Handle roles and permissions in your Laravel application

Overview

Laratrust (Laravel Package)

tests Latest Stable Version Total Downloads StyleCI License

Version Compatibility

Laravel Laratrust
8.x 6.x
7.x 6.x
6.x 6.x
5.6.x - 5.8.x 5.2
5.3.x - 5.5.x 5.1
5.0.x - 5.2.x 4.0.

Installation, Configuration and Usage

To install, configure and learn how to use Laratrust please go to the Documentation.

What does Laratrust support?

  • Multiple user models.
  • Multiple roles and permissions can be attached to users.
  • Multiple permissions can be attached to roles.
  • Roles and permissions verification.
  • Roles and permissions caching.
  • Events when roles and permissions are attached, detached or synced.
  • Multiple roles and permissions can be attached to users within teams.
  • Objects ownership verification.
  • Multiple guards for the middleware.
  • A simple administration panel for roles and permissions.
  • Laravel gates and policies.

License

Laratrust is open-sourced software licensed under the MIT license.

Contributing

Please report any issue you find in the issues page. Pull requests are more than welcome.

Comments
  • Where to create roles and permissions?

    Where to create roles and permissions?

    Hello,

    In your guide, you write

    Let’s start by creating the following Roles and Permissions:

    $owner = new Role();
    $owner->name         = 'owner';
    $owner->display_name = 'Project Owner'; // optional
    $owner->description  = 'User is the owner of a given project'; // optional
    $owner->save();
    
    $admin = new Role();
    $admin->name         = 'admin';
    $admin->display_name = 'User Administrator'; // optional
    $admin->description  = 'User is allowed to manage and edit other users'; // optional
    $admin->save();
    

    Where do I have to do this? I'm a bit confused about it... I made the two models for Role and Permission, but this is not the right place for it, right? Where else? Maybe this is too easy, I don't know, but I don't really get it..

    opened by schuesslerf 34
  • Problems with installation

    Problems with installation

    Hey,

    I am trying to install laratrust and use it in a project.

    What i have done is the following:

    1. added laratrust to the require part of my composer.son "require": { "php": ">=5.6.4", "laravel/framework": "5.3.*", "teepluss/theme": "dev-master", "santigarcor/laratrust": "3.0.*"
    2. I run composer update what managed to download laracast
    3. I added the provider and the alias part

    Provider:

    ` /* * Package Service Providers... */

        'Teepluss\Theme\ThemeServiceProvider',
        Laratrust\LaratrustServiceProvider::class,
    

    `

    Aliases:

    'Lang' => Illuminate\Support\Facades\Lang::class, 'Laratrust' => Laratrust\LaratrustFacade::class, 'Log' => Illuminate\Support\Facades\Log::class,

    1. I wanted to run php artisan vendor:publish which happened not to generate a laratrust.php in my config directory
    2. When I tried to run php artisan laratrust:setup which wasn't execution with following error message:

    [Symfony\Component\Console\Exception\CommandNotFoundException] There are no commands defined in the "laratrust" namespace.

    I have redone the whole installing part twice to check that I didn't read over something. Any ideas how to solve this?

    opened by mo2l 27
  • deleting function inside boot function isn't called when using LaratrustUserTrait

    deleting function inside boot function isn't called when using LaratrustUserTrait

    Inside my User model I have this

    public static function boot()
    {
            parent::boot();
            static::deleting(function ($model) {
                    echo "deleting user <br>";
            });
    }
    

    deleting function isn't call if I use LaratrustUserTrait, is there way to make sure it gets called as I need to do some stuff inside that function.

    opened by nikocraft 18
  • Permissions Completely Stopped?

    Permissions Completely Stopped?

    All permissions throughout the site were working correctly earlier today. I started coding a completely different section, didn't touch anything related to permissions, and now they are blocking access to every area where I had them set. Even in my controllers where I have them part of the middleware are blocked. I have tried changing permissions, roles, even directly gave permission to user, and still nothing. I don't know where to even start debugging.

    Any help would be greatly appreciated.

    I am running latest versions of both Laravel and Laratrust, just downloaded last week.

