Showing preview only (696K chars total). Download the full file or copy to clipboard to get everything.
Repository: spatie/laravel-permission
Branch: main
Commit: c2d537a43aab
Files: 161
Total size: 651.4 KB
Directory structure:
gitextract_mhl3dih5/
├── .editorconfig
├── .gitattributes
├── .github/
│ ├── FUNDING.yml
│ ├── ISSUE_TEMPLATE/
│ │ ├── 1_Bug_report.yml
│ │ └── config.yml
│ ├── dependabot.yml
│ └── workflows/
│ ├── dependabot-auto-merge.yml
│ ├── fix-php-code-style-issues.yml
│ ├── phpstan.yml
│ ├── run-tests.yml
│ ├── test-cache-drivers.yml
│ └── update-changelog.yml
├── .gitignore
├── CHANGELOG.md
├── LICENSE.md
├── README.md
├── art/
│ └── README.md
├── composer.json
├── config/
│ └── permission.php
├── database/
│ └── migrations/
│ ├── add_teams_fields.php.stub
│ └── create_permission_tables.php.stub
├── docs/
│ ├── _index.md
│ ├── about-us.md
│ ├── advanced-usage/
│ │ ├── _index.md
│ │ ├── cache.md
│ │ ├── custom-permission-check.md
│ │ ├── events.md
│ │ ├── exceptions.md
│ │ ├── extending.md
│ │ ├── other.md
│ │ ├── phpstorm.md
│ │ ├── seeding.md
│ │ ├── testing.md
│ │ ├── timestamps.md
│ │ ├── ui-options.md
│ │ └── uuid.md
│ ├── basic-usage/
│ │ ├── _index.md
│ │ ├── artisan.md
│ │ ├── basic-usage.md
│ │ ├── blade-directives.md
│ │ ├── direct-permissions.md
│ │ ├── enums.md
│ │ ├── middleware.md
│ │ ├── multiple-guards.md
│ │ ├── new-app.md
│ │ ├── passport.md
│ │ ├── role-permissions.md
│ │ ├── super-admin.md
│ │ ├── teams-permissions.md
│ │ └── wildcard-permissions.md
│ ├── best-practices/
│ │ ├── _index.md
│ │ ├── performance.md
│ │ ├── roles-vs-permissions.md
│ │ └── using-policies.md
│ ├── changelog.md
│ ├── installation-laravel.md
│ ├── introduction.md
│ ├── prerequisites.md
│ ├── questions-issues.md
│ ├── support-us.md
│ └── upgrading.md
├── ide.json
├── phpstan-baseline.neon
├── phpstan.neon.dist
├── phpunit.xml.dist
├── pint.json
├── resources/
│ └── boost/
│ └── skills/
│ └── laravel-permission-development/
│ └── SKILL.md
├── src/
│ ├── Commands/
│ │ ├── AssignRoleCommand.php
│ │ ├── CacheResetCommand.php
│ │ ├── CreatePermissionCommand.php
│ │ ├── CreateRoleCommand.php
│ │ ├── ShowCommand.php
│ │ └── UpgradeForTeamsCommand.php
│ ├── Contracts/
│ │ ├── Permission.php
│ │ ├── PermissionsTeamResolver.php
│ │ ├── Role.php
│ │ └── Wildcard.php
│ ├── DefaultTeamResolver.php
│ ├── Events/
│ │ ├── PermissionAttachedEvent.php
│ │ ├── PermissionDetachedEvent.php
│ │ ├── RoleAttachedEvent.php
│ │ └── RoleDetachedEvent.php
│ ├── Exceptions/
│ │ ├── GuardDoesNotMatch.php
│ │ ├── PermissionAlreadyExists.php
│ │ ├── PermissionDoesNotExist.php
│ │ ├── RoleAlreadyExists.php
│ │ ├── RoleDoesNotExist.php
│ │ ├── UnauthorizedException.php
│ │ ├── WildcardPermissionInvalidArgument.php
│ │ ├── WildcardPermissionNotImplementsContract.php
│ │ └── WildcardPermissionNotProperlyFormatted.php
│ ├── Guard.php
│ ├── Middleware/
│ │ ├── PermissionMiddleware.php
│ │ ├── RoleMiddleware.php
│ │ └── RoleOrPermissionMiddleware.php
│ ├── Models/
│ │ ├── Permission.php
│ │ └── Role.php
│ ├── PermissionRegistrar.php
│ ├── PermissionServiceProvider.php
│ ├── Traits/
│ │ ├── HasPermissions.php
│ │ ├── HasRoles.php
│ │ └── RefreshesPermissionCache.php
│ ├── WildcardPermission.php
│ └── helpers.php
└── tests/
├── Commands/
│ ├── CommandTest.php
│ └── TeamCommandTest.php
├── Integration/
│ ├── BladeTest.php
│ ├── CacheTest.php
│ ├── CustomGateTest.php
│ ├── GateTest.php
│ ├── MultipleGuardsTest.php
│ ├── PermissionRegistrarTest.php
│ ├── PolicyTest.php
│ ├── RouteTest.php
│ └── WildcardRouteTest.php
├── Middleware/
