PHPackages nh/access-control - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. nh/access-control ActiveLibrary[Authentication & Authorization](/categories/authentication) nh/access-control ================= Access controle via roles and permissions 1.5.4(3y ago)02811MITPHP Since Apr 14Pushed 3y ago1 watchersCompare [ Source](https://github.com/NatachaH/laravel-access-control)[ Packagist](https://packagist.org/packages/nh/access-control)[ RSS](/packages/nh-access-control/feed)WikiDiscussions master Synced 6d ago READMEChangelog (10)DependenciesVersions (28)Used By (1) Installation ============ [](#installation) Install the package via composer: ``` composer require nh/access-control ``` Publish the databases and the models for the roles: ``` php artisan vendor:publish --tag=access-control ``` To make a model with role, you can create a migration via the console commande: *The --many option will create a roleables table with many to many morph relationship* ``` php artisan role:new {--model= : the name of the model (singular/lowercase)} {--many : is the model using many to many} ``` Then, if your model is has only one role add the **HasAccess** trait to your model: ``` use Nh\AccessControl\Traits\HasAccess; use HasAccess; ``` Create permission ================= [](#create-permission) You can create permission via the console commande: *You can create a single permission, or all action permissions for a model.* ``` php artisan permission:new {--model= : the name of the model (singular/lowercase)} {--softDelete : is the model using SoftDelete} ``` Check the access ================ [](#check-the-access) Check if a model has any role : ``` Auth::user()->hasAnyRole() ``` Check if a model has some roles : *You must pass a string or an array**By default it will check on the guard column, but you can specify the column* ``` Auth::user()->hasRoles('admin') Auth::user()->hasRoles('Administrator','name') ``` Check if a model has some permissions : *You must pass a string or an array* ``` Auth::user()->hasPermissions('only-admin') ``` Check if a model has access to a model/action : *You must pass a string for the model and a string or an array for the actions* ``` // Request hasAccess(string $model, mixed $actions = null, boolean $strict = false) // Has ANY permission of the Role model Auth::user()->hasAccess('role') // Has ALL permission of the Role model Auth::user()->hasAccess('role', null, true) // Has a specific permission of the Role model Auth::user()->hasAccess('role', 'update') // Has ANY specific permission of the Role model Auth::user()->hasAccess('role', ['update','delete']) // Has ALL specific permission of the Role model Auth::user()->hasAccess('role', ['update','delete'], true) ``` Check if a model has superpower : *You can change the superpowers role in the config file* ``` // Return a boolean Auth:user()->has_superpowers; ``` Scope the model with role(s) : ``` User::withRole('admin')->get(); User::withRole(['superadmin','admin'])->get(); User::withRole(2,'role_id')->get(); ``` Models ====== [](#models) The package come with two models: - Role - Permission Role ---- [](#role) The role have a **guard** and **name** attribute. You can retrieve the restricted permissions: ``` $role->restrictions(); ``` You can also retrieve the restricted permissions from a model with multiple roles: ``` Auth::user()->permission_restrictions; ``` You can check if a role have a permission: *$permissions can be a string or an array* ``` $role->hasPermissions($permissions, $column) ``` You can check if a role have a permission by model/action: *$actions can be a string or an array**$strict must be a boolean, and check if AS ANY or AS ALL permission* ``` $role->hasPermissionsModel($model,$actions,$strict) ``` Events ====== [](#events) You can use the **RoleEvent** for dispatch events that happen to the role access. ``` RoleEvent::dispatch('my-event', $model, $role, 1); ``` You can use the **PermissionEvent** for dispatch events that happen to the role/permission access. ``` PermissionEvent::dispatch('my-event', $role, $permission, 1); ``` Gates ===== [](#gates) You can use the **set-roles** Gate to check if current Auth can set the roles. *$roles must be an array of ids**In the config file you can specify the roles that are guarded and required an Auth of the same role* ``` Gate::authorize('set-roles', $roles); ``` You can use the **set-permissions** Gate to check if current Auth can set the permission for a role. *$permissions must be an array of ids**In the config file you can specify the roles that are guarded and required an Auth of the same role* ``` Gate::authorize('set-permissions', $permissions); ``` ### Health Score 29 — LowBetter than 59% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community9 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~39 days Recently: every ~126 days Total 27 Last Release 1214d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/47361520c40f781d7d5b39e26b3194800a35e89c4819c220ea3eaaaa907c34ec?d=identicon)[NatachaH](/maintainers/NatachaH) --- Top Contributors [![NatachaH](https://avatars.githubusercontent.com/u/24412486?v=4)](https://github.com/NatachaH "NatachaH (107 commits)") ### Embed Badge ![Health badge](/badges/nh-access-control/health.svg) ``` [![Health](https://phpackages.com/badges/nh-access-control/health.svg)](https://phpackages.com/packages/nh-access-control) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)