PHPackages muan/laravel-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. muan/laravel-acl ActivePackage[Authentication & Authorization](/categories/authentication) muan/laravel-acl ================ ACL package for Laravel 1.3(6y ago)41381MITPHPPHP >=7.0 Since Dec 13Pushed 6y ago2 watchersCompare [ Source](https://github.com/mustardandrew/muan-laravel-acl)[ Packagist](https://packagist.org/packages/muan/laravel-acl)[ RSS](/packages/muan-laravel-acl/feed)WikiDiscussions master Synced today READMEChangelog (5)DependenciesVersions (6)Used By (1) Muan Laravel Acl package v1.3 ============================= [](#muan-laravel-acl-package-v13) Muan Acl is a PHP package for Laravel Framework, used for manipulation of access control list. Package is providing an easier way to control roles and permissions of users on your site. Requirements ------------ [](#requirements) - PHP >=7.0 Install ------- [](#install) 1. Type next command in your terminal: ``` composer require muan/laravel-acl ``` 2. Add the service provider to your config/app.php file in section providers: > Laravel 5.5 uses Package Auto-Discovery, so does not require you to manually add the ServiceProvider. ``` 'providers' => [ // ... Muan\Acl\AclServiceProvider::class, // ... ], ``` 3. Run the migrations: ``` php artisan migrate ``` Usage ----- [](#usage) ### Use the following traits on your User model: [](#use-the-following-traits-on-your-user-model) ``` // ... use Muan\Acl\Traits\{HasRolesTrait, HasPermissionsTrait}; class User extends Authenticatable { use HasRolesTrait, HasPermissionsTrait; // ... Your User Model Code } ``` ### Using observer [](#using-observer) To bind the base role to the user after registration, you can specify a public property $baseRole. For example: ``` class User extends Authenticatable { // ... /** * Attach base role */ public $baseRole = 'user'; // ... } ``` ### Using in code [](#using-in-code) Check role ``` if ($user->hasRole('admin')) { // User is admin } // or if ($user->hasRole('admin', 'writer')) { // User is admin or writer } ``` Attach role ``` $user->attachRole(10, "moderator") ``` The same function, detach role ``` $user->detachRole('moder'); // ... $user->detachRole('admin', '3', '2'); ``` Clear all roles ``` $user->clearRoles(); ``` Check permission ``` if ($user->hasPermission('create post')) { // User has permission "create post" } ``` Attach permissions ``` $user->attachPermission("update post"); ``` Detach permissions ``` $user->detachPermission("remove post"); ``` Clear all permissions ``` $user->clearPermissions(); ``` See the code for more information... =) ### Commands for manipulation [](#commands-for-manipulation) #### Permissions [](#permissions) Create new permission ``` php artisan permission:add "create post" ``` Rename permission ``` php artisan permission:rename "create post" create.post ``` Remove permission ``` php artisan permission:remove "create post" ``` Show all permissions ``` php artisan permission:list ``` #### Roles [](#roles) Create new role ``` php artisan role:add admin ``` Rename role ``` php artisan role:rename admin superuser ``` Remove role ``` php artisan role:remove admin ``` View all roles ``` php artisan role:list ``` Attach permissions to role ``` php artisan role:attach admin --id=2 --id=3 --name="create post" ``` Detach permissions from role ``` php artisan role:detach admin --id=3 --name="destroy user" ``` Clear all attached permissions ``` php artisan role:clear ``` View information about role and show all attached permissions ``` php artisan role:view admin ``` #### Users [](#users) Attach roles ``` php artisan user:role-attach 5 --id=2 --name=moderator ``` Detach roles ``` php artisan user:role-detach 5 --id=2 --name=admin ``` Detached all roles from user ``` php artisan user:role-clear ``` Attach permissions ``` php artisan user:permission-attach 5 --id=7 --name="remove comment" ``` Detach permissions ``` php artisan user:permission-detach 5 --id=2 --name="read secret post" ``` Detached all permission from user ``` php artisan user:permission-clear ``` View information about user, all attached roles and permissions ``` php artisan user:view 5 ``` where 5 is ID of user. ### Using blade directives [](#using-blade-directives) You also can use directives to verify the currently logged in user has any roles or permissions. Check roles: ``` @role('admin') @elserole('writer') @else @endrole ``` or check more roles in one directive: ``` @role(['admin', 'writer']) @endrole ``` Check permissions: ``` @can('create post') @elsecan('edit post') @endcan ``` ### Using middlewares [](#using-middlewares) You can use role middleware for check access to some routes ``` Route::middleware(['role:admin'])->group(function() { // Only for user with role admin Route::get('/admin', function() { // some code }); }); ``` also you can use permission middleware ``` Route::middleware(['permission:create post'])->group(function() { // Only for user with permission create post Route::get('/admin/post', function() { // some code }); }); ``` or use role and permission middleware together ``` Route::middleware(['role:moderator', 'permission:remove post'])->group(function() { // Only for user with role moderator and with permission create post Route::get('/admin/post/remove', function() { // some code }); }); ``` License ------- [](#license) Muan Laravel Acl package is licensed under the [MIT License](http://opensource.org/licenses/MIT). ### Health Score 30 — LowBetter than 64% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity14 Limited adoption so far Community12 Small or concentrated contributor base Maturity62 Established project with proven stability Bus Factor1 Top contributor holds 87.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~204 days Total 5 Last Release 2254d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/c5d692559a8730e2167796208810140710f1f4842700cd99ec11508cbdee99e3?d=identicon)[mustardandrew](/maintainers/mustardandrew) --- Top Contributors [![mustardandrew](https://avatars.githubusercontent.com/u/7501643?v=4)](https://github.com/mustardandrew "mustardandrew (58 commits)")[![qWici](https://avatars.githubusercontent.com/u/11472929?v=4)](https://github.com/qWici "qWici (8 commits)") --- Tags laravelpackageaclpermissionrole ### Embed Badge ![Health badge](/badges/muan-laravel-acl/health.svg) ``` [![Health](https://phpackages.com/badges/muan-laravel-acl/health.svg)](https://phpackages.com/packages/muan-laravel-acl) ``` ### Alternatives [efficiently/authority-controller AuthorityController is an PHP authorization library for Laravel 5 which restricts what resources a given user is allowed to access. 15533.2k](/packages/efficiently-authority-controller)[orchestra/auth Auth Component for Orchestra Platform 24108.5k3](/packages/orchestra-auth)[codebot/entrust This package provides a flexible way to add Role-based Permissions to Laravel 1596.6k](/packages/codebot-entrust) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)