│ ├── PermissionMiddlewareTest.php
│ ├── RoleMiddlewareTest.php
│ ├── RoleOrPermissionMiddlewareTest.php
│ └── WildcardMiddlewareTest.php
├── Models/
│ ├── PermissionTest.php
│ ├── RoleTest.php
│ ├── RoleWithNestingTest.php
│ └── WildcardRoleTest.php
├── Pest.php
├── TestSupport/
│ ├── ContentPolicy.php
│ ├── TestCase.php
│ ├── TestHelper.php
│ ├── TestModels/
│ │ ├── Admin.php
│ │ ├── Client.php
│ │ ├── Content.php
│ │ ├── Manager.php
│ │ ├── Permission.php
│ │ ├── Role.php
│ │ ├── RuntimeRole.php
│ │ ├── SoftDeletingUser.php
│ │ ├── TestRolePermissionsEnum.php
│ │ ├── User.php
│ │ ├── UserWithoutHasRoles.php
│ │ └── WildcardPermission.php
│ └── resources/
│ └── views/
│ ├── can.blade.php
│ ├── guardHasAllRoles.blade.php
│ ├── guardHasAllRolesArray.blade.php
│ ├── guardHasAllRolesPipe.blade.php
│ ├── guardHasAnyRole.blade.php
│ ├── guardHasAnyRolePipe.blade.php
│ ├── guardHasRole.blade.php
│ ├── guardRole.blade.php
│ ├── guardunlessrole.blade.php
│ ├── hasAllRoles.blade.php
│ ├── hasAnyRole.blade.php
│ ├── hasRole.blade.php
│ ├── haspermission.blade.php
│ ├── role.blade.php
│ └── unlessrole.blade.php
└── Traits/
├── HasPermissionsTest.php
├── HasPermissionsWithCustomModelsTest.php
├── HasRolesTest.php
├── HasRolesWithCustomModelsTest.php
├── TeamHasPermissionsTest.php
├── TeamHasRolesTest.php
└── WildcardHasPermissionsTest.php
================================================
FILE CONTENTS
================================================
================================================
FILE: .editorconfig
================================================
; This file is for unifying the coding style for different editors and IDEs.
; More information at http://editorconfig.org
root = true
[*]
charset = utf-8
indent_size = 4
indent_style = space
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
================================================
FILE: .gitattributes
================================================
# Path-based git attributes
# https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html
# Ignore all test and documentation with "export-ignore".
/.github export-ignore
/.gitattributes export-ignore
/.gitignore export-ignore
/phpunit.xml.dist export-ignore
/art export-ignore
/docs export-ignore
/tests export-ignore
/.editorconfig export-ignore
/.php_cs.dist.php export-ignore
/phpstan* export-ignore
/CHANGELOG.md export-ignore
/CONTRIBUTING.md export-ignore
================================================
FILE: .github/FUNDING.yml
================================================
github: spatie
================================================
FILE: .github/ISSUE_TEMPLATE/1_Bug_report.yml
================================================
name: Bug Report
description: "Report a reproducible bug."
body:
- type: markdown
attributes:
value: |
Before creating a new Bug Report, please check that there isn't already a similar issue on [the issue tracker](https://github.com/spatie/laravel-permission/issues) or in [the discussions](https://github.com/spatie/laravel-permission/discussions).
Also, **many issues/questions/problems are already answered** in the [documentation](https://spatie.be/docs/laravel-permission) already. **Please be sure to check the docs** because it will save you time!
- type: textarea
attributes:
label: Description
description: A clear and concise description of what the bug is.
validations:
required: true
- type: textarea
attributes:
label: Steps To Reproduce
description: How do you trigger this bug? Please walk us through it step by step.
value: |
1.
2.
3.
...
