PHPackages outl1ne/nova-permissions - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. outl1ne/nova-permissions ActiveLibrary[Authentication & Authorization](/categories/authentication) outl1ne/nova-permissions ======================== Laravel Nova Permissions (Roles and Permission based Access Control) 1.1.2(3y ago)410.0k↓50%1MITPHPPHP >=8.0 Since Sep 2Pushed 3y agoCompare [ Source](https://github.com/outl1ne/nova-permissions)[ Packagist](https://packagist.org/packages/outl1ne/nova-permissions)[ RSS](/packages/outl1ne-nova-permissions/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (4)Dependencies (3)Versions (5)Used By (0) Laravel Nova Permissions (Roles and Permission based Access Control (ACL)) ========================================================================== [](#laravel-nova-permissions-roles-and-permission-based-access-control-acl) Add Access Control by means of User based Roles and Permissions to your Nova installation. Includes default User and Role Policies which can be managed through your Nova Admin Panel. This tool uses the [Silvanite\\Brandenburg](https://github.com/Silvanite/brandenburg) package under the hood to manage user roles. Brandenburg is used because it has clear separation of concerns This package is a fork of the unmaintained Nova 3 version of [Silvanite/novatoolpermissions](https://github.com/Silvanite/novatoolpermissions). Screenshots ----------- [](#screenshots) [![Index view](./docs/preview-index.png)](./docs/preview-index.png) [![Form view](./docs/preview-form.png)](./docs/preview-form.png) Premise ------- [](#premise) > *Roles* are defined in the *Database* > *Permissions* are defined in the *Codebase* As a result, you won't see any *Permissions* resource. The *Roles* resource will get the permissions from the Gates defined in your code. Installation ------------ [](#installation) Install the tool using composer ``` composer require outl1ne/nova-permissions ``` Run the migrations to add the database tables required by Brandenburg. ``` php artisan migrate ``` Add the `HasRoles` trait to your User model as per the [Brandenburg installation instructions](https://github.com/Silvanite/Brandenburg). ``` // app/User.php use Silvanite\Brandenburg\Traits\HasRoles; class User extends Authenticatable { use HasRoles; ... } ``` Load it into your Nova Tools to display the Roles within your Resources ``` // app/Providers/NovaServiceProvider.php use Outl1ne\NovaPermissions\NovaPermissions; public function tools() { return [ new NovaPermissions(), ]; } ``` You can assign Users to Roles from the Role resource, however if you want to assign Roles from your User resource you will need to add an additional relationship. ``` // app/Nova/User.php use Outl1ne\NovaPermissions\Nova\Resources\Role; public function fields(Request $request) { return [ ... BelongsToMany::make('Roles', 'roles', Role::class), ]; } ``` If you are not using the defaul `App\Nova\User` Resource you can customise this by publishing the `nova-permissions` config and setting your User resource model. ``` php artisan vendor:publish --provider="Outl1ne\NovaPermissions\Providers\PackageServiceProvider" ``` Remove the default `viewNova` Gate to use the Gate included by this package. You will need to keep the gate() method in place, just empty it. Note: Nova will always allow access in development environments. ``` // app/Providers/NovaServiceProvider.php protected function gate() { // } ``` Usage ----- [](#usage) Once installed, go ahead and create your first Role. E.g. `Administrator` and assign all permissions to your new Role. Finally assign the Administrator Role to your user account. **Note:** By default, the package allows anyone access to a permission if no single user has access to it. This is to prevent you from locking yourself out of features. As such, it is important to define your primary admin role which has access to all permissions, meaning nobody else has access unless you specifically grant it. Default Permissions ------------------- [](#default-permissions) This package comes with a set of default permissions to provide full access control to the package's functionality. Permissions come with default english translations to provide a better user experience. You are free to replace these with translations in your applications json translations. ``` { "viewNova": "Access Nova", "viewRoles": "View Roles", "manageRoles": "Manage Roles", "assignRoles": "Assign Roles", "viewUsers": "View Users", "manageUsers": "Manage Users" } ``` Custom permissions ------------------ [](#custom-permissions) To create your own permissions, simply define them in your service provider and create a *Policy* for your resource/model. Let's work with a common *Blog* example and assume that you have a **Blog** Model and Resource in your application. Create a *Policy* for your Nova Resource Create a new policy for your blog ``` php artisan make:policy BlogPolicy ``` Let's assign the Policy and define our Gates. ``` // app/Providers/AuthServiceProvider.php use Silvanite\Brandenburg\Traits\ValidatesPermissions; class AuthServiceProvider extends ServiceProvider { use ValidatesPermissions; protected $policies = [ \App\Blog::class => \App\Policies\BlogPolicy::class, ]; public function boot() { collect([ 'viewBlog', 'manageBlog', ])->each(function ($permission) { Gate::define($permission, function ($user) use ($permission) { if ($this->nobodyHasAccess($permission)) { return