    Couple things I have tried... auth()->user()->allPermissions() - Returns correct permissions php artisan cache:clear - No change

    opened by dmhall0 17
  • Changing id in role table by role_id

    Changing id in role table by role_id

    Hello, when i change the field id in table roles by role_id i get this error : SQLSTATE[42S22]: Column not found: 1054 Unknown column 'permission_role_table.role_role_id' in 'field list'. Can you help me to resolve this issue?

    opened by ahmedfaical 17
  • Panel - prevent specific roles from being deleted

    Panel - prevent specific roles from being deleted

    • Laravel Version: 7.x
    • Laratrust Version: 6.x

    Suggestion Loving the panel in this release! We currently have our own one that we maintain which is largely similar. The problem is we have some roles that we don't want any one to be able to delete or edit. For example, we have a 'Admin' role that automatically gets attached to all of our permissions that we cannot let anyone delete or edit to disable permissions.

    Something like:

    // config/laratrust.php
    
    return [
        ...
        'panel' => [
            'restricted_roles' => [
                'admin',
            ]
        ],
    ];
    

    We also have another role where we would not like associated users to be editable. I was thinking maybe the above needs to evolve into its own permission based config:

    // config/laratrust.php
    
    return [
        ...
        'panel' => [
            'restricted_roles' => [
                'admin' => [
                     'users' => ['edit' => true],
                     'permissions' => ['edit' => false]
                 ],
                'support' => [
                     'users' => ['edit' => true],
                     'permissions' => ['edit' => true]
                 ],
                'customer' => [
                     'users' => ['edit' => false],
                     'permissions' => ['edit' => false]
                 ], 
            ]
        ],
    ];
    
    opened by dmason30 16
  • User owns + @permission in blade?

    User owns + @permission in blade?

    Say I allow my users to edit their own posts, and any user who has the permission edit-post

    @permission('edit-posts')

    works fine, but will I then have to do this to check for owner?

    @if(\Laratrust::can('edit-posts') || Auth::user()->owns($post))

    That looks ugly. Is there some easier way of doing this in blade?

    opened by alexqhj 16
  • Does laratrust play well with Multi-Auth setup allowed in 5.2+ ?

    Does laratrust play well with Multi-Auth setup allowed in 5.2+ ?

    I am thinking of moving from 5.1 LTS to 5.2 since I have a project that I want to separate my regular users (mainly admins) with Vendors/Suppliers stored in a 2nd table.

    I wont be using groups or permissions on Suppliers but I am wondering if laratrust plays well in a Multi-Auth setup.

    Anyone using laratrust in a Multi-Auth setup to share their experience ?

    opened by unitedworx 16
  • Using with JWT returns unauthenticated (with fix)

    Using with JWT returns unauthenticated (with fix)

    I'm using Laratrust together with JWT Auth and I couldn't get it working on my route middleware. It kept return unauthenticated everytime. I have now fixed this as follows:

    Adding: $user = \JWTAuth::parseToken()->authenticate(); to LaratrustRole.php on line 42

    It all works fine now, but I'm wondering if this is the correct implementation (I guess not since editing a core file in your package). Can anyone point out how this should be done?

    opened by ixperiencenl 14
  • Does any one knows if this project is working with laravel 5.4??

    Does any one knows if this project is working with laravel 5.4??

    i tested everything fine except for the permissions nothing is working in this case @permission @endpermission if($user->can('create-user') stuff like that

    opened by reiter777 14
  • SQL Error on Roles Sync or Attach

    SQL Error on Roles Sync or Attach

    I get the following error when syncing or attaching roles: SQLSTATE[HY000]: General error: 1364 Field 'user_type' doesn't have a default value (SQL: insert into `role_user` (`role_id`, `user_id`) values (2, 68))

    I modified my laratrust_setup_tables.php migration file, changing line 27 from $table->string('user_type'); to $table->string('user_type')->default('App\User');

    as well as changing line 61 from $table->string('user_type'); to $table->string('user_type')->default('App\User');

    Did I miss something during setup?

    opened by too-gee 13
  • Hardcoding roles and permissions

    Hardcoding roles and permissions

    Hi all

    I'm dealing with a multi-db multi-tenant app. Roles and permissions are the same for all tenants. Each tenant's admin will only be able to assign one or more preset roles to users.

    It's not really practical to manage things via the database- re-seeding to 1000s of dbs each time I make a change will be a headache.

    Is there any way to hardcode roles and permissions and still use all the other features of the package?

