PHPackages                             yaroslavmolchan/rbac - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. yaroslavmolchan/rbac

AbandonedArchivedLibrary[Authentication &amp; Authorization](/categories/authentication)

yaroslavmolchan/rbac
====================

Simple RBAC/ACL for Laravel 5.5 and more with caching and permission groups.

1.0.3(8y ago)4020.6k12[5 issues](https://github.com/TheMY3/rbac/issues)MITPHPPHP &gt;=5.5.9

Since Oct 25Pushed 5y ago1 watchersCompare

[ Source](https://github.com/TheMY3/rbac)[ Packagist](https://packagist.org/packages/yaroslavmolchan/rbac)[ RSS](/packages/yaroslavmolchan-rbac/feed)WikiDiscussions master Synced today

READMEChangelog (9)Dependencies (1)Versions (14)Used By (0)

Laravel RBAC
============

[](#laravel-rbac)

Simple RBAC/ACL for Laravel 8 and more with caching permissions and permission groups for better convenience.

- [Installation](#installation)
- [Usage](#usage)
    - Roles
        - [Creating Roles](#creating-roles)
        - [Attaching And Detaching Roles](#attaching-and-detaching-roles)
        - [Checking For Roles](#checking-for-roles)
    - Permissions
        - [Creating Permissions](#creating-permissions)
        - [Attaching And Detaching Permissions](#attaching-and-detaching-permissions)
        - [Checking For Permissions](#checking-for-permissions)
    - Permission groups
        - [Creating Permission groups](#creating-permission-groups)
        - [Attaching And Detaching Permissions to Permission group](#attaching-and-detaching-permissions-to-permission-group)
        - [Attaching And Detaching Permission groups to Role](#attaching-and-detaching-permission-groups-to-role)
    - [Protected routes](#protected-routes)
    - [Blade Extensions](#blade-extensions)
- [License](#license)

Installation
------------

[](#installation)

Install this package with composer using the following command:

```
composer require yaroslavmolchan/rbac

```

or you can add to your `composer.json` for Laravel 8.0

```
"require": {
    ...
    "yaroslavmolchan/rbac": "^2.0"
}

```

or if you use Laravel 5.5 use:

```
"require": {
    ...
    "yaroslavmolchan/rbac": "^1.0"
}

```

then run `composer update`.

Add Service Provider to `providers` array in `config/app.php` file.

```
'providers' => [
    ...
    /*
     * Package Service Providers...
     */
    YaroslavMolchan\Rbac\RbacServiceProvider::class,
    ...
],
```

Publish migration files

```
$ php artisan vendor:publish --provider="YaroslavMolchan\Rbac\RbacServiceProvider" --tag=migrations

```

And then run migrations

```
$ php artisan migrate

```

Add middleware to your `app/Http/Kernel.php` file.

```
protected $routeMiddleware = [
    ...
    'role' => \YaroslavMolchan\Rbac\Middleware\CheckRole::class,
    'permission' => \YaroslavMolchan\Rbac\Middleware\CheckPermission::class
];
```

Add Rbac trait to your `User` model

```
use \YaroslavMolchan\Rbac\Traits\Rbac;

class User extends Authenticatable
{
    use Rbac;
    ...

}
```

Usage
-----

[](#usage)

### Roles

[](#roles)

#### Creating roles

[](#creating-roles)

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::create([
    'name' => 'Administrator',
    'slug' => 'admin'
]);

$managerRole = Role::create([
    'name' => 'Manager',
    'slug' => 'manager'
]);
```

#### Attaching And Detaching Roles

[](#attaching-and-detaching-roles)

You can simple attach role to user:

```
use App\User;

$user = User::find(1);
$user->attachRole($adminRole);
//or you can insert only id
$user->attachRole($adminRole->id);
```

And the same if you want to detach role:

```
use App\User;

$user = User::find(1);
$user->detachRole($adminRole);
//or you can insert only id
$user->detachRole($adminRole->id);
```

### Checking for roles

[](#checking-for-roles)

You can simple check if user has role:

```
use App\User;

$user = User::find(1);
if ($user->hasRole('admin')) {

}
```

### Permissions

[](#permissions)

#### Creating permissions

[](#creating-permissions)

```
use \YaroslavMolchan\Rbac\Models\Permission;

$createPermission = Permission::create([
    'name' => 'Create product',
    'slug' => 'product.create'
]);

$removePermission = Permission::create([
    'name' => 'Delete product',
    'slug' => 'product.remove'
]);
```

#### Attaching And Detaching permissions

[](#attaching-and-detaching-permissions)

You can attach permission to role very simple:

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->attachPermission($createPermission);
//or you can insert only id
$adminRole->attachPermission($createPermission->id);
```

And the same to detach permission:

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->detachPermission($createPermission);
//or you can insert only id
$adminRole->detachPermission($createPermission->id);
```

If you want attach or detach array of permissions you can do it:

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->attachPermissions([$createPermission, $removePermission]);
//or you can insert only id
$adminRole->detachPermission([$createPermission->id, $removePermission->id]);
```

