Download the PHP package metrial/laravel-rbac without Composer

On this page you can find all versions of the php package metrial/laravel-rbac. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of metrial/laravel-rbac

Informations about the package laravel-rbac

Metrial Laravel RBAC

Enterprise-grade Role-Based Access Control for Laravel
Roles · Permissions · Teams · Hierarchy · Time-Bound Assignments · Audit Logging

Latest Version License Tests

Metrial RBAC is a production-ready, drop-in authorization package for Laravel applications. It provides a complete role-based access control system with teams, hierarchical roles, time-bound assignments, and a full audit trail — all without dictating your application's architecture.

Table of Contents

Features

Feature Description
Roles & Permissions Create granular roles and assign fine-grained permissions to them.
Direct Permissions Assign permissions directly to users, bypassing roles.
Teams Scope roles and permissions per team/tenant. Users switch context with switchTeam().
Role Hierarchy Roles inherit from other roles via a DAG closure table — no recursive queries.
Time-Bound Assignments Assign roles or permissions with starts_at / expires_at for temporary access.
Audit Trail Every mutation (assign, revoke, create, delete) is logged with actor, IP, context, and snapshots.
Cache-First Reads Permission resolution is cached with automatic invalidation on mutation. Expiry-safe.
Blade Directives @role, @hasanyrole, @hasallroles, @haspermission built in.
Middleware Route-level rbac.role, rbac.permission, rbac.team middleware.
Gate Integration Auto-registers every permission as a Gate ability. @can, ->can(), ->authorize() all work.
Soft Deletes All mutable entities support soft deletes for history preservation.
Guard-Aware Full multi-guard support (web, api, sanctum, custom).
10 Artisan Commands Install, create, assign, revoke, cache, prune, doctor.
Super-Admin Bypass Optional opt-in super-admin role with fully traceable bypass logging.

Requirements

Requirement Version
PHP ≥ 8.2
Laravel 10.x, 11.x, 12.x, 13.x
Database MySQL 8+, PostgreSQL 14+, SQLite 3.35+

Installation

1. Install via Composer

The package auto-discovers its service provider on Laravel 10+. No manual registration needed.

2. Run the Installer

This publishes the config file, migrations, and scaffolds your User model with the HasRoles and HasPermissions traits.

3. Run Migrations

This creates all 9 RBAC tables: teams, roles, permissions, role_permission, role_hierarchy, model_roles, model_permissions, model_teams, and rbac_audit_log.

4. (Optional) Seed Default Data

This creates 4 default roles (super-admin, admin, editor, viewer) and 9 common permissions.

Quick Start

Configuration

Publish the config file (also done by rbac:install):

Key options in config/rbac.php:

Usage

Roles

Permissions

Assigning & Revoking

Checking Authorization

Teams

Role Hierarchy

Roles can inherit from other roles via a Directed Acyclic Graph (DAG). Permission resolution automatically walks the hierarchy — no recursive queries.

Time-Bound Assignments

Assign roles or permissions with automatic expiry:

Expired/future-dated assignments are completely ignored during resolution. No special filtering needed in your code.

Prune expired rows and bust caches:

Blade Directives

Middleware

Register routes with role, permission, or team checks:

The Gate Layer

When gate_mode = 'auto' (default), every permission in the database is registered as a Gate ability at boot time. This means all standard Laravel authorization patterns work out of the box:

Set gate_mode to 'explicit' in config to disable auto-registration and manually define your Gate abilities.

The Facade

Artisan Commands

Command Description
php artisan rbac:install Scaffold User model, publish config and migrations
php artisan rbac:role:create {name} Create a new role
php artisan rbac:permission:create {name} Create a new permission
php artisan rbac:assign {user} {role} Assign role to user
php artisan rbac:revoke {user} {role} Revoke role from user
php artisan rbac:cache:clear Flush all RBAC caches
php artisan rbac:cache:warm Pre-warm permission cache for all users
php artisan rbac:prune-expired Delete expired assignments and bust affected caches
php artisan rbac:audit:prune {--days=90} Prune old audit log entries
php artisan rbac:doctor Diagnose common misconfigurations

Audit Logging

Every mutation is logged to the rbac_audit_log table:

Column Description
actor_id The authenticated user who performed the action
action Machine-readable action name: role.assigned, permission.given, etc.
entity_type Entity type: role, permission, team
entity_id UUID of the affected entity
old_value JSON snapshot before the change
new_value JSON snapshot after the change
ip_address Request IP (null for CLI/queue context)
user_agent Request UA (null for CLI/queue context)
context http, cli, queue, or api

Caching

Permission resolution is cached by default. Cache keys:

Key Pattern Contains
rbac:{version}:user:{id}:roles Assigned roles for a user
rbac:{version}:user:{id}:permissions All resolved permissions (inherited + direct)
rbac:{version}:user:{id}:team:{teamId}:permissions Team-scoped permission set
rbac:{version}:role:{id}:permissions Permissions on a role

Cache is automatically invalidated on every mutation (assign, revoke, sync). Time-bound cache entries store the expires_at timestamp in the payload and use a shorter TTL near expiry, ensuring expired permissions never linger in cache.

Disable caching during development:

Database Schema

Testing

Or from the host application:

Running the Test Suite

The package test suite uses Orchestra Testbench with an in-memory SQLite database. All models, services, and migrations are tested in isolation.

Security

License

Metrial Laravel RBAC is open-source software licensed under the MIT license.

All versions of laravel-rbac with dependencies

PHP Build Version
Package Version
Requires php Version ^8.2
illuminate/support Version ^10.0|^11.0|^12.0|^13.0
illuminate/database Version ^10.0|^11.0|^12.0|^13.0
illuminate/cache Version ^10.0|^11.0|^12.0|^13.0
illuminate/auth Version ^10.0|^11.0|^12.0|^13.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package metrial/laravel-rbac contains the following files

Loading the files please wait ...