    Thanks!

    opened by binaryfire 0
  • Permissions in Laratrust panel don't acknowledge teams

    Permissions in Laratrust panel don't acknowledge teams

    • Laravel Version: 9.31
    • Laratrust Version: 7.1

    Describe the bug If you have teams enabled, the built-in Laratrust panel has no way of selecting a team for the permissions to apply to.

    To Reproduce Assign a permission to a user + team.

    On the Roles & Permissions assignment page, edit the user.

    The panel shows all permissions assigned to the user, regardless of team_id column, and when saving it will duplicate all permissions again to that user with a null team id.

    What I expect to happen I expect that if teams are enabled, that for each user you can select Global (null team id), or select per team to assign permissions.

    Apologies if I have mis understood the working of this package, but I believe this is the correct behaviour (and the panel is wrong). I'd love to not have to recreate the wheel!

    opened by sparxooo 0
  • Wrong phpdoc param type for function hasPermission()

    Wrong phpdoc param type for function hasPermission()

    I'm using Larastan (PHP Stan) to scan the code for bugs and typos. The function hasPermission($permission, $team = null, $requireAll = false) accepts int in the $team variable handled by the helper 'getIdFor' but the phpdoc does not mention it and reports as error on phpstan.

    Error: Parameter #2 $team of method App\Models\User::hasPermission() expects bool|string|null, int given.

    The code is working, it's just a false positive report.

    https://github.com/santigarcor/laratrust/blob/8a18c70bb1ced09baed361b68c432b0bedb74f16/src/Traits/LaratrustUserTrait.php#L227

    opened by lucasjose501 0
  • Seeder Roles & Permissions Descriptions

    Seeder Roles & Permissions Descriptions

    First, amazing product. Absolutely love it! Second, let me apologize if this is not the right place for this type of request...

    I am using latest version of both Laravel and Laratrust.

    I want to customize the descriptions for both the roles and permissions; but I see in the LaratrustSeeder file these db table fields are just populated with the display_name of each. How can I change this in the LaratrustSeeder file and/or config/laratrust_seeder file?

    Thanks for your help!

    opened by dmhall0 0
Releases(7.1.0)
  • 7.1.0(Mar 4, 2022)

  • 7.0.0(Feb 17, 2022)

  • 6.4.0(Feb 9, 2022)

  • 6.3.2(Mar 3, 2021)

  • 6.3.0(Oct 17, 2020)

    Fix

    • #381

    Change

    • Publish the seeder configuration as a separate resource
    • Seeder rework

    Add

    • permissionsTeams relationship and allTeams method
    • Teams scope for allPermissions method
    Source code(tar.gz)
    Source code(zip)
  • 6.2.2(Sep 15, 2020)

  • 6.2.0(Sep 8, 2020)

    Add

    • Support for Laravel 8.x.
    • Possibility to get specific columns from the allPermissions method. (4321da77393bdbc21a7cf791578da3c243921c38)
    • Order roles and permissions in the assignment view by name. (674da2c99d93ab91e404a6d61dfceb6a32fe458f)
    Source code(tar.gz)
    Source code(zip)
  • 6.1.1(Jul 10, 2020)

    • Change how the seeder creates permissions names.
    • Add env variable usage to enable/disable cache.
    • Use ::class syntax in the config file by default.
    Source code(tar.gz)
    Source code(zip)
  • 6.1.0(May 29, 2020)

    Add roles restrictions in the admin panel

    This release enables the possibility to add restriction to roles in the admin panel. Now you can define which roles shouldn't be editable, removable or deletable in the admin panel.

    In order to use this feature if you installed the 6.0 version you simply have to add this to the panel section in your config/laratrust.php file:

    
           /*
            |--------------------------------------------------------------------------
            | Add restriction to roles in the panel
            |--------------------------------------------------------------------------
            |
            | Configure which roles can not be editable, deletable and removable.
            | To add a role to the restriction, use name of the role here.
            |
            */
            'roles_restrictions' => [
                // The user won't be able to remove roles already assigend to users.
                'not_removable' => [],
    
                // The user won't be able to edit the role and the permissions assigned.
                'not_editable' => [],
    
                // The user won't be able to delete the role.
                'not_deletable' => [],
            ],
    
    Source code(tar.gz)
    Source code(zip)
  • 6.0.0(May 6, 2020)

