Download the PHP package shitoudev/permissionmanager without Composer

Backpack\PermissionManager

An admin interface to easily add/edit/remove users, roles and permissions, using Laravel Backpack. As opposed to some other packages:

• a user can have multiple roles;
• a user can have extra permissions, in addition to the permissions on the roles he has;

Security updates and breaking changes

Please subscribe to the Backpack Newsletter so you can find out about any security updates, breaking changes or major features. We send an email every 1-2 months.

Install

1) In your terminal:

2) Add the service provider to your config/app.php file:

3) Publish the config file & run the migrations

4) Use the following traits on your User model:

5) [Optional] Add a menu item for it in resources/views/vendor/backpack/base/inc/sidebar.blade.php or menu.blade.php:

6) [Optional] Disallow create/update on your roles or permissions after you define them, using the config file in config/backpack/permissionmanager.php. Please note permissions and roles are referenced in code using their name. If you let your admins edit these strings and they do, your permission and role checks will stop working.

API Usage

Because the package requires spatie/laravel-permission, the API will be the same:

Using permissions

A permission can be given to a user:

A permission can be revoked from a user:

You can test if a user has a permission:

Saved permissions will be registered with the Illuminate\Auth\Access\Gate-class. So you can test if a user has a permission with Laravel's default can-function.

Using roles and permissions

A role can be assigned to a user:

A role can be removed from a user:

You can determine if a user has a certain role:

You can also determine if a user has any of a given list of roles:

You can also determine if a user has all of a given list of roles:

The assignRole, hasRole, hasAnyRole, hasAllRoles and removeRole-functions can accept a string, a Role-object or an \Illuminate\Support\Collection-object.

A permission can be given to a role:

You can determine if a role has a certain permission:

A permission can be revoked from a role:

The givePermissionTo and revokePermissionTo-functions can accept a string or a Permission-object.

Saved permission and roles are also registered with the Illuminate\Auth\Access\Gate-class.

Using blade directives

This package also adds Blade directives to verify whether the currently logged in user has all or any of a given list of roles.

You can use Laravels native @can directive to check if a user has a certain permission.

Change log

Please see CHANGELOG for more information what has changed recently.

Screenshots

Testing

Overwriting functionality

If you need to modify how this works in a project:

• create a file; the package will see that, and load your routes file, instead of the one in the package;
• create controllers/models that extend the ones in the package, and use those in your new routes file;
• modify anything you'd like in the new controllers/models;

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Please subscribe to the Backpack Newsletter so you can find out about any security updates, breaking changes or major features. We send an email every 1-2 months.

Credits

• Marius Constantin - Lead Developer
• Cristian Tabacitu - Chief Architect
• All Contributors

License

Backpack is free for non-commercial use and $19/project for commercial use. Please see backpackforlaravel.com for more information.