PHPackages ordain/delegation - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ordain/delegation ActiveLibrary[Authentication & Authorization](/categories/authentication) ordain/delegation ================= Scoped authority delegation for Laravel with native escalation prevention v1.1.2(1mo ago)013MITPHPPHP ^8.2CI passing Since Jan 5Pushed 1mo agoCompare [ Source](https://github.com/rickeysxhemz/ordain-delegation)[ Packagist](https://packagist.org/packages/ordain/delegation)[ Docs](https://github.com/rickeysxhemz/ordain-delegation)[ RSS](/packages/ordain-delegation/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (5)Dependencies (24)Versions (6)Used By (0) Permission Delegation for Laravel ================================= [](#permission-delegation-for-laravel) [![Latest Version on Packagist](https://camo.githubusercontent.com/cde3e9a257c5bd39ddaa2bced926654324ad8039ae3352d25dae082772685157/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6f726461696e2f64656c65676174696f6e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/ordain/delegation)[![GitHub Tests Action Status](https://camo.githubusercontent.com/a1f939c5a0cda4292c3f847e904298d815c19f215d374107cb57668c10310a5c/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f7269636b6579737868656d7a2f6f726461696e2d64656c65676174696f6e2f74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/rickeysxhemz/ordain-delegation/actions?query=workflow%3Atests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/f19d9a7d9fe41a6740598d4e595156a6a782f67da8bbb28251c0b4fd726a875b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f7269636b6579737868656d7a2f6f726461696e2d64656c65676174696f6e2f636f64652d7374796c652e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265)](https://github.com/rickeysxhemz/ordain-delegation/actions?query=workflow%3Acode-style+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/d2ea768db10a340292b560f3d4cb25496bd4f4286ef87f0c226422ea4bf93df9/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6f726461696e2f64656c65676174696f6e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/ordain/delegation)[![License](https://camo.githubusercontent.com/2fb23281bbc8776844b350fcc5cd275ea3f22d2726e4f9dd2502d11986b3f5aa/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f6f726461696e2f64656c65676174696f6e2e7376673f7374796c653d666c61742d737175617265)](https://github.com/rickeysxhemz/ordain-delegation/blob/main/LICENSE) **Scoped authority delegation for Laravel.** Enforce hierarchical permission boundaries where authority flows downward—users delegate subsets of their own grants, never more. Native escalation prevention with [spatie/laravel-permission](https://github.com/spatie/laravel-permission) integration. The Problem ----------- [](#the-problem) Traditional RBAC answers: *"What can this user do?"* This package answers: *"What can this user **grant to others**?"* Without delegation control, a team lead could assign admin roles, create unlimited users, or manage users outside their hierarchy. This package prevents that. Features -------- [](#features) - **Hierarchical user management** - Users only manage users they created - **Role & permission delegation** - Control which roles/permissions users can assign - **User creation quotas** - Limit how many users each manager can create - **Native escalation prevention** - Cannot grant more than you have - **Root admin bypass** - Configurable super-user override - **Comprehensive audit logging** - Track all delegation actions - **Domain events** - React to delegation changes - **Built-in caching** - Optimized for performance - **Multi-guard support** - Works with custom authentication guards - **Blade directives & route macros** - Convenient view and routing helpers - **Artisan commands** - CLI tools for management - **Octane compatible** - Ready for high-performance deployments Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 11.x or 12.x - [spatie/laravel-permission](https://github.com/spatie/laravel-permission) ^6.0 Installation ------------ [](#installation) Install the package via Composer: ``` composer require ordain/delegation ``` Publish and run the migrations: ``` php artisan vendor:publish --tag=delegation-migrations php artisan migrate ``` Publish the configuration file: ``` php artisan vendor:publish --tag=delegation-config ``` Add the trait to your User model: ``` use Ordain\Delegation\Contracts\DelegatableUserInterface; use Ordain\Delegation\Traits\HasDelegation; class User extends Authenticatable implements DelegatableUserInterface { use HasDelegation; protected $fillable = [ // ... your fields 'can_manage_users', 'max_manageable_users', 'created_by_user_id', ]; } ``` Quick Start ----------- [](#quick-start) ### Check Authorization [](#check-authorization) ``` use Ordain\Delegation\Facades\Delegation; // Can this user assign a role to another user? if (Delegation::canAssignRole($delegator, $role, $target)) { Delegation::delegateRole($delegator, $target, $role); } // Can