    • Add simple admin panel to manage roles, permissions and roles/permissions assignment to the users
    • Change how the Seeder works, in order to only use the role structure we had before
    • Remove the can method so we now support gates and policies out of the box
    • Add withoutRole and withoutPermission scopes
    • Add support to receive multiple roles and permisions in the whereRoleIs and wherePermissionIs methods.
    • Laratrust is now using semver.
    Source code(tar.gz)
    Source code(zip)
  • 5.2.7(Feb 19, 2020)

  • 5.2.6(Nov 8, 2019)

  • 5.2.5(Oct 22, 2019)

  • 5.2.2(May 15, 2019)

  • 5.2.1(Apr 17, 2019)

  • 5.1.0(Jan 31, 2019)

    • Add two types of permissions/roles checkers, the default one we have always used and another one directly doing queries to the DB.
    • Add possibility to flash data to the session if the middleware fails.
    • Add orWherePermissionIs method.
    • Added cache to configuration file.
    Source code(tar.gz)
    Source code(zip)
  • 5.0.0(Oct 3, 2017)

    Added

    • Added syncRolesWithoutDetaching and syncPermissionsWithoutDetaching methods. (#177)
    • Added strict option when checking teams. (#187)
    • Added option to set the guard in the middlewares(#186, 717cdfceca50bd7db4a301ece68da9d629701644)
    • Added middleware auto registering. (4f128e63efaaa951f455baa59953d220ef0425d8)
    • Added a helper class. (ea513a6134df4586692f1c829326afffe9061119)
    • Added Laravel like event system. (#151, 6342410b4118fdf04591e4ae3d2e1dec9b1f9b85, 2c0ee365798315f5d85eb319d41800dcecfd1361)
    • Added option to use Laravel's cache or not. (#201, 227c89d83b3c19d19536727da48e2318c604fafc)

    Changed

    • Changed the Ownable interface to receive the owner in the ownerKey method in case the owner key check changes depending of the type of the owner. (b68e9ea31e06608837599d1fa009aa4f6ae5d425)
    • Changed the commands 'fire' method to 'handle' in order to work properly in Laravel 5.5. (#172)
    • Use Laravel standard for enable and disable foreign key checks. (#190)
    • Changed the folder structure. (ccf7b81fd19e88341a12baa7754c69efc9de6579)
    • Changed the unit tests to an integration tests approach. (bd0b66472f950e5e9f7b920364eb77bd1e03ec00)
    Source code(tar.gz)
    Source code(zip)
  • 4.0.4(Sep 5, 2017)

  • 4.0.3(Jul 26, 2017)

  • 4.0.0(Jun 28, 2017)

    Added

    • Added optional teams feature to the roles and permissions workflow.
    • Added allPermissions method to the LaratrustUserTrait.
    • Added required_all option to the middlewares.
    • Can pass a pipe separated string when checking roles and permissions.
    • Added wherePermissionIs query scope to the LaratrustUserTrait.
    • Added magic method to check permissions with can (e.g. $user->canManageUsers())
    • Added automatic package discovery for Laravel 5.5.

    Changed

    • Changed minimum Laravel version to 5.2.
    • Changed the laratrust.php file structure.
    Source code(tar.gz)
    Source code(zip)
  • 3.2.0(Feb 24, 2017)

    • Added support to multiple user models.
    • Added hasPermission and isAbleTo methods.
    • Changed the internal calls of the can method to the hasPermission method.
    • Minimum Laravel version is 5.1.
    • Removed the route filters funtionality since it was only working in Laravel 5.0.
    Source code(tar.gz)
    Source code(zip)
  • 3.1.3(Feb 17, 2017)

    • New Ownable interface.
    • New canAndOwns and hasRoleAndOwns methods.

    With this release you can check easily if a user can/has role and owns an object. If the ownership is resolved with a complex logic you can do it by using the Ownable interface.

    Source code(tar.gz)
    Source code(zip)
  • 3.1.0(Feb 10, 2017)

  • 3.0.5(Sep 24, 2016)

  • 3.0.3(Aug 29, 2016)

Owner
Santiago García
Santiago García
Tech-Admin is Laravel + Bootstrap Admin Panel With User Management And Access Control based on Roles and Permissions.

