Handle roles and permissions in your Laravel application

Last update: Jun 25, 2022

Laratrust (Laravel Package)

tests Latest Stable Version Total Downloads StyleCI License

Version Compatibility

Laravel Laratrust
8.x 6.x
7.x 6.x
6.x 6.x
5.6.x - 5.8.x 5.2
5.3.x - 5.5.x 5.1
5.0.x - 5.2.x 4.0.

Installation, Configuration and Usage

To install, configure and learn how to use Laratrust please go to the Documentation.

What does Laratrust support?

  • Multiple user models.
  • Multiple roles and permissions can be attached to users.
  • Multiple permissions can be attached to roles.
  • Roles and permissions verification.
  • Roles and permissions caching.
  • Events when roles and permissions are attached, detached or synced.
  • Multiple roles and permissions can be attached to users within teams.
  • Objects ownership verification.
  • Multiple guards for the middleware.
  • A simple administration panel for roles and permissions.
  • Laravel gates and policies.

License

Laratrust is open-sourced software licensed under the MIT license.

Contributing

Please report any issue you find in the issues page. Pull requests are more than welcome.

GitHub

https://github.com/santigarcor/laratrust
Comments
  • 1. Where to create roles and permissions?

    Hello,

    In your guide, you write

    Let’s start by creating the following Roles and Permissions:

    $owner = new Role();
    $owner->name         = 'owner';
    $owner->display_name = 'Project Owner'; // optional
    $owner->description  = 'User is the owner of a given project'; // optional
    $owner->save();
    
    $admin = new Role();
    $admin->name         = 'admin';
    $admin->display_name = 'User Administrator'; // optional
    $admin->description  = 'User is allowed to manage and edit other users'; // optional
    $admin->save();
    

    Where do I have to do this? I'm a bit confused about it... I made the two models for Role and Permission, but this is not the right place for it, right? Where else? Maybe this is too easy, I don't know, but I don't really get it..

    Reviewed by schuesslerf at 2016-10-28 11:42
  • 2. Problems with installation

    Hey,

    I am trying to install laratrust and use it in a project.

    What i have done is the following:

    1. added laratrust to the require part of my composer.son "require": { "php": ">=5.6.4", "laravel/framework": "5.3.*", "teepluss/theme": "dev-master", "santigarcor/laratrust": "3.0.*"
    2. I run composer update what managed to download laracast
    3. I added the provider and the alias part

    Provider:

    ` /* * Package Service Providers... */

        'Teepluss\Theme\ThemeServiceProvider',
        Laratrust\LaratrustServiceProvider::class,
    

    `

    Aliases:

    'Lang' => Illuminate\Support\Facades\Lang::class, 'Laratrust' => Laratrust\LaratrustFacade::class, 'Log' => Illuminate\Support\Facades\Log::class,

    1. I wanted to run php artisan vendor:publish which happened not to generate a laratrust.php in my config directory
    2. When I tried to run php artisan laratrust:setup which wasn't execution with following error message:

    [Symfony\Component\Console\Exception\CommandNotFoundException] There are no commands defined in the "laratrust" namespace.

    I have redone the whole installing part twice to check that I didn't read over something. Any ideas how to solve this?

    Reviewed by mo2l at 2016-09-20 12:40
  • 3. deleting function inside boot function isn't called when using LaratrustUserTrait

    Inside my User model I have this

    public static function boot()
    {
            parent::boot();
            static::deleting(function ($model) {
                    echo "deleting user <br>";
            });
    }
    

    deleting function isn't call if I use LaratrustUserTrait, is there way to make sure it gets called as I need to do some stuff inside that function.

    Reviewed by nikocraft at 2016-09-26 14:12
  • 4. Permissions Completely Stopped?

    All permissions throughout the site were working correctly earlier today. I started coding a completely different section, didn't touch anything related to permissions, and now they are blocking access to every area where I had them set. Even in my controllers where I have them part of the middleware are blocked. I have tried changing permissions, roles, even directly gave permission to user, and still nothing. I don't know where to even start debugging.

    Any help would be greatly appreciated.

    I am running latest versions of both Laravel and Laratrust, just downloaded last week.

    Couple things I have tried... auth()->user()->allPermissions() - Returns correct permissions php artisan cache:clear - No change

    Reviewed by dmhall0 at 2020-07-06 23:50
  • 5. Changing id in role table by role_id

    Hello, when i change the field id in table roles by role_id i get this error : SQLSTATE[42S22]: Column not found: 1054 Unknown column 'permission_role_table.role_role_id' in 'field list'. Can you help me to resolve this issue?

    Reviewed by ahmedfaical at 2017-06-13 14:49
  • 6. Panel - prevent specific roles from being deleted

    • Laravel Version: 7.x
    • Laratrust Version: 6.x

    Suggestion Loving the panel in this release! We currently have our own one that we maintain which is largely similar. The problem is we have some roles that we don't want any one to be able to delete or edit. For example, we have a 'Admin' role that automatically gets attached to all of our permissions that we cannot let anyone delete or edit to disable permissions.