this user create new users? if (Delegation::canCreateUsers($user)) { // Create user... } // What roles can this user assign? $assignableRoles = Delegation::getAssignableRoles($user); ``` ### Set Delegation Scope [](#set-delegation-scope) ``` use Ordain\Delegation\Domain\ValueObjects\DelegationScope; // Define what a manager can delegate $scope = new DelegationScope( canManageUsers: true, maxManageableUsers: 10, assignableRoleIds: [1, 2, 3], assignablePermissionIds: [4, 5], ); Delegation::setDelegationScope($manager, $scope); ``` ### Protect Routes [](#protect-routes) ``` // Using middleware Route::middleware('can.delegate')->group(function () { Route::post('/users', [UserController::class, 'store']); }); Route::middleware('can.assign.role:editor,moderator') ->post('/users/{user}/roles', [RoleController::class, 'store']); // Using route macros Route::post('/users', [UserController::class, 'store']) ->canDelegate(); Route::post('/users/{user}/roles', [RoleController::class, 'store']) ->canAssignRole(['editor', 'moderator']); ``` ### Blade Directives [](#blade-directives) ``` @canDelegate Create User @endCanDelegate @canAssignRole('admin') Administrator @endCanAssignRole ``` Documentation ------------- [](#documentation) DocumentationDescription[Installation](docs/installation.md)Detailed installation and setup guide[Configuration](docs/configuration.md)All configuration options explained[Core Concepts](docs/concepts.md)Understanding hierarchical delegation[Basic Usage](docs/basic-usage.md)Common usage patterns[Advanced Usage](docs/advanced-usage.md)Batch operations, validation, caching[Middleware](docs/middleware.md)Route protection middleware[Blade & Routes](docs/blade-and-routes.md)Blade directives and route macros[Events](docs/events.md)Domain events and listeners[Commands](docs/commands.md)Artisan console commands[Customization](docs/customization.md)Extending the package[API Reference](docs/api-reference.md)Complete method reference[Testing](docs/testing.md)Testing your implementation[Troubleshooting](docs/troubleshooting.md)Common issues and solutionsArtisan Commands ---------------- [](#artisan-commands) ``` # Interactive installation wizard php artisan delegation:install # Display user's delegation scope php artisan delegation:show {user} # Assign role via CLI php artisan delegation:assign {delegator} {target} {role} # Clear delegation cache php artisan delegation:cache-reset {user?} # Health check php artisan delegation:health ``` Testing ------- [](#testing) ``` composer test ``` With coverage: ``` composer test-coverage ``` Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Contributing ------------ [](#contributing) Please see [CONTRIBUTING](CONTRIBUTING.md) for details. Security Vulnerabilities ------------------------ [](#security-vulnerabilities) Please review [our security policy](SECURITY.md) on how to report security vulnerabilities. Credits ------- [](#credits) - [Waqas Majeed](https://github.com/rickeysxhemz) - [All Contributors](https://github.com/rickeysxhemz/ordain-delegation/graphs/contributors) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE) for more information. ### Health Score 41 — FairBetter than 89% of packages Maintenance89 Actively maintained with recent releases Popularity8 Limited adoption so far Community8 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 81.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~19 days Total 5 Last Release 57d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/3039e8ad53eaff61e65476d25d562e0fc34f61ffc201112d27d07eddaf83ffd5?d=identicon)[rickeysxhemz](/maintainers/rickeysxhemz) --- Top Contributors [![rickeysxhemz](https://avatars.githubusercontent.com/u/37139614?v=4)](https://github.com/rickeysxhemz "rickeysxhemz (26 commits)")[![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4)](https://github.com/github-actions[bot] "github-actions[bot] (6 commits)") --- Tags spatielaravelauthorizationpermissionrolesrbachierarchydelegation ### Code Quality TestsPest Static AnalysisPHPStan Code StyleLaravel Pint Type Coverage Yes ### Embed Badge ![Health badge](/badges/ordain-delegation/health.svg) ``` [![Health](https://phpackages.com/badges/ordain-delegation/health.svg)](https://phpackages.com/packages/ordain-delegation) ``` ### Alternatives [spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[casbin/laravel-authz An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel. 324339.9k4](/packages/casbin-laravel-authz)[wnikk/laravel-access-rules Simple system of ACR (access control rules) for Laravel, with roles, groups, unlimited inheritance and possibility of multiplayer use. 103.6k1](/packages/wnikk-laravel-access-rules)[hosseinhezami/laravel-permission-manager Advanced permission manager for Laravel. 403.3k](/packages/hosseinhezami-laravel-permission-manager) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)