validations:
required: true
- type: input
attributes:
label: Example Application
description: "Here is a link to my Github repo containing a minimal Laravel application which shows my problem:"
- type: markdown
attributes:
value: |
You can use `composer show` to get package version numbers:
- type: input
attributes:
label: "Version of spatie/laravel-permission package:"
validations:
required: true
- type: input
attributes:
label: "Version of laravel/framework package:"
validations:
required: true
- type: input
attributes:
label: "PHP version:"
validations:
required: true
- type: input
attributes:
label: "Database engine and version:"
- type: input
attributes:
label: "OS: Windows/Mac/Linux version:"
================================================
FILE: .github/ISSUE_TEMPLATE/config.yml
================================================
blank_issues_enabled: true
contact_links:
- name: Feature Request
url: https://github.com/spatie/laravel-permission/discussions/new?category=ideas
about: Share ideas for new features
- name: Ask a Question
url: https://github.com/spatie/laravel-permission/discussions/new?category=q-a
about: Ask the community for help
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
================================================
FILE: .github/workflows/dependabot-auto-merge.yml
================================================
name: dependabot-auto-merge
on: pull_request_target
permissions:
pull-requests: write
contents: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
compat-lookup: true
- name: Auto-merge Dependabot PRs for semver-minor updates
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-minor'}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Auto-merge Dependabot PRs for semver-patch updates
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Auto-merge Dependabot PRs for Action major versions when compatibility is higher than 90%
if: ${{steps.metadata.outputs.package-ecosystem == 'github_actions' && steps.metadata.outputs.update-type == 'version-update:semver-major' && steps.metadata.outputs.compatibility-score >= 90}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
================================================
FILE: .github/workflows/fix-php-code-style-issues.yml
================================================
name: Fix PHP code style issues
on:
push:
paths:
- '**.php'
jobs:
php-code-styling:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ github.head_ref }}
- name: Fix PHP code style issues
uses: aglipanci/laravel-pint-action@v2
- name: Commit changes
uses: stefanzweifel/git-auto-commit-action@v7
with:
commit_message: Fix styling
================================================
FILE: .github/workflows/phpstan.yml
================================================
name: PHPStan
on:
push:
paths:
- '**.php'
- 'phpstan.neon.dist'
pull_request:
paths:
- '**.php'
- 'phpstan.neon.dist'
jobs:
phpstan:
name: phpstan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: 8.4
coverage: none
- name: Install composer dependencies
uses: ramsey/composer-install@v4
- name: Install larastan
run: |
composer require "larastan/larastan" --no-interaction --no-update
composer update --prefer-dist --no-interaction
- name: Run PHPStan
run: ./vendor/bin/phpstan --error-format=github
================================================
FILE: .github/workflows/run-tests.yml
================================================
name: Run Tests - Current
on:
- push
- pull_request
jobs:
test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php: [8.5, 8.4]
laravel: ["^13", "^12"]
dependency-version: [prefer-stable, prefer-lowest]
include:
- laravel: "^13"
testbench: 11.*
- laravel: "^12"
testbench: 10.*
name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.dependency-version }}
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: curl, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, iconv
coverage: none
- name: Install dependencies
run: |
composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" "symfony/console:>=4.3.4" "mockery/mockery:^1.3.2" "nesbot/carbon:>=2.72.6" --no-interaction --no-update
composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction
- name: Execute tests
run: vendor/bin/pest
================================================
FILE: .github/workflows/test-cache-drivers.yml
================================================
name: "Run Tests - Cache Drivers"
on: [push, pull_request]
jobs:
cache:
runs-on: ubuntu-latest
services:
redis:
image: redis
ports:
- 6379/tcp
options: --health-cmd="redis-cli ping" --health-interval=10s --health-timeout=5s --health-retries=3
strategy:
fail-fast: false
name: Cache Drivers
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: 8.4
extensions: curl, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, iconv, memcache
coverage: none
- name: Install dependencies
run: |
composer require "predis/predis" --no-interaction --no-update
composer update --prefer-stable --prefer-dist --no-interaction
- name: Execute tests - memcached cache driver
run: |
vendor/bin/pest
env:
CACHE_DRIVER: memcached
- name: Execute tests - redis cache driver
run: |
vendor/bin/pest
env:
CACHE_DRIVER: redis
REDIS_PORT: ${{ job.services.redis.ports['6379'] }}
- name: Execute tests - database cache driver
run: |
vendor/bin/pest
env:
CACHE_DRIVER: database
- name: Execute tests - file cache driver
run: |
vendor/bin/pest
env:
CACHE_DRIVER: file
- name: Execute tests - array cache driver
run: |
vendor/bin/pest
env:
CACHE_DRIVER: array
================================================
FILE: .github/workflows/update-changelog.yml
================================================
name: "Update Changelog"
on:
release:
types: [released]
jobs:
update:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
ref: main
- name: Update Changelog
uses: stefanzweifel/changelog-updater-action@v1
with:
latest-version: ${{ github.event.release.name }}
release-notes: ${{ github.event.release.body }}
- name: Commit updated CHANGELOG
uses: stefanzweifel/git-auto-commit-action@v7
with:
branch: main
commit_message: Update CHANGELOG
file_pattern: CHANGELOG.md
================================================
FILE: .gitignore
================================================
build
composer.lock
vendor
tests/temp
.idea
.phpunit.cache
.phpunit.result.cache
.php-cs-fixer.cache
tests/TestSupport/CreatePermissionCustomTables.php
================================================
FILE: CHANGELOG.md
================================================
# Changelog
All notable changes to `laravel-permission` will be documented in this file
## 7.2.4 - 2026-03-17
### What's Changed
* Internals only.