Tech-Admin | Laravel 8 + Bootstrap 4 Tech-Admin is Admin Panel With Preset of Roles, Permissions, ACL, User Management, Profile Management. Features M

TechTool India 37 Nov 9, 2022
Powerful package for handling roles and permissions in Laravel 5

Roles And Permissions For Laravel 5 Powerful package for handling roles and permissions in Laravel 5 (5.1 and also 5.0). Installation Composer Service

Roman Bičan 1.2k Nov 13, 2022
Laravel Roles and Permissions

Introduction to Laravel Roles and Permission App Starter Kit Roles and sanctions are a paramount part of many web applications. In project, we have op

Brian Kiprono Koech 1 Nov 1, 2021
A Powerful package for handling roles and permissions in Laravel with GUI.

Laravel Roles A Powerful package for handling roles and permissions in Laravel. Supports Laravel 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 6.0, 7.0, and 8.0+. Tab

Jeremy Kenedy 820 Nov 28, 2022
This is a lightweight package that allows you assign roles and permissions to any Laravel model, or on a pivot table (many to many relationship).

Simple Laravel roles and permissions Introduction This package allows you to assign roles and permissions to any laravel model, or on a pivot table (m

null 52 Nov 10, 2022
Roles & Permissions for Laravel 8 / 7 / 6 / 5

Defender Defender is an Access Control List (ACL) Solution for Laravel 5 / 6 / 7 (single auth). (Not compatible with multi-auth) With security and usa

Artesãos 436 Oct 26, 2022
Laravel Users (Roles & Permissions, Devices, Password Hashing, Password History).

LARAVEL USERS Roles & Permissions Devices Password Hashing Password History Documentation You can find the detailed documentation here in Laravel User

Pharaonic 7 Sep 12, 2022
Associate users with roles and permissions

Associate users with permissions and roles Sponsor If you want to quickly add authentication and authorization to Laravel projects, feel free to check

Spatie 10.9k Dec 1, 2022
Manage authorization with granular role-based permissions in your Laravel Apps.

Governor For Laravel Manage authorization with granular role-based permissions in your Laravel apps. Goal Provide a simple method of managing ACL in a

GeneaLabs, LLC 147 Jul 25, 2022
Eloquent roles and abilities.

Bouncer Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. Table of Contents Click

Joseph Silber 3.2k Dec 2, 2022
Proyecto para aprender a utilizar privilegios (roles y permisos) con CRUDBooster

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Informática DP 3 May 9, 2022
This package helps you to associate users with permissions and permission groups with laravel framework

Laravel ACL This package allows you to manage user permissions and groups in a database, and is compatible with Laravel v5.8 or higher. Please check t

Mateus Junges 532 Nov 10, 2022
PHP package built for Laravel 5.* to easily handle a user email verification and validate the email

jrean/laravel-user-verification is a PHP package built for Laravel 5.* & 6.* & 7.* & 8.* to easily handle a user verification and validate the e-mail.

Jean Ragouin 797 Nov 25, 2022
Role-based Permissions for Laravel 5

ENTRUST (Laravel 5 Package) Entrust is a succinct and flexible way to add Role-based Permissions to Laravel 5. If you are looking for the Laravel 4 ve

Zizaco 6.1k Dec 1, 2022
Light-weight role-based permissions system for Laravel 6+ built in Auth system.

Kodeine/Laravel-ACL Laravel ACL adds role based permissions to built in Auth System of Laravel 8.0+. ACL middleware protects routes and even crud cont

Kodeine 780 Nov 23, 2022
PermissionsMakr is a Laravel package that will help any developer to easily manage the system's users permissions

PermissionsMakr is a Laravel package that will help any developer to easily manage the system's users permissions

Alvarium Digital 3 Nov 30, 2021
Laravel mongodb permissions

Laravel mongodb permissions

null 4 May 10, 2022
PHP Client and Router Library for Autobahn and WAMP (Web Application Messaging Protocol) for Real-Time Application Messaging

Thruway is an open source client and router implementation of WAMP (Web Application Messaging Protocol), for PHP. Thruway uses an event-driven, non-blocking I/O model (reactphp), perfect for modern real-time applications.

Voryx 661 Nov 14, 2022
Open source social sign on PHP Library. HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.

Hybridauth 3.7.1 Hybridauth enables developers to easily build social applications and tools to engage websites visitors and customers on a social lev

hybridauth 3.3k Nov 28, 2022