Download the PHP package rohsyl/laravel-acl without Composer

On this page you can find all versions of the php package rohsyl/laravel-acl. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-acl

Laravel-Acl

Latest Stable Version Build Status Total Downloads

This is a package that provide Access Control List for Laravel 6.0|7.0|8.0|9.0.

For Laravel 6.0|7.0|8.0 use v1.

For Laravel 9.0|10.0 use v2.

Getting started

This package can be installed through Composer:

After installation you must perform these steps:

1) Add the service provider in config/app.php file:

2) Publish the laravel-acl config in your app

This step will copy config files in the config folder of your Laravel App.

When it is published you can manage the configuration of larvel-acl through the file in config/acl.php, it contains:

3) Configure acls

laravel-acl provide acls and permissions not only to one model (default App\Models\User) but you can configure many. By default, the acls users that is using the model App\Models\User is used. But you can add more acls if needed.

Exemple :

Each acls have a config file associated. users has config/acl/users.php and contains the following :

3) Configure ACL for users

Optionally, you can enable direct acl on User

To enable this feature, you have to edit model.user.enableAcl it in the config/acl/users.php file and do the following instructions.

If you don't want direct acl on user, you can jump to the next chapter.

3.1) Update the User model

Add the UserAcl trait in your User model.

3.2) Add the acl column in the users table

Create a new migration file to update the users table

And add the new column

By default the name of this column is acl, but you can change it by updating model.user.attributeName in the config/acl/users.php file and in this migration file.

4) Configure ACL for groups

Optionnaly you can enable group acl.

To enable this feature, you have to edit model.user.enableAcl it in the config/acl/users.php file and do the following instructions.

If you don't want direct acl on user, you can jump to the next chapter.

4.1) Set up database tables

To enable the acl for groups, you have to create some more tables or to update your existing tables.

You need a groups table and the pivot table group_user to create the ManyToMany relation. (it's okay if you have different naming)

If you need to create these tables please follow the chapter 4.1.1 else follow the 4.1.2

4.1.1) Create tables

Do not create these tables if you already have similar grouping table with a ManyToMany relation to User.

Create a new migration file to create the groups table

with the following content :

The name of the acl column can be changed by updating model.group.attributeName in the config/acl/users.php file and in this migration file.

Add a new migration file to create the pivot table named group_user

with the following content :

That's all for database table creation.

4.1.2) Update tables

Add the acl column in your grouping table.

Create a new migration file to update your grouping table.

Be sure to have the right name for the table.

And add the new column

By default the name of this column is acl, but you can change it by updating model.group.attributeName in the config/acl/users.php file and in this migration file.

That's all for database table update.

4.2) Update the group model

Add the GroupAcl trait in your Group model. You also need to add the relationship to the User model

4.3) Update the User model

Add the relation into the User model.

If your group table has a different name, it's not a problem. You just have to update model.group.relationship and set this name on the relation function in the the config/acl/users.php file

5) Enjoy !

Everthing is ready, now jump to the documentation section to learn more about laravel-acl.

Documentation

This chapter explain how laravel-acl works and describe the available tools (helpers, middleware, ...).

Define permissions and roles

Permission and roles are managed in a hard coded way in the config/acl/users.php file. This choice was made to simplify the use and to avoid database query as much as possible.

Permissions

You can easly add permissions by adding a new entry in the permissions array in the config/acl/users.php file.

The key is the name of the permission and the value is the identifier

It's mandatory to have the superadmin permission with the identifier set as 0.

You can manage every other permissions the way you want.

Roles

A role is a preset of permissions. You can manage roles with the roles array in the config/acl/users.php file.

The key is the name of the role and the value is the ACL.

ACL

What is the ACL ?

It's a string value that define the permissions of a user or a group.

This value is stored by default in the acl column in the users table and in the group table.

Let's take the following ACL as a exemple.

If we have defined the following permissions.

ACL are red from the right to the left.

What does each digit means ?

But, what are those values "0", "1", "2", "3", "4" on each digit ?

These values define the access level for the given permission

Value CONSTANT Description
"0" ACL_NONE or ACL_DENY no access
"1" ACL_READ or ACL_ALLOW the user (or group) has a read permission to something or is allowed to perform an action
"2" ACL_CREATE the user (or group) has the creation permission
"3" ACL_UPDATE the user (or group) has the update permission
"4" ACL_DELETE the user (or group) has the deletion permission

So, to describe the ACL "1000003410", the user has the following permissions/restrictions :

You know everything about the permissions, roles and ACL. Jump to the next chapter to learn how to grant and revoke permissions

Grant and revoke permissions

To a User

How to give the superadmin permission to a user :

If you don't save, the permission will not persist in the database.

How to give the read access to the group permission to a user :

How to give the delete access to the page permission to a user :

How to grant many permissions at once :

How to revoke a permission :

or you can also grant the ACL_NONE or ACL_DENY level.

How to revoke many permissions:

How to revoke all permissions:

To a group

It works the same way as with the user.

Now that you know how to grant and revoke permissions to a user or a group, you need to learn how to check permissions for a user.

Checking access

This chapter describe every way to check if a user has the permissions to acces pages or perform actions.

Gate

You can use Gate facade provided by laravel.

User model

You can use the Laravel can method of the User to check a permission.

Check if the user can read page :

It will return true if the user is able to read pages else it return false.

Check if the user can edit user in the context of the given group :

It will return true only if the user has the acces granted by the given group else it return false.

It's usefull to manage access to entity that are in relation with a specific group.

Check if the user can update the page in the context of many groups :

The 2nd parameter (groups)" must be a collection Illuminate\Support\Collection.

Middleware

You can use the acl middleware provided by laravel-acl to protect routes or a whole resource directly in the route files (routes/web.php).

Restrict the access to user with a given permission and level

This route will allow the acces only to user who have the user permission with the ACL_READ level.

Restrict the access to user with any of the given permission and level

This route will allow the acces only to user who have the user permission with the ACL_READ level or the group permission with the ACL_READ level.

Blade

It's usefull to be able to hide some buttons in your blade view. To achieve this, you can use some directive provided by Laravel.

The @can blade directive

It's the same as writing

The @cannot blade directive
The @canany blade directive

Helper

Checking permissions

Checking if the user can read page

Retrieve permissions and roles

You can retrieve all permissions with the helper method :

Get permissions for another acls, just pass the acls name in parameter acl_permissions('members')

You can retrieve all roles with the helper method :

Get roles for another acls, just pass the acls name in parameter acl_permissions('members')

The strict option

Sometimes, you will probably want to check if the user have strictly a permission.

What does this mean ?

Exemple:

So when you check if the $user1 have the is_manager permission :

this will return true even if he don't have the is_manager permission because he is superadmin.

It's possible to check permissions with the strict parameter.

this will return false even if the user is superadmin.

this will return true because $user2 have the is_manager permission.


All versions of laravel-acl with dependencies

PHP Build Version
Package Version
Requires php Version >=8.1
illuminate/auth Version ^9.0|^10.0
illuminate/container Version ^9.0|^10.0
illuminate/contracts Version ^9.0|^10.0
illuminate/database Version ^9.0|^10.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package rohsyl/laravel-acl contains the following files

Loading the files please wait ....