* Bump ramsey/composer-install from 3 to 4 by @dependabot[bot] in https://github.com/spatie/laravel-permission/pull/2936
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/7.2.3...7.2.4
## 6.25.0 - 2026-03-17
### What's Changed
* Add Laravel 13 compatibility to old branch, so that 3rd party packages can support L13 without urgent upgrading
* Convert test suite from PHPUnit to Pest by @freekmurze in https://github.com/spatie/laravel-permission/pull/2912
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.24.1...6.25.0
## 7.2.3 - 2026-02-23
- Update config comments to point to new v7 event class names
## 7.2.2 - 2026-02-22
### What's Changed
* Clear wildcard permission index when assigning or removing roles by @freekmurze in https://github.com/spatie/laravel-permission/pull/2925
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/7.2.1...7.2.2
## 7.2.1 - 2026-02-21
### What's Changed
- Add Laravel 13 support
- Upgrade to laravel/passport ^13.0
- Drop prefer-lowest from CI matrix
## 7.2.0 - 2026-02-18
### What's Changed
* Fix: do not treat string '0' as empty role/permission input by @laraib15 in https://github.com/spatie/laravel-permission/pull/2916
### New Contributors
* @laraib15 made their first contribution in https://github.com/spatie/laravel-permission/pull/2916
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/7.1.0...7.2.0
## 7.1.0 - 2026-02-14
### What's Changed
* [v7] Bring back support for PHP 8.3 by @ssw1cblarrion in https://github.com/spatie/laravel-permission/pull/2918
### New Contributors
* @ssw1cblarrion made their first contribution in https://github.com/spatie/laravel-permission/pull/2918
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/7.0.0...7.1.0
## 7.0.0 - 2026-02-11
### Modernize codebase for v7
The aim for v7 is to modernize the codebase while keeping the upgrade path easy. Modern PHP/Laravel features, Pest tests, but no big architectural changes. A future v8 could then tackle larger changes and streamline the package more fundamentally.
#### Version requirements
- Requires PHP ^8.4 and Laravel ^12.0
- Test suite uses Pest ^3.0
#### Service provider
- Converted to `PackageServiceProvider` from `spatie/laravel-package-tools`
- Removed Lumen support
#### Class renames
- Event classes now have an `Event` suffix (`PermissionAttached` → `PermissionAttachedEvent`, etc.)
- Command classes now have a `Command` suffix (`CacheReset` → `CacheResetCommand`, etc.)
#### Type safety
- Added return types and parameter types throughout traits, middleware, exceptions, contracts, and commands
#### Code modernization
- `is_a($this, X::class)` → `$this instanceof X`
- `get_class($obj)` → `$obj::class`
- `strpos($x, $y) !== false` → `str_contains($x, $y)`
- Constructor promotion in `WildcardPermission`
- Proper `use` imports for global classes
#### Cleanup
- Removed deprecated `clearClassPermissions()` method
- Removed `__construct` from `Wildcard` contract
- Modernized migration stubs
#### Testing
- Converted entire test suite from PHPUnit to Pest (#2912)
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.24.1...7.0.0
## 6.24.1 - 2026-02-09
### What's Changed
* Add team support to permission:assign-role command by @freekmurze in https://github.com/spatie/laravel-permission/pull/2910
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.24.0...6.24.1
## 6;24.1 - 2026-02-09
### What's Changed
* Add team support to permission:assign-role command by @freekmurze in https://github.com/spatie/laravel-permission/pull/2910
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.24.0...6;24.1
## 6.24.0 - 2025-12-13
### What's Changed
* Add BackedEnum Support to RoleOrPermissionMiddleware by @imhayatunnabi in https://github.com/spatie/laravel-permission/pull/2890
* Add Missing roleOrPermission() route macro by @imhayatunnabi in https://github.com/spatie/laravel-permission/pull/2893
* PHP 8.5: Fix deprecated usage of `null` as array key by @jnoordsij in https://github.com/spatie/laravel-permission/pull/2904
### Internals/Testing
* Skip prefer-lowest dependency version for Laravel 11 by @drbyte in https://github.com/spatie/laravel-permission/pull/2903
* Bump actions/checkout from 5 to 6 by @dependabot[bot] in https://github.com/spatie/laravel-permission/pull/2901
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.23.0...6.24.0
## 6.23.0 - 2025-11-03
### What's Changed
* Performance enhancement: Reduce unnecessary container resolution calls by @imhayatunnabi in https://github.com/spatie/laravel-permission/pull/2889
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.22.0...6.23.0
## 6.22.0 - 2025-10-27
### What's Changed
* Dispatch RoleDetached on syncRoles when events are enabled by @josedaian in https://github.com/spatie/laravel-permission/pull/2869
* Refactor exception handling in migration stub by @alisalehi1380 in https://github.com/spatie/laravel-permission/pull/2886
* Fix TOCTOU race condition in permission loading for concurrent (Octane etc) environments by @imhayatunnabi in https://github.com/spatie/laravel-permission/pull/2883