    Something like:

    // config/laratrust.php
    
    return [
        ...
        'panel' => [
            'restricted_roles' => [
                'admin',
            ]
        ],
    ];
    

    We also have another role where we would not like associated users to be editable. I was thinking maybe the above needs to evolve into its own permission based config:

    // config/laratrust.php
    
    return [
        ...
        'panel' => [
            'restricted_roles' => [
                'admin' => [
                     'users' => ['edit' => true],
                     'permissions' => ['edit' => false]
                 ],
                'support' => [
                     'users' => ['edit' => true],
                     'permissions' => ['edit' => true]
                 ],
                'customer' => [
                     'users' => ['edit' => false],
                     'permissions' => ['edit' => false]
                 ], 
            ]
        ],
    ];
    
    Reviewed by dmason30 at 2020-05-07 14:25
  • 7. User owns + @permission in blade?

    Say I allow my users to edit their own posts, and any user who has the permission edit-post

    @permission('edit-posts')

    works fine, but will I then have to do this to check for owner?

    @if(\Laratrust::can('edit-posts') || Auth::user()->owns($post))

    That looks ugly. Is there some easier way of doing this in blade?

    Reviewed by alexqhj at 2017-02-13 01:42
  • 8. Does laratrust play well with Multi-Auth setup allowed in 5.2+ ?

    I am thinking of moving from 5.1 LTS to 5.2 since I have a project that I want to separate my regular users (mainly admins) with Vendors/Suppliers stored in a 2nd table.

    I wont be using groups or permissions on Suppliers but I am wondering if laratrust plays well in a Multi-Auth setup.

    Anyone using laratrust in a Multi-Auth setup to share their experience ?

    Reviewed by unitedworx at 2016-12-04 19:44
  • 9. Using with JWT returns unauthenticated (with fix)

    I'm using Laratrust together with JWT Auth and I couldn't get it working on my route middleware. It kept return unauthenticated everytime. I have now fixed this as follows:

    Adding: $user = \JWTAuth::parseToken()->authenticate(); to LaratrustRole.php on line 42

    It all works fine now, but I'm wondering if this is the correct implementation (I guess not since editing a core file in your package). Can anyone point out how this should be done?

    Reviewed by ixperiencenl at 2017-05-28 13:12
  • 10. Does any one knows if this project is working with laravel 5.4??

    i tested everything fine except for the permissions nothing is working in this case @permission @endpermission if($user->can('create-user') stuff like that

    Reviewed by reiter777 at 2017-02-03 20:51
  • 11. SQL Error on Roles Sync or Attach

    I get the following error when syncing or attaching roles: SQLSTATE[HY000]: General error: 1364 Field 'user_type' doesn't have a default value (SQL: insert into `role_user` (`role_id`, `user_id`) values (2, 68))

    I modified my laratrust_setup_tables.php migration file, changing line 27 from $table->string('user_type'); to $table->string('user_type')->default('App\User');

    as well as changing line 61 from $table->string('user_type'); to $table->string('user_type')->default('App\User');

    Did I miss something during setup?

    Reviewed by TeejMonster at 2017-04-12 04:56
  • 12. Sub Domain Route

    Hello The package is very good There is only one problem I want to move admin panel routes to my subdomain in Laravel but I can not It would be much better if it was like the auth section (Auth :: routes) adding routes

    Reviewed by ahr1384 at 2022-05-14 14:41
  • 13. Empty Query Results for Roles when using Teams

    • Laravel Version: 9,0
    • Laratrust Version: 7.0.0

    Describe the bug When attempting to get all users in a team and list out the users role for that team, laratrust is not providing any output.

    To Reproduce Some of the code snippets I have used are: $users = User::whereRoleIs($roles->pluck('name')->toArray(), $team)->get(); dump($user->allPermissions());

    The 2 above, provide the following output: ^ Illuminate\Database\Eloquent\Collection {[#1330 ▼]() #items: [] #escapeWhenCastingToString: false }

    Dumping users information does not show any pivot relationships either. It is as if the pivot relationship to query is not working in the models. I've checked the models to make sure the traits are in place.

    Reviewed by yusofy at 2022-02-22 03:05
  • 14. Add support for custom checker classes. Introducing LaratrustUserCheckerInterface, LaratrustRoleCheckerInterface

    Non breaking change, when developers are using the default checkers. If someone's not, then config needs to be adjusted:

    'checker' => 'default' split into two parts

    1. 'user_checker' => 'default'
    2. 'role_checker' => 'default'

    To set a custom checker for a User entity you have to use a fully qualified class name eg: 'user_checker' => \App\Checkers\MyCustomUserChecker::class And the checkers have to implement LaratrustUserCheckerInterface or LaratrustRoleCheckerInterface which contains all functions from the abstract checkers.

