Download the PHP package sowailem/fieldguard without Composer
On this page you can find all versions of the php package sowailem/fieldguard. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download sowailem/fieldguard
More information about sowailem/fieldguard
Files in sowailem/fieldguard
Package fieldguard
Short Description FieldGuard is a Laravel package that enforces field-level security on Eloquent models, allowing fine-grained control over who can view or modify specific attributes—perfect for role-based data protection without altering your core models.
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package fieldguard
FieldGuard
FieldGuard is a lightweight, non-intrusive Laravel package for field-level security on Eloquent models. It allows you to control which users can view or modify specific attributes using dynamic, database-driven rules.
Features
- Database-Driven Rules: Create and manage security rules in the database for runtime configuration.
- Non-Intrusive: No traits, base classes, or attributes required for your models.
- Automatic Enforcement: Optionally enforce security via model events (
retrieved,saving) without any code changes. - Read & Write Protection: Separate rules for viewing and updating fields.
- Data Masking: Automatically mask sensitive fields (e.g.,
***-***-***). - Middleware Integration: Automatically filter unauthorized fields from incoming requests.
- Caching: Performance-optimized with Laravel cache support for database rules.
- No-Code Friendly: Centralized control without altering your core models.
Installation
Run the migrations to create the rules table:
Usage
1. Creating Security Rules
All field-level permissions are managed through the field_guard_rules table. You can use the FieldGuardRule model to create rules.
Rule Structure
model_class: Fully qualified class name of the Eloquent model.field_name: The name of the attribute to secure.read_policy: (Optional) Permission for viewing the field. Can be a string or JSON object.write_policy: (Optional) Permission for creating or updating the field. Can be a string or JSON object.mask: (Optional) Value to return ifreadpermission is denied (instead of removing the field).is_active: Boolean to enable/disable the rule (defaults to true).
Policy Types
Policies can be:
Gate Name: A Laravel Gate name (e.g.,'view-salary').'self': Allows access if the user's ID matches the model's primary key.'role:name': Requires the user to have a specific role (expects ahasRole($role)method on the User model).'true'/'false': Always allow or always deny.JSON Array: For complex logic (e.g.,['roles' => ['admin'], 'allow_self' => true, 'gate' => 'extra-check']).
2. Enforcing Security
Automatic Enforcement (Global)
You can enable automatic enforcement for all models by setting automatic_enforcement to true in your config/fieldguard.php. This uses Eloquent events to filter fields automatically.
- Read: Automatically hides or masks fields when a model is retrieved from the database.
- Write: Automatically prevents unauthorized fields from being saved (reverts to original values).
Manual Enforcement (Read)
Use the FieldGuard facade to filter model attributes. This is useful in controllers or API resources.
API Resource Integration
Automatic Enforcement (Middleware - Write)
Register the middleware in your bootstrap/app.php (Laravel 11+) or app/Http/Kernel.php:
Apply it to routes to filter request data before it reaches your controller:
The middleware will automatically remove unauthorized fields from $request->all() before they reach your controller logic.
3. Caching
Database rules are cached for performance. By default, they are cached using the tag fieldguard:rules (configurable in config/fieldguard.php). When you update rules via the provided FieldGuardRuleRepository, the cache is automatically cleared.
You can also manually clear the cache:
4. Custom Policy Resolvers
If you need custom logic for interpreting database policies (e.g., integrating with a specific RBAC system), implement the PolicyResolver interface and register it in config/fieldguard.php.
Register it in config/fieldguard.php:
5. Seeding Initial Rules
The package includes a seeder example to help you bootstrap rules. You can publish and run the seeder or use the provided example:
6. Administrative API
FieldGuard comes with built-in RESTful API endpoints for managing security rules.
GET /field-guard/rules– List all rules (supports pagination and filtering)POST /field-guard/rules– Create a new ruleGET /field-guard/rules/{id}– View a specific rulePUT/PATCH /field-guard/rules/{id}– Update an existing ruleDELETE /field-guard/rules/{id}– Delete a rule
Configuration
You can customize the API prefix and middleware in config/fieldguard.php:
Authorization
The API uses a gate named manage-field-guard to authorize requests. Ensure you define this gate in your AuthServiceProvider or AppServiceProvider:
Publishing Routes
If you want to customize the routes, you can publish them:
Then disable the automatic loading in config/fieldguard.php and manually register them in your routes/api.php.
Testing
License
The MIT License (MIT). Please see License File for more information.