* Add assign-role command by @sediqzada94 in https://github.com/spatie/laravel-permission/pull/2834
* Test PHP 8.5 by @erikn69 in https://github.com/spatie/laravel-permission/pull/2880
* Bump stefanzweifel/git-auto-commit-action from 6 to 7 by @dependabot[bot] in https://github.com/spatie/laravel-permission/pull/2882
* Update issue template by @AlexVanderbist in https://github.com/spatie/laravel-permission/pull/2875
* Bump actions/checkout from 4 to 5 by @dependabot[bot] in https://github.com/spatie/laravel-permission/pull/2870
* Quick Panel (TALL Flowbite Starter Kit) by @aliqasemzadeh in https://github.com/spatie/laravel-permission/pull/2881
### New Contributors
* @josedaian made their first contribution in https://github.com/spatie/laravel-permission/pull/2869
* @alisalehi1380 made their first contribution in https://github.com/spatie/laravel-permission/pull/2886
* @imhayatunnabi made their first contribution in https://github.com/spatie/laravel-permission/pull/2883
* @sediqzada94 made their first contribution in https://github.com/spatie/laravel-permission/pull/2834
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.21.0...6.22.0
## 6.21.0 - 2025-07-23
### What's Changed
* Allow removing multiple roles with the `removeRole` method by @TobMoeller in https://github.com/spatie/laravel-permission/pull/2859
* [Docs] Correct middleware order for documentation example in `teams-permissions.md` by @dualklip in https://github.com/spatie/laravel-permission/pull/2863
### New Contributors
* @dualklip made their first contribution in https://github.com/spatie/laravel-permission/pull/2863
* @TobMoeller made their first contribution in https://github.com/spatie/laravel-permission/pull/2859
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.20.0...6.21.0
## 6.20.0 - 2025-06-14
### What's Changed
* Add translations support for exception messages by @nAa6666 in https://github.com/spatie/laravel-permission/pull/2852
### New Contributors
* @nAa6666 made their first contribution in https://github.com/spatie/laravel-permission/pull/2852
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.19.0...6.20.0
## 6.19.0 - 2025-05-31
### What's Changed
* Revert "Remove `collectPermissions` that is not being assigned" by @erikn69 in https://github.com/spatie/laravel-permission/pull/2851
* Fix guard_name not used to set default attribute in Role and Permission model by @Ken-vdE in https://github.com/spatie/laravel-permission/pull/2837
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.18.0...6.19.0
## 6.18.0 - 2025-05-14
### What's Changed
* refactor exception throwing in migration file to use throw_if() by @ccaioadriano in https://github.com/spatie/laravel-permission/pull/2819
* Fix: Example in config comment includes `permission.` prefix on `wildcard_permission` key by @jerrens in https://github.com/spatie/laravel-permission/pull/2835
* Fix commented config key typo by @erikn69 in https://github.com/spatie/laravel-permission/pull/2844
* Remove `collectPermissions` that is not being assigned by @JHWelch in https://github.com/spatie/laravel-permission/pull/2840
* [Docs] Update multiple-guards.md by @Ken-vdE in https://github.com/spatie/laravel-permission/pull/2836
* [Docs] Remove extra period by @coreyhn in https://github.com/spatie/laravel-permission/pull/2841
* Add JetAdmin as UI Option. by @aliqasemzadeh in https://github.com/spatie/laravel-permission/pull/2814
### New Contributors
* @ccaioadriano made their first contribution in https://github.com/spatie/laravel-permission/pull/2819
* @coreyhn made their first contribution in https://github.com/spatie/laravel-permission/pull/2841
* @jerrens made their first contribution in https://github.com/spatie/laravel-permission/pull/2835
* @Ken-vdE made their first contribution in https://github.com/spatie/laravel-permission/pull/2836
* @JHWelch made their first contribution in https://github.com/spatie/laravel-permission/pull/2840
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.17.0...6.18.0
## 6.17.0 - 2025-04-09
### What's Changed
* Route macro functions: add backed enum support by @Yi-pixel in https://github.com/spatie/laravel-permission/pull/2823
### New Contributors
* @Yi-pixel made their first contribution in https://github.com/spatie/laravel-permission/pull/2823
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.16.0...6.17.0
## 6.16.0 - 2025-02-28
### What's Changed
* Middleware: support enums in role/permission middleware by @marklawntalk in https://github.com/spatie/laravel-permission/pull/2813
### New Contributors
* @marklawntalk made their first contribution in https://github.com/spatie/laravel-permission/pull/2813
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.15.0...6.16.0
## 6.15.0 - 2025-02-17
### What's Changed
* Added 4 events for adding and removing roles or permissions by @sven-wegner in https://github.com/spatie/laravel-permission/pull/2742
* Fixed bug of loading user roles of different teams to current team by @mohamedds-12 in https://github.com/spatie/laravel-permission/pull/2803
