role-management` controls role resource access - `vendra-permission.permission-management` controls permission resource access - `vendra-permission.bulk-role-assignment` controls attach/detach role bulk actions ### Permission Bulk Actions [](#permission-bulk-actions) `AttachRolesAction` and `DetachRolesAction` share role-resolution logic via: - `Misaf\VendraPermission\Filament\Clusters\Resources\Permissions\Actions\Concerns\ResolvesSelectedRoles` The trait provides: - `getRoleSelectOptions()` for the roles multiselect options (`name (guard_name)`) - `resolveRoleIdsByGuardFromPayload()` to load selected roles with `whereKey(...)` and group by `guard_name` This keeps attach/detach behavior consistent and prevents cross-guard role operations when processing selected `Permission` records. Pennant Features ---------------- [](#pennant-features) Feature keys are defined in: - `Misaf\VendraPermission\Enums\PermissionFeatureEnum` Resolver registration lives in: - `Misaf\VendraPermission\PermissionServiceProvider::packageBooted()` Resolver behavior: - non-tenant scopes are denied (`false`) - `features.enabled` must be true - unresolved values fall back to `features.defaults` Feature map: Enum caseFeature keyShort keyEffect`MODULE_ENABLED``vendra-permission.module-enabled``module-enabled`Enables or hides the whole permissions cluster`ROLE_MANAGEMENT``vendra-permission.role-management``role-management`Enables or hides the roles resource`PERMISSION_MANAGEMENT``vendra-permission.permission-management``permission-management`Enables or hides the permissions resource`BULK_ROLE_ASSIGNMENT``vendra-permission.bulk-role-assignment``bulk-role-assignment`Enables or hides attach/detach role bulk actionsArtisan Commands ---------------- [](#artisan-commands) Toggle tenant features with: ``` php artisan vendra-permission:feature {activate|deactivate} {feature|all} {tenant} ``` `feature` accepts: - enum case name, e.g. `ROLE_MANAGEMENT` - full key, e.g. `vendra-permission.role-management` - short key, e.g. `role-management` - `all` `tenant` accepts: - tenant `id` - tenant `slug` The command requires `vendra-permission.features.enabled` to be `true`. Examples: ``` php artisan vendra-permission:feature activate module-enabled 1 php artisan vendra-permission:feature activate permission-management acme php artisan vendra-permission:feature deactivate all acme ``` Per-feature console reference (`` can be tenant `id` or `slug`): ``` # MODULE_ENABLED php artisan vendra-permission:feature activate MODULE_ENABLED php artisan vendra-permission:feature deactivate MODULE_ENABLED # ROLE_MANAGEMENT php artisan vendra-permission:feature activate ROLE_MANAGEMENT php artisan vendra-permission:feature deactivate ROLE_MANAGEMENT # PERMISSION_MANAGEMENT php artisan vendra-permission:feature activate PERMISSION_MANAGEMENT php artisan vendra-permission:feature deactivate PERMISSION_MANAGEMENT # BULK_ROLE_ASSIGNMENT php artisan vendra-permission:feature activate BULK_ROLE_ASSIGNMENT php artisan vendra-permission:feature deactivate BULK_ROLE_ASSIGNMENT ``` Usage ----- [](#usage) Use this package's tenant feature flags and console command to control access in each tenant: - `vendra-permission.module-enabled` - `vendra-permission.role-management` - `vendra-permission.permission-management` - `vendra-permission.bulk-role-assignment` Role/permission CRUD and assignment semantics follow Spatie Permission. See: Development ----------- [](#development) ``` composer test composer analyse composer format ``` Keeping This README Updated --------------------------- [](#keeping-this-readme-updated) Update this file whenever these change: - `composer.json` requirements - Pennant feature keys, defaults, or resolver behavior - feature command signature or behavior - Filament resources, pages, or cluster names - Translation keys/files in `resources/lang` - Authorization behavior in policies or `PermissionServiceProvider` - Installation steps (especially migration/config behavior) License ------- [](#license) MIT. See [LICENSE](LICENSE). ### Health Score 19 — LowBetter than 10% of packages Maintenance56 Moderate activity, may be stable Popularity2 Limited adoption so far Community6 Small or concentrated contributor base Maturity12 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/41fd7351d25e29dafa18068d0418eecf6bb47a7473aabe6bc674b4ca35e71805?d=identicon)[misaf](/maintainers/misaf) --- Top Contributors [![misaf](https://avatars.githubusercontent.com/u/8195685?v=4)](https://github.com/misaf "misaf (1 commits)") ### Embed Badge ![Health badge](/badges/misaf-vendra-permission/health.svg) ``` [![Health](https://phpackages.com/badges/misaf-vendra-permission/health.svg)](https://phpackages.com/packages/misaf-vendra-permission) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock A flexible, driver based Acl package for PHP 5.4+ 870304.7k2](/packages/beatswitch-lock)[amocrm/amocrm-api-library amoCRM API Client 182728.5k6](/packages/amocrm-amocrm-api-library)[vonage/jwt A standalone package for creating JWTs for Vonage APIs 424.1M4](/packages/vonage-jwt) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)