    Reviewed by zambodaniel at 2021-12-09 12:21
Tech-Admin is Laravel + Bootstrap Admin Panel With User Management And Access Control based on Roles and Permissions.
Tech-Admin is Laravel + Bootstrap Admin Panel With User Management And Access Control based on Roles and Permissions.

Tech-Admin | Laravel 8 + Bootstrap 4 Tech-Admin is Admin Panel With Preset of Roles, Permissions, ACL, User Management, Profile Management. Features M

Jun 18, 2022
Powerful package for handling roles and permissions in Laravel 5

Roles And Permissions For Laravel 5 Powerful package for handling roles and permissions in Laravel 5 (5.1 and also 5.0). Installation Composer Service

Jun 17, 2022
Laravel Roles and Permissions

Introduction to Laravel Roles and Permission App Starter Kit Roles and sanctions are a paramount part of many web applications. In project, we have op

Nov 1, 2021
A Powerful package for handling roles and permissions in Laravel with GUI.
A Powerful package for handling roles and permissions in Laravel with GUI.

Laravel Roles A Powerful package for handling roles and permissions in Laravel. Supports Laravel 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 6.0, 7.0, and 8.0+. Tab

Jun 27, 2022
This is a lightweight package that allows you assign roles and permissions to any Laravel model, or on a pivot table (many to many relationship).
This is a lightweight package that allows you assign roles and permissions to any Laravel model, or on a pivot table (many to many relationship).

Simple Laravel roles and permissions Introduction This package allows you to assign roles and permissions to any laravel model, or on a pivot table (m

May 25, 2022
Roles & Permissions for Laravel 8 / 7 / 6 / 5

Defender Defender is an Access Control List (ACL) Solution for Laravel 5 / 6 / 7 (single auth). (Not compatible with multi-auth) With security and usa

Apr 28, 2022
Laravel Users (Roles & Permissions, Devices, Password Hashing, Password History).
Laravel Users (Roles & Permissions, Devices, Password Hashing, Password History).

LARAVEL USERS Roles & Permissions Devices Password Hashing Password History Documentation You can find the detailed documentation here in Laravel User

Apr 20, 2022
Associate users with roles and permissions
Associate users with roles and permissions

Associate users with permissions and roles Sponsor If you want to quickly add authentication and authorization to Laravel projects, feel free to check

Jul 3, 2022
Manage authorization with granular role-based permissions in your Laravel Apps.
Manage authorization with granular role-based permissions in your Laravel Apps.

Governor For Laravel Manage authorization with granular role-based permissions in your Laravel apps. Goal Provide a simple method of managing ACL in a

May 30, 2022
Eloquent roles and abilities.
Eloquent roles and abilities.

Bouncer Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. Table of Contents Click

Jun 26, 2022
This package helps you to associate users with permissions and permission groups with laravel framework
This package helps you to associate users with permissions and permission groups with laravel framework

Laravel ACL This package allows you to manage user permissions and groups in a database, and is compatible with Laravel v5.8 or higher. Please check t

Jun 28, 2022
Proyecto para aprender a utilizar privilegios (roles y permisos) con CRUDBooster

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

May 9, 2022
PHP package built for Laravel 5.* to easily handle a user email verification and validate the email

jrean/laravel-user-verification is a PHP package built for Laravel 5.* & 6.* & 7.* & 8.* to easily handle a user verification and validate the e-mail.

Jun 20, 2022
Role-based Permissions for Laravel 5

ENTRUST (Laravel 5 Package) Entrust is a succinct and flexible way to add Role-based Permissions to Laravel 5. If you are looking for the Laravel 4 ve

Jun 22, 2022
Light-weight role-based permissions system for Laravel 6+ built in Auth system.

Kodeine/Laravel-ACL Laravel ACL adds role based permissions to built in Auth System of Laravel 8.0+. ACL middleware protects routes and even crud cont

Jun 17, 2022
PermissionsMakr is a Laravel package that will help any developer to easily manage the system's users permissions

PermissionsMakr is a Laravel package that will help any developer to easily manage the system's users permissions

Nov 30, 2021
Laravel mongodb permissions

Laravel mongodb permissions

May 10, 2022
PHP Client and Router Library for Autobahn and WAMP (Web Application Messaging Protocol) for Real-Time Application Messaging

Thruway is an open source client and router implementation of WAMP (Web Application Messaging Protocol), for PHP. Thruway uses an event-driven, non-blocking I/O model (reactphp), perfect for modern real-time applications.

Jun 7, 2022
Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.

Hybridauth 3.7.1 Hybridauth enables developers to easily build social applications and tools to engage websites visitors and customers on a social lev

Jun 24, 2022