### New Contributors
* @sven-wegner made their first contribution in https://github.com/spatie/laravel-permission/pull/2742
* @mohamedds-12 made their first contribution in https://github.com/spatie/laravel-permission/pull/2803
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.14.0...6.15.0
## 6.14.0 - 2025-02-13
### What's Changed
* LDAP model lookup from Auth Provider by @crossplatformconsulting in https://github.com/spatie/laravel-permission/pull/2750
### Internals
* Add PHPUnit annotations, for future compatibility with PHPUnit 12 by @drbyte in https://github.com/spatie/laravel-permission/pull/2806
### New Contributors
* @crossplatformconsulting made their first contribution in https://github.com/spatie/laravel-permission/pull/2750
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.13.0...6.14.0
## 6.13.0 - 2025-02-05
### What's Changed
* LazyLoading: Explicitly call `loadMissing('permissions')` when the relation is needed, and test with `Model::preventLazyLoading()` by @erikn69 in https://github.com/spatie/laravel-permission/pull/2776
* [Docs] Add instructions to reinitialize cache for multi-tenancy key settings when updating multiple tenants in a single request cycle, by @sudkumar in https://github.com/spatie/laravel-permission/pull/2804
### New Contributors
* @sudkumar made their first contribution in https://github.com/spatie/laravel-permission/pull/2804
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.12.0...6.13.0
## 6.12.0 - 2025-01-31
### What's Changed
* Support Laravel 12
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.11.0...6.12.0
## 6.11.0 - 2025-01-30
### What's Changed
* Add configurable team resolver for permission team id (helpful for Jetstream, etc) by @adrenallen in https://github.com/spatie/laravel-permission/pull/2790
### Internals
* Replace php-cs-fixer with Laravel Pint by @bobbrodie in https://github.com/spatie/laravel-permission/pull/2780
### Documentation Updates
* [Docs] Include namespace in example in uuid.md by @ken-tam in https://github.com/spatie/laravel-permission/pull/2764
* [Docs] Include Laravel 11 example in exceptions.md by @frankliniwobi in https://github.com/spatie/laravel-permission/pull/2768
* [Docs] Fix typo in code example in passport.md by @m3skalina in https://github.com/spatie/laravel-permission/pull/2782
* [Docs] Correct username in new-app.md by @trippodi in https://github.com/spatie/laravel-permission/pull/2785
* [Docs] Add composer specificity by @imanghafoori1 in https://github.com/spatie/laravel-permission/pull/2772
* [Docs] Update installation-laravel.md to fix providers.php location. by @curiousteam in https://github.com/spatie/laravel-permission/pull/2796
### New Contributors
* @ken-tam made their first contribution in https://github.com/spatie/laravel-permission/pull/2764
* @frankliniwobi made their first contribution in https://github.com/spatie/laravel-permission/pull/2768
* @bobbrodie made their first contribution in https://github.com/spatie/laravel-permission/pull/2780
* @m3skalina made their first contribution in https://github.com/spatie/laravel-permission/pull/2782
* @trippodi made their first contribution in https://github.com/spatie/laravel-permission/pull/2785
* @imanghafoori1 made their first contribution in https://github.com/spatie/laravel-permission/pull/2772
* @curiousteam made their first contribution in https://github.com/spatie/laravel-permission/pull/2796
* @adrenallen made their first contribution in https://github.com/spatie/laravel-permission/pull/2790
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.10.1...6.11.0
## 6.10.1 - 2024-11-08
### What's Changed
* Fix #2749 regression bug in `6.10.0` : "Can no longer delete permissions" by @erikn69 in https://github.com/spatie/laravel-permission/pull/2759
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.10.0...6.10.1
## 6.10.0 - 2024-11-05
### What's Changed
* Fix `GuardDoesNotMatch should accept collection` by @erikn69 in https://github.com/spatie/laravel-permission/pull/2748
* Improve performance for hydrated collections by @inserve-paul in https://github.com/spatie/laravel-permission/pull/2749
* Only show error if `cache key exists` and `forgetCachedPermissions` fails by @erikn69 in https://github.com/spatie/laravel-permission/pull/2707
* Remove v5 cache fallback alias by @drbyte in https://github.com/spatie/laravel-permission/pull/2754
* Include `Larastan` in `dev` by @drbyte in https://github.com/spatie/laravel-permission/pull/2755
#### Docs
* [Docs example] Check for 'all' or 'any' permissions before specific permissions by @ceilidhboy in https://github.com/spatie/laravel-permission/pull/2694
* [Docs] Fix typo in uuid.md by @levizoesch in https://github.com/spatie/laravel-permission/pull/2705
* [Docs] Upgrade Guide - Add PR links to upgrade guide by @mraheelkhan in https://github.com/spatie/laravel-permission/pull/2716
* [Docs] use more modern syntax for nullable return type by @galangaidilakbar in https://github.com/spatie/laravel-permission/pull/2719