true; } return $user->hasRoleWithPermission($permission); }); }); $this->registerPolicies(); } } ``` Finally, specify the access control in your Policy as per the Nova documentation. ``` // app/Policies/BlogPolicy.php use Illuminate\Support\Facades\Gate; public function viewAny($user) { return Gate::any(['viewBlog', 'manageBlog'], $user); } public function view($user, $post) { return Gate::any(['viewBlog', 'manageBlog'], $user, $post); } public function create($user) { return $user->can('manageBlog'); } public function update($user, $post) { return $user->can('manageBlog', $post); } public function delete($user, $post) { return $user->can('manageBlog', $post); } public function restore($user, $post) { return $user->can('manageBlog', $post); } public function forceDelete($user, $post) { return $user->can('manageBlog', $post); } ``` And add your labels to your translations to keep everything tidy. ``` { "viewBlog": "View Blog", "manageBlog": "Manage Blog" } ``` This example is a super-simple implementation. You can define your Gates as in any standard Laravel Application and can simply add the additional checks to validate them against your assigned Roles and Permissions. Access Control -------------- [](#access-control) Sometimes you might want to prevent some users from accessing content, but not others. To achieve this, use the included `HasAccessControl.php` trait on your model. To check if a user has the correct permissions to view your content, either load the `AccessControlServiceProvider` to register the `accessControl` gate globally. Or include the `AccessControlGate` trait on your models policy. On your Nova resource, add the AccessControl field. This will display all roles with the `canBeGivenAccess` permission. To protect content from being accessed, at least one Role has to be given access to the model, otherwise the resource will be available to everyone. ``` public function fields(Request $request) { return [ // ... AccessControl::make(), // ... ] } ``` Credits ------- [](#credits) - [Marco Mark (@m2de)](https://github.com/m2de) - Original creator of Silvanite/novatoolpermissions - [Tarvo Reinpalu](https://github.com/tarpsvo) License ------- [](#license) Nova Permissions is open-sourced software licensed under the [MIT license](LICENSE.md). ### Health Score 32 — LowBetter than 72% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity27 Limited adoption so far Community16 Small or concentrated contributor base Maturity55 Maturing project, gaining track record Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~15 days Total 4 Last Release 1309d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f1c2970763f51ca6ffcc1f1b6971a472b6b36a74d5eeb5446fb9d1caab44d016?d=identicon)[Tarpsvo](/maintainers/Tarpsvo) --- Top Contributors [![m2de](https://avatars.githubusercontent.com/u/17720020?v=4)](https://github.com/m2de "m2de (42 commits)")[![Tarpsvo](https://avatars.githubusercontent.com/u/2018660?v=4)](https://github.com/Tarpsvo "Tarpsvo (18 commits)")[![crumb1e](https://avatars.githubusercontent.com/u/18497168?v=4)](https://github.com/crumb1e "crumb1e (15 commits)")[![bonzai](https://avatars.githubusercontent.com/u/98191?v=4)](https://github.com/bonzai "bonzai (4 commits)")[![thierry2015](https://avatars.githubusercontent.com/u/19241708?v=4)](https://github.com/thierry2015 "thierry2015 (2 commits)")[![frctnlss](https://avatars.githubusercontent.com/u/44410965?v=4)](https://github.com/frctnlss "frctnlss (1 commits)")[![maciejfikus](https://avatars.githubusercontent.com/u/24628237?v=4)](https://github.com/maciejfikus "maciejfikus (1 commits)")[![gbrits](https://avatars.githubusercontent.com/u/14840021?v=4)](https://github.com/gbrits "gbrits (1 commits)")[![erjanmx](https://avatars.githubusercontent.com/u/4899432?v=4)](https://github.com/erjanmx "erjanmx (1 commits)")[![tolawho](https://avatars.githubusercontent.com/u/12527881?v=4)](https://github.com/tolawho "tolawho (1 commits)")[![tanmuhittin](https://avatars.githubusercontent.com/u/7202383?v=4)](https://github.com/tanmuhittin "tanmuhittin (1 commits)") --- Tags laravelAuthenticationtoolauthorizationaclrolespermissionsnovaaccess-controlgatespolicies ### Embed Badge ![Health badge](/badges/outl1ne-nova-permissions/health.svg) ``` [![Health](https://phpackages.com/badges/outl1ne-nova-permissions/health.svg)](https://phpackages.com/packages/outl1ne-nova-permissions) ``` ### Alternatives [silvanite/novatoolpermissions Laravel Nova Permissions (Roles and Permission based Access Control (ACL)) 100256.7k2](/packages/silvanite-novatoolpermissions)[pktharindu/nova-permissions Laravel Nova Grouped Permissions (ACL) 136387.1k](/packages/pktharindu-nova-permissions)[hasinhayder/tyro Tyro - The ultimate Authentication, Authorization, and Role & Privilege Management solution for Laravel 12 & 13 6712.1k2](/packages/hasinhayder-tyro)[shanmuga/laravel-entrust This package provides a flexible solution to add ACL to Laravel 68312.9k2](/packages/shanmuga-laravel-entrust)[hosseinhezami/laravel-permission-manager Advanced permission manager for Laravel. 403.3k](/packages/hosseinhezami-laravel-permission-manager)[sametsahindogan/laravel-jwtredis This package allows JWT-authenticated users to be stored and management in Redis with their roles, permissions, statuses and anything you want. 1221.9k](/packages/sametsahindogan-laravel-jwtredis) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)