PHPackages phpexperts/laravel-rbac - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. phpexperts/laravel-rbac ActiveLibrary[Authentication & Authorization](/categories/authentication) phpexperts/laravel-rbac ======================= Role based access control for Laravel 5 1.0.4(7y ago)11661MITPHPPHP >=7.1.0 Since Jan 3Pushed 7y ago1 watchersCompare [ Source](https://github.com/phpexpertsinc/laravel-rbac)[ Packagist](https://packagist.org/packages/phpexperts/laravel-rbac)[ RSS](/packages/phpexperts-laravel-rbac/feed)WikiDiscussions master Synced today READMEChangelogDependencies (2)Versions (18)Used By (0) Laravel RBAC ============ [](#laravel-rbac) Super simple RBAC/ACL implementation for Laravel 5. Laravel >=5.4 compatible fork of . Installation ------------ [](#installation) Require this package with composer ([Packagist](https://packagist.org/packages/phpexperts/laravel-rbac)) using the following command ``` composer require phpexperts/laravel-rbac ``` or modify your `composer.json` ``` "require": { ... "phpexperts/laravel-rbac": "^1.0" } ``` then run `composer update`. After installation register the ServiceProvider to the `providers` array in `config/app.php` ``` PHPExperts\LaravelRBAC\RbacServiceProvider::class, ``` Run the migrations ``` $ php artisan migrate ``` Add RBAC middleware to your `app/Http/Kernel.php` ``` protected $routeMiddleware = [ ... 'rbac' => '\PHPExperts\LaravelRBAC\Middleware\Rbac::class' ]; ``` Add Rbac trait to your `User` model ``` use PHPExperts\LaravelRBAC\Traits\Rbac; class User extends Authenticatable { use HasRoles; ... } ``` Usage ----- [](#usage) ### Roles [](#roles) #### Create role [](#create-role) ``` $adminRole = new Role; $adminRole->name = 'Administrator'; $adminRole->slug = 'administrator'; $adminRole->description = 'System Administrator'; $adminRole->save(); $editorRole = new Role; $editorRole->name = 'Editor'; $editorRole->slug = 'editor'; $editorRole->description = 'Editor'; $editorRole->save(); ``` #### Assign role to user [](#assign-role-to-user) ``` $user = User::find(1); $user->roles()->attach($adminRole->id); ``` you can also assign multiple roles at once ``` $user->roles()->attach([$adminRole->id, $editorRole->id]); ``` #### Revoke role from user [](#revoke-role-from-user) ``` $user->roles()->detach($adminRole->id); ``` you can also revoke multiple roles at once ``` $user->roles()->detach([$adminRole->id, $editorRole->id]); ``` #### Sync roles [](#sync-roles) ``` $user->roles()->sync([$editorRole->id]); ``` Any role already assigned to user will be revoked if you don't pass its id to sync method. ### Permissions [](#permissions) #### Create permission [](#create-permission) ``` $createUser = new Permission; $createUser->name = 'Create user'; $createUser->slug = 'user.create'; $createUser->description = 'Permission to create user'; $createUser->save(); $updateUser = new Permission; $updateUser->name = 'Update user'; $updateUser->slug = 'user.update'; $updateUser->description = 'Permission to update user'; $updateUser->save(); ``` #### Assign permission to role [](#assign-permission-to-role) ``` $adminRole = Role::find(1); $adminRole->permissions()->attach($createUser->id); ``` you can also assign multiple permissions at once ``` $adminRole->permissions()->attach([$createUser->id, $updateUser->id]); ``` #### Revoke permission from role [](#revoke-permission-from-role) ``` $adminRole->permissions()->detach($createUser->id); ``` you can also revoke multiple permissions at once ``` $adminRole->permissions()->detach([$createUser->id, $updateUser->id]); ``` #### Sync permissions [](#sync-permissions) ``` $adminRole->permissions()->sync([$updateUser->id]); ``` Any permission already assigned to role will be revoked if you don't pass its id to sync method. ### Check user roles/permissions [](#check-user-rolespermissions) Roles and permissions can be checked on `User` instance using `hasRole` and `canDo` methods. ``` $isAdmin = Auth::user()->hasRole('administrator'); // pass role slug as parameter $isAdminOrEditor = Auth::user()->hasRole('administrator|editor'); // using OR operator $canUpdateUser = Auth::user()->canDo('update.user'); // pass permission slug as parameter $canUpdateOrCreateUser = Auth::user()->canDo('update.user|create.user'); // using OR operator ``` ### Protect routes [](#protect-routes) Laravel RBAC provides middleware to protect single route and route groups. Middleware expects 2 comma separated params: - **is** or **can** as first param - what to check (role/permission) - role/permission slug as second param ``` Route::get('/backend', [ 'uses' => 'BackendController@index', 'middleware' => ['auth', 'rbac:is,administrator'] ]); Route::get('/backend', [ 'uses' => 'BackendController@index', 'middleware' => ['auth', 'rbac:is,administrator|editor'] ]); Route::get('/dashboard', [ 'uses' => 'DashboardController@index', 'middleware' => ['auth', 'rbac:can,view.dashboard'] ]); Route::get('/dashboard', [ 'uses' => 'DashboardController@index', 'middleware' => ['auth', 'rbac:can,view.dashboard|view.statistics'] ]); ``` ### Blade directive [](#blade-directive) Laravel RBAC provides two Blade directives to check if user has role/permission assigned. Check for role ``` @ifUserIs('administrator') // show admin content here @else // sorry @endif @ifUserIs('administrator|editor') // show editor content here @else // sorry @endif ``` Check for permission ``` @ifUserCan('delete.user') // show delete button @endif @ifUserCan('delete.user|manage.user') // show delete button @endif ``` License ------- [](#license) Laravel RBAC is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT) ### Health Score 31 — LowBetter than 68% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community13 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~67 days Recently: every ~0 days Total 17 Last Release 2700d ago Major Versions 0.7.1 → 1.0.02018-12-18 PHP version history (2 changes)0.1PHP >=5.5.9 1.0.0PHP >=7.1.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/3f3a2dd16766f6b03c330e65aaca9dfb97f1bbbb41c5e2af5681f58f670b7917?d=identicon)[hopeseekr](/maintainers/hopeseekr) --- Top Contributors [![phpzen](https://avatars.githubusercontent.com/u/16389236?v=4)](https://github.com/phpzen "phpzen (11 commits)")[![hopeseekr](https://avatars.githubusercontent.com/u/1125541?v=4)](https://github.com/hopeseekr "hopeseekr (10 commits)")[![msbytes](https://avatars.githubusercontent.com/u/24713293?v=4)](https://github.com/msbytes "msbytes (9 commits)")[![keepanitreel](https://avatars.githubusercontent.com/u/1206265?v=4)](https://github.com/keepanitreel "keepanitreel (6 commits)")[![tal512](https://avatars.githubusercontent.com/u/4966359?v=4)](https://github.com/tal512 "tal512 (1 commits)") --- Tags laravelsecurityauthaclrolespermissionsrbac ### Embed Badge ![Health badge](/badges/phpexperts-laravel-rbac/health.svg) ``` [![Health](https://phpackages.com/badges/phpexperts-laravel-rbac/health.svg)](https://phpackages.com/packages/phpexperts-laravel-rbac) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[phpzen/laravel-rbac Role based access control for Laravel 5 383.2k](/packages/phpzen-laravel-rbac)[erag/laravel-role-permission A simple and easy-to-install role and permission management package for Laravel, supporting versions 10.x and 11.x 404.2k](/packages/erag-laravel-role-permission) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)