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->detachPermissions([$createPermission, $removePermission]);
//or you can insert only id
$adminRole->detachPermissions([$createPermission->id, $removePermission->id]);
```

### Checking for permissions

[](#checking-for-permissions)

You can simple check if user has permission:

```
use App\User;

$user = User::find(1);
if ($user->canDo('product.create')) {

}
```

All permissions for each role store in cache, and when you check for permission - it take information from cache, that`s why its works quickly.

### Permission groups

[](#permission-groups)

Permission groups created for group some permissions in one main group, and then you can attach permission group to role and all permissions in this group attach to this role to. Its very useful thing.

#### Creating permission groups

[](#creating-permission-groups)

```
use \YaroslavMolchan\Rbac\Models\PermissionGroup;

$productManagementPermissionGroup = PermissionGroup::create([
    'name' => 'Product management',
    'module' => 'main' // optional
]);
```

#### Attaching And Detaching Permissions to Permission group

[](#attaching-and-detaching-permissions-to-permission-group)

You can add permission to group very simple:

```
use \YaroslavMolchan\Rbac\Models\Permission;

$createPermission = Permission::find(1);
$productManagementPermissionGroup->attachPermission($createPermission);
//or you can insert only id
$productManagementPermissionGroup->attachPermission($createPermission->id);
```

And the same to remove permission from group:

```
use \YaroslavMolchan\Rbac\Models\Permission;

$createPermission = Permission::find(1);
$productManagementPermissionGroup->detachPermission($createPermission);
//or you can insert only id
$productManagementPermissionGroup->detachPermission($createPermission->id);
```

#### Attaching And Detaching Permission groups to Role

[](#attaching-and-detaching-permission-groups-to-role)

You can attach permission group to role very simple:

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->attachGroup($productManagementPermissionGroup);
```

And the same to detach permission group:

```
use \YaroslavMolchan\Rbac\Models\Role;

$adminRole = Role::find(1);
$adminRole->detachGroup($productManagementPermissionGroup);
```

### Protected routes

[](#protected-routes)

You can easily protect your routes with `role` and `permission` params:

```
Route::get('/admin', [
    'uses' => 'AdminController@index',
    'middleware' => 'role:admin'
]);

Route::get('/products/create', [
    'uses' => 'ProductsController@create',
    'middleware' => 'permission:product.create'
]);
```

### Blade Extensions

[](#blade-extensions)

You can check roles and permissions in Blade like this:

```
@ifUserIs('admin')
    // show content only for admin
@else
    // show content for other roles
@endif

@ifUserCan('product.create')
    // show product create content
@endif
```

License
-------

[](#license)

Laravel RBAC is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT)

###  Health Score

37

—

LowBetter than 81% of packages

Maintenance18

Infrequent updates — may be unmaintained

Popularity37

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity65

Established project with proven stability

 Bus Factor1

Top contributor holds 84.6% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~28 days

Recently: every ~40 days

Total

13

Last Release

3203d ago

Major Versions

0.9.8 → 1.0.02017-04-15

0.9.x-dev → 1.0.22017-09-27

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/9335727?v=4)[MY](/maintainers/TheMY3)[@TheMY3](https://github.com/TheMY3)

---

Top Contributors

[![TheMY3](https://avatars.githubusercontent.com/u/9335727?v=4)](https://github.com/TheMY3 "TheMY3 (11 commits)")[![baorv](https://avatars.githubusercontent.com/u/9483946?v=4)](https://github.com/baorv "baorv (1 commits)")[![harshloco](https://avatars.githubusercontent.com/u/5271603?v=4)](https://github.com/harshloco "harshloco (1 commits)")

---

Tags

aclauthenticationlaravelpermissionsrbacrolessecuritylaravelaclrbac

### Embed Badge

![Health badge](/badges/yaroslavmolchan-rbac/health.svg)

```
[![Health](https://phpackages.com/badges/yaroslavmolchan-rbac/health.svg)](https://phpackages.com/packages/yaroslavmolchan-rbac)
```

###  Alternatives

[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k3.9M129](/packages/bezhansalleh-filament-shield)[hasinhayder/tyro

Tyro - The ultimate Authentication, Authorization, and Role &amp; Privilege Management solution for Laravel 12 &amp; 13

6804.7k6](/packages/hasinhayder-tyro)[casbin/laravel-authz

An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel.

331368.6k4](/packages/casbin-laravel-authz)[hosseinhezami/laravel-permission-manager

Advanced permission manager for Laravel.

383.3k](/packages/hosseinhezami-laravel-permission-manager)[phpzen/laravel-rbac

Role based access control for Laravel 5

383.2k](/packages/phpzen-laravel-rbac)[smart-crowd/laravel-rbac

Laravel RBAC implementation.

151.3k](/packages/smart-crowd-laravel-rbac)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