* [Docs] camelCase variable naming in example by @KamilWojtalak in https://github.com/spatie/laravel-permission/pull/2723
* [Docs] Update using-policies.md by @marcleonhard in https://github.com/spatie/laravel-permission/pull/2741
* [Docs] Example of pushing custom middleware before SubstituteBindings middleware by @WyattCast44 in https://github.com/spatie/laravel-permission/pull/2740
#### Other
* PHP 8.4 tests by @erikn69 in https://github.com/spatie/laravel-permission/pull/2747
* Fix comment typo by @machacekmartin in https://github.com/spatie/laravel-permission/pull/2753
### New Contributors
* @ceilidhboy made their first contribution in https://github.com/spatie/laravel-permission/pull/2694
* @levizoesch made their first contribution in https://github.com/spatie/laravel-permission/pull/2705
* @galangaidilakbar made their first contribution in https://github.com/spatie/laravel-permission/pull/2719
* @KamilWojtalak made their first contribution in https://github.com/spatie/laravel-permission/pull/2723
* @marcleonhard made their first contribution in https://github.com/spatie/laravel-permission/pull/2741
* @WyattCast44 made their first contribution in https://github.com/spatie/laravel-permission/pull/2740
* @inserve-paul made their first contribution in https://github.com/spatie/laravel-permission/pull/2749
* @machacekmartin made their first contribution in https://github.com/spatie/laravel-permission/pull/2753
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.9.0...6.10.0
## 6.9.0 - 2024-06-22
### What's Changed
* Use `->withPivot()` for teamed relationships (allows `getPivotColumns()`) by @juliangums in https://github.com/spatie/laravel-permission/pull/2679
* Update docblock on `$role->hasPermissionTo()` to include `BackedEnum` by @drbyte co-authored by @SanderMuller
* [Docs] Clarify that `$guard_name` can be an array by @angelej in https://github.com/spatie/laravel-permission/pull/2659
* Fix misc typos in changelog by @szepeviktor in https://github.com/spatie/laravel-permission/pull/2686
### New Contributors
* @angelej made their first contribution in https://github.com/spatie/laravel-permission/pull/2659
* @SanderMuller made their first contribution in #2676
* @szepeviktor made their first contribution in https://github.com/spatie/laravel-permission/pull/2686
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.8.0...6.9.0
## 6.8.0 - 2024-06-21
### What's Changed
* Fix can't save the same model twice by @erikn69 in https://github.com/spatie/laravel-permission/pull/2658
* Fix phpstan from #2616 by @erikn69 in https://github.com/spatie/laravel-permission/pull/2685
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.7.0...6.8.0
## 6.7.0 - 2024-04-19
### What's Changed
- Fixed remaining Octane event contract. Update to #2656 in release `6.5.0`
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.6.0...6.7.0
## 6.6.0 - 2024-04-19
### What's Changed
* Roles: Support for casting role names to enums by @gajosadrian in https://github.com/spatie/laravel-permission/pull/2616
* Fix permission:show UUID error #2581 by @drbyte in https://github.com/spatie/laravel-permission/pull/2582
* Cover WildcardPermission instance verification based on its own guard (Allow hasAllPermissions and hasAnyPermission to run on custom guard for WildcardPermission) by @AlexandreBellas in https://github.com/spatie/laravel-permission/pull/2608
* Register Laravel "About" details by @drbyte in https://github.com/spatie/laravel-permission/pull/2584
### New Contributors
* @gajosadrian made their first contribution in https://github.com/spatie/laravel-permission/pull/2616
* @AlexandreBellas made their first contribution in https://github.com/spatie/laravel-permission/pull/2608
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.5.0...6.6.0
## 6.5.0 - 2024-04-18
### What's Changed
* Octane: Fix wrong event listener by @erikn69 in https://github.com/spatie/laravel-permission/pull/2656
* Teams: Add nullable team_id by @Androlax2 in https://github.com/spatie/laravel-permission/pull/2607
* Blade: simplify the definition of multiple Blade "if" directives by @alissn in https://github.com/spatie/laravel-permission/pull/2628
* DocBlocks: Update HasPermissions::collectPermissions() docblock by @Plytas in https://github.com/spatie/laravel-permission/pull/2641
#### Internals
* Update role-permissions.md by @killjin in https://github.com/spatie/laravel-permission/pull/2631
* Bump ramsey/composer-install from 2 to 3 by @dependabot in https://github.com/spatie/laravel-permission/pull/2630
* Bump dependabot/fetch-metadata from 1 to 2 by @dependabot in https://github.com/spatie/laravel-permission/pull/2642
### New Contributors
* @alissn made their first contribution in https://github.com/spatie/laravel-permission/pull/2628
* @Androlax2 made their first contribution in https://github.com/spatie/laravel-permission/pull/2607
* @Plytas made their first contribution in https://github.com/spatie/laravel-permission/pull/2641
