PHPackages                             tahmid/laravel-acl-manager - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. tahmid/laravel-acl-manager

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

tahmid/laravel-acl-manager
==========================

ACL Manager for Laravel (for appinion internal projects)

1.0.9(1w ago)07MITBladePHP &gt;=8.1

Since May 13Pushed 3mo ago1 watchersCompare

[ Source](https://github.com/tahmidrana/laravel-acl-manager)[ Packagist](https://packagist.org/packages/tahmid/laravel-acl-manager)[ RSS](/packages/tahmid-laravel-acl-manager/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (3)Versions (12)Used By (0)

Laravel ACL Manager Package
===========================

[](#laravel-acl-manager-package)

A complete Role-Based Access Control (RBAC) package for Laravel with an admin panel UI, permission auto-sync, and middleware protection.

Table of Contents
-----------------

[](#table-of-contents)

- [Installation](#installation)
- [Configuration](#configuration)
- [Usage](#usage)
    - [Protecting Routes](#protecting-routes)
    - [Checking Permissions](#checking-permissions)
    - [Blade Directives](#blade-directives)
- [Admin Panel](#admin-panel)
- [Models &amp; Relationships](#models--relationships)
- [API Reference](#api-reference)

---

Installation
------------

[](#installation)

### 1. Install via Composer

[](#1-install-via-composer)

```
composer require tahmid/acl-manager
```

### 2. Publish Assets

[](#2-publish-assets)

```
php artisan vendor:publish --tag=acl-assets
php artisan vendor:publish --tag=acl-config
```

### 3. Run Migrations

[](#3-run-migrations)

```
php artisan migrate
```

This will create the following tables:

- `roles` - Role definitions
- `permissions` - Permission definitions
- `menus` - Menu/navigation definitions
- `role_user` - User-Role pivot table
- `permission_role` - Role-Permission pivot table
- `menu_role` - Role-Menu pivot table

Also modifies `users` table to add `is_superuser` column.

### 4. Update User Model

[](#4-update-user-model)

```
// app/Models/User.php
use Tahmid\AclManager\Traits\AclManagerPermission;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use AclManagerPermission;
    // ...
}
```

---

Configuration
-------------

[](#configuration)

Publish and modify `config/acl.php`:

```
// config/acl.php
return [
    /*
     * Dashboard route - where "Back to Dashboard" links go
     */
    'dashboard_route' => 'dashboard',

    /*
     * Column name in users table that marks superusers
     */
    'superuser_column' => 'is_superuser',

    /*
     * Middleware applied to ACL admin routes
     */
    'middleware' => ['web', 'auth', 'is_superuser'],
];
```

---

Usage
-----

[](#usage)

### Protecting Routes

[](#protecting-routes)

#### Auto-check by Controller Method

[](#auto-check-by-controller-method)

Routes automatically check permissions based on `ControllerName@methodName`:

```
// routes/web.php
Route::middleware('role_permission_check')->group(function () {
    Route::resource('users', UserController::class);
    Route::resource('posts', PostController::class);
});
```

#### Superuser Only Routes

[](#superuser-only-routes)

```
Route::middleware('is_superuser')->group(function () {
    Route::get('/admin-only', [AdminController::class, 'index']);
});
```

### Checking Permissions

[](#checking-permissions)

#### Using Facade

[](#using-facade)

```
use Tahmid\AclManager\Facades\Acl;

// Check if current user has permission (auto checks current user)
if (Acl::can('users.create')) { // permission name or slug as paramenter
    // Allow
}

// Check specific user
if (Acl::can('users.edit', $user)) { // // permission name or slug as paramenter
    // Allow
}

// Check role has permission
if (Acl::roleHasPermission('editor', 'posts.publish')) {// permission name or slug as paramenter
    // Allow
}
```

#### Using User Trait

[](#using-user-trait)

```
// In User model (after adding AclManagerPermission trait)
if ($user->hasPermission('users.delete')) { // permission name or slug as paramenter
    // Allow
}
```

### Getting User Menus

[](#getting-user-menus)

#### Using Facade / Helper Functions

[](#using-facade--helper-functions)

```
// Using Facade
$menus = \Acl::getMenus(); // All menus for current user
$menus = \Acl::getMenus($user); // Specific user

// Using Helper Functions
$menus = acl_menus(); // All menus for current user
$menus = acl_menus($user); // Specific user

// Get hierarchical menu tree (parent -> children)
$menuTree = \Acl::getMenuTree();
$menuTree = acl_menu_tree();
```

#### Using User Trait

[](#using-user-trait-1)

```
// Get menus for authenticated user
$menus = auth()->user()->menus()->get();

// Get hierarchical menu tree
$menuTree = auth()->user()->menuTree();

// Filter by active only (default)
$activeMenus = auth()->user()->menus(true)->get();

// Include inactive menus
$allMenus = auth()->user()->menus(false)->get();
```

