PHPackages riteshjha/laravel-permission - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. riteshjha/laravel-permission ActiveLibrary[Authentication & Authorization](/categories/authentication) riteshjha/laravel-permission ============================ Laravel role and user based permission v2.0.4(1y ago)1758—0%MITPHPPHP ^7.3|^8.0CI failing Since Jun 13Pushed 6mo ago1 watchersCompare [ Source](https://github.com/riteshjha/laravel-permission)[ Packagist](https://packagist.org/packages/riteshjha/laravel-permission)[ RSS](/packages/riteshjha-laravel-permission/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (4)Versions (13)Used By (0) Laravel Permission (Account and Owner Level Check) ================================================== [](#laravel-permission-account-and-owner-level-check) [![Latest Version on Packagist](https://camo.githubusercontent.com/d4957c251ece9237455b015a876e2fede9e11e22f6fba5d31ec22c312cad779b/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f7269746573686a68612f6c61726176656c2d7065726d697373696f6e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/riteshjha/laravel-permission)[![Total Downloads](https://camo.githubusercontent.com/d575501b3929691491da4a7ed64bca39ac7e1661abab7cc2c4a76fff29eb7c82/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f7269746573686a68612f6c61726176656c2d7065726d697373696f6e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/riteshjha/laravel-permission)[![Software License](https://camo.githubusercontent.com/6c711032aff1ca0eb6b211aa6cb3649ce7fd64a7714e1181d4bb457f9680e7cf/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md) This package allows you to manage user permissions in a database using role and direct user based permission with Account (Organization) level and owner level permission check. It handle 2 types of abilities (route ability and field ability). Installation ------------ [](#installation) 1. Require it with Composer ``` composer require riteshjha/laravel-permission ``` 2. You can publish the migrations, views, assets and the config file with: ``` php artisan vendor:publish --provider="Rkj\Permission\PermissionServiceProvider" ``` 3. Add the service provider in your config/app.php file: ``` 'providers' => [ // ... Rkj\Permission\PermissionServiceProvider::class, ]; 'aliases' => [ //... 'Permission' => Rkj\Permission\Facades\Permission::class ]; ``` 4. This package publishes a `config/permission.php` file. Check this file and change accourding to your needs for different (Ability, Role and User) model name and other config options. 5. Run migrations: `php artisan migrate` Configuration ------------- [](#configuration) 1. First configure models namesapce in `config/permission.php` 2. Add `UserHasRole` trait to your User model and `RoleHasAbility` to Role model. 3. All model that you want to include in permission should implements `Permissionable` interface and add `HasPermission` trait. Ability ------- [](#ability) Package handle 2 types of ability (route ability and field ability). Package parse Auth route (route which has auth middleware) and store route name as a Route Ability. For field ability, you have to define it in your model like this: ``` class Project extends Model { protected $fieldAbilities = ['cost', 'estimated_cost'] ; //list projects table fields on which you want to apply permission } ``` You can use `Project::allowFieldAbilities(['cost'])` in your seeder to alow default field ability. For details check `PermissionSeeder` in tests. Role and Ability Group ---------------------- [](#role-and-ability-group) Role and Ability is divided in 2 groups (SYSTEM and ACCOUNT). All admin users that mange admin tasks will under SYSTEM group role. All users that signup or login as front end user will under ACCOUNT group. Similarly All ability (route name) which is used for admin interface will be under SYSTEM group and all ability which is used for front-end will be under ACCOUNT group. To disable it change `disableAbilityGroup` to true in config. Sync Ability ------------ [](#sync-ability) ``` php artisan ability:record // if need fresh then add --fresh ``` Admin Interface --------------- [](#admin-interface) There is an admin interface with routes and views for handling ability and permissions. You have to add package routes in your admin route group. ``` Route::group(['middleware' => ['auth'], 'prefix' => 'admin'], function () { Permission::routes(); }); ``` Now you can access permission interface via `admin/permission/roles` routes Note: If you use admin routes prefix other than 'admin' then change `adminRoutePrefix` value in `config/permission.php` Usage ----- [](#usage) Package use laravel gate, so you can use `can('project.create')` in view and `$this->authorize('project.create')` in controller for route ability. And `can('projects::cost')` for field ability in view. Here projects is a table name. For Details check [Tests](https://github.com/riteshjha/laravel-permission/tree/master/tests) #### Create/Update [](#createupdate) When creating or updating record in model then filter data using `filterFieldAccess` method like : ``` $data = Project::filterFieldAccess($data) ``` ### Health Score 39 — LowBetter than 86% of packages Maintenance52 Moderate activity, may be stable Popularity17 Limited adoption so far Community7 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~163 days Recently: every ~338 days Total 10 Last Release 686d ago Major Versions v1.0.3 → v2.0.02020-10-07 v1.0.4 → v2.0.12022-02-14 PHP version history (3 changes)v1.0PHP ^7.2.5 v2.0.0PHP ^7.3 v2.0.1PHP ^7.3|^8.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/6155ce63ba1de33ba73f528fdaf790c10271344b29a64456edf71a10a151a73b?d=identicon)[riteshjha](/maintainers/riteshjha) --- Top Contributors [![riteshjha](https://avatars.githubusercontent.com/u/2950702?v=4)](https://github.com/riteshjha "riteshjha (74 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/riteshjha-laravel-permission/health.svg) ``` [![Health](https://phpackages.com/badges/riteshjha-laravel-permission/health.svg)](https://phpackages.com/packages/riteshjha-laravel-permission) ``` ### Alternatives [lab404/laravel-impersonate Laravel Impersonate is a plugin that allows to you to authenticate as your users. 2.3k16.4M48](/packages/lab404-laravel-impersonate)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[overtrue/laravel-follow User follow unfollow system for Laravel. 1.2k404.7k5](/packages/overtrue-laravel-follow)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)