#### Example: Building Navigation in Blade

[](#example-building-navigation-in-blade)

```
@php
    $menuTree = acl_menu_tree();
@endphp

@foreach($menuTree as $menu)

            {{ $menu->title }}

        @if($menu->sub_menus->count())

            @foreach($menu->sub_menus as $submenu)

                        {{ $submenu->title }}

            @endforeach

        @endif

@endforeach

```

### Blade Directives

[](#blade-directives)

```
{{-- Using Laravel's @can directive --}}
@can('users.create') // permission name or slug as paramenter
    Create User
@endcan

{{-- Using package's @acl directive --}}
@acl('users.edit') // permission name or slug as paramenter
    Edit
@endacl

{{-- With @else --}}
@acl('users.delete') // permission name or slug as paramenter
    Delete
@else
    No permission
@endacl
```

---

Admin Panel
-----------

[](#admin-panel)

Access the admin panel at `/acl-manager` (requires superuser).

### Features

[](#features)

- **Roles Management** - Create, edit, delete roles
- **Permissions Management** - Auto-sync permissions from controllers, manual creation
- **Menus Management** - Define navigation menus with hierarchy support

### Sync Permissions

[](#sync-permissions)

Visit `/acl-manager/permissions/sync-permissions` to auto-scan all controllers and create permission entries from methods.

### Permission Descriptions

[](#permission-descriptions)

Add descriptions to permissions using PHP 8 attributes:

```
use Tahmid\AclManager\Attributes\PermissionAttr;

class UserController extends Controller
{
    #[PermissionAttr(description: 'Create new user accounts')]
    public function store(Request $request) { }

    #[PermissionAttr(description: 'Delete existing user accounts')]
    public function destroy(User $user) { }
}
```

---

Models &amp; Relationships
--------------------------

[](#models--relationships)

---

API Reference
-------------

[](#api-reference)

### Middleware

[](#middleware)

MiddlewarePurpose`is_superuser`Restrict to superusers only`role_permission_check`Auto-check permission by controller@method### Facade Methods

[](#facade-methods)

MethodParametersDescription`Acl::can($permission, $user)``string, ?User`Check if user can perform action`Acl::hasPermission($permission, $user)``string, ?User`Alias for can()`Acl::roleHasPermission($roleSlug, $permSlug)``string, string`Check if role has permission`Acl::getMenus($user, $activeOnly)``?User, bool`Get menus for user`Acl::getMenuTree($user, $activeOnly)``?User, bool`Get hierarchical menu tree### Helper Functions

[](#helper-functions)

FunctionParametersDescription`acl_menus($user, $activeOnly)``?User, bool`Get menus for user`acl_menu_tree($user, $activeOnly)``?User, bool`Get hierarchical menu tree### User Trait Methods

[](#user-trait-methods)

MethodParametersDescription`$user->hasPermission($slug)``string`Check if user has permission`$user->roles()`-Get user's roles (BelongsToMany)`$user->menus($activeOnly)``bool`Get menus for user (query builder)`$user->menuTree($activeOnly)``bool`Get hierarchical menu tree---

License
-------

[](#license)

MIT License

###  Health Score

40

—

FairBetter than 86% of packages

Maintenance89

Actively maintained with recent releases

Popularity4

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity52

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~45 days

Recently: every ~63 days

Total

10

Last Release

10d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/9109531?v=4)[Tahmidur Rahman](/maintainers/tahmidrana)[@tahmidrana](https://github.com/tahmidrana)

---

Top Contributors

[![tahmidrana](https://avatars.githubusercontent.com/u/9109531?v=4)](https://github.com/tahmidrana "tahmidrana (24 commits)")

### Embed Badge

![Health badge](/badges/tahmid-laravel-acl-manager/health.svg)

```
[![Health](https://phpackages.com/badges/tahmid-laravel-acl-manager/health.svg)](https://phpackages.com/packages/tahmid-laravel-acl-manager)
```

###  Alternatives

[directorytree/ldaprecord-laravel

LDAP Authentication &amp; Management for Laravel.

5752.3M18](/packages/directorytree-ldaprecord-laravel)[illuminate/auth

The Illuminate Auth package.

10528.2M1.2k](/packages/illuminate-auth)[althinect/filament-spatie-roles-permissions

3481.1M10](/packages/althinect-filament-spatie-roles-permissions)[hasinhayder/tyro

Tyro - The ultimate Authentication, Authorization, and Role &amp; Privilege Management solution for Laravel 12 &amp; 13

6804.7k6](/packages/hasinhayder-tyro)[masterix21/laravel-licensing

Laravel licensing package with polymorphic assignment to any model, activation keys, expirations/renewals, and seat control via LicenseUsage. Supports offline verification with public-key–signed tokens, a CLI to generate/rotate/revoke keys, and an extensible architecture via config and contracts.

1563.1k4](/packages/masterix21-laravel-licensing)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