* @killjin made their first contribution in https://github.com/spatie/laravel-permission/pull/2631
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.4.0...6.5.0
## 6.4.0 - 2024-02-28
* Laravel 11 Support
### What's Changed
* Add Laravel 11 to workflow run tests by @mraheelkhan in https://github.com/spatie/laravel-permission/pull/2605
* And Passport 12
### Internals
* Update to use Larastan Org by @arnebr in https://github.com/spatie/laravel-permission/pull/2585
* laravel-pint-action to major version tag by @erikn69 in https://github.com/spatie/laravel-permission/pull/2586
### New Contributors
* @arnebr made their first contribution in https://github.com/spatie/laravel-permission/pull/2585
* @mraheelkhan made their first contribution in https://github.com/spatie/laravel-permission/pull/2605
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.3.0...6.4.0
## 6.3.0 - 2023-12-24
### What's Changed
* Octane Fix: Clear wildcard permissions on Tick in https://github.com/spatie/laravel-permission/pull/2583
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.2.0...6.3.0
## 6.2.0 - 2023-12-09
### What's Changed
* Skip duplicates on sync (was triggering Integrity Constraint Violation error) by @erikn69 in https://github.com/spatie/laravel-permission/pull/2574
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.1.0...6.2.0
## 6.1.0 - 2023-11-09
### What's Changed
- Reset teamId on Octane by @erikn69 in https://github.com/spatie/laravel-permission/pull/2547
NOTE: The `\Spatie\Permission\Listeners\OctaneReloadPermissions` listener introduced in 6.0.0 is removed in 6.1.0, because the logic is directly incorporated into the ServiceProvider now.
Thanks @jameshulse for the heads-up and code-review.
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.0.1...6.1.0
## 6.0.1 - 2023-11-06
### What's Changed
- Provide a default team_foreign_key value in case config file isn't upgraded yet or teams feature is unused. Fixes #2535
- [Docs] Update unsetRelation() example in teams-permissions.md by @shdehnavi in https://github.com/spatie/laravel-permission/pull/2534
- [Docs] Update link in direct-permissions.md by @sevannerse in https://github.com/spatie/laravel-permission/pull/2539
### New Contributors
- @sevannerse made their first contribution in https://github.com/spatie/laravel-permission/pull/2539
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/6.0.0...6.0.1
## 6.0.0 - 2023-10-25
### What's Changed
- Full uuid/guid/ulid support by @erikn69 in https://github.com/spatie/laravel-permission/pull/2089
- Refactor: Change static properties to non-static by @olivernybroe in https://github.com/spatie/laravel-permission/pull/2324
- Fix Role::withCount if belongsToMany declared by @xenaio-daniil in https://github.com/spatie/laravel-permission/pull/2280
- Fix: Lazily bind dependencies by @olivernybroe in https://github.com/spatie/laravel-permission/pull/2321
- Avoid loss of all permissions/roles pivots on sync error by @erikn69 in https://github.com/spatie/laravel-permission/pull/2341
- Fix delete permissions on Permissions Model by @erikn69 in https://github.com/spatie/laravel-permission/pull/2366
- Detach users on role/permission physical deletion by @erikn69 in https://github.com/spatie/laravel-permission/pull/2370
- Rename clearClassPermissions method to clearPermissionsCollection by @erikn69 in https://github.com/spatie/laravel-permission/pull/2369
- Use anonymous migrations (for L8+) by @erikn69 in https://github.com/spatie/laravel-permission/pull/2374
- [BC] Return string on getPermissionClass(), getRoleClass() by @erikn69 in https://github.com/spatie/laravel-permission/pull/2368
- Only offer publishing when running in console by @erikn69 in https://github.com/spatie/laravel-permission/pull/2377
- Don't add commands in web interface context by @angeljqv in https://github.com/spatie/laravel-permission/pull/2405
- [BC] Fix Role->hasPermissionTo() signature to match HasPermissions trait by @erikn69 in https://github.com/spatie/laravel-permission/pull/2380
- Force that getPermissionsViaRoles, hasPermissionViaRole must be used only by authenticable by @erikn69 in https://github.com/spatie/laravel-permission/pull/2382
- fix BadMethodCallException: undefined methods hasAnyRole, hasAnyPermissions by @erikn69 in https://github.com/spatie/laravel-permission/pull/2381
- Add PHPStan workflow with fixes by @erikn69 in https://github.com/spatie/laravel-permission/pull/2376
- Add BackedEnum support by @drbyte in https://github.com/spatie/laravel-permission/pull/2391
- Drop PHP 7.3 support by @angeljqv in https://github.com/spatie/laravel-permission/pull/2388
- Drop PHP 7.4 support by @drbyte in https://github.com/spatie/laravel-permission/pull/2485
- Test against PHP 8.3 by @erikn69 in https://github.com/spatie/laravel-permission/pull/2512
- Fix call to an undefined method Role::getRoleClass by @erikn69 in https://github.com/spatie/laravel-permission/pull/2411
- Remove force loading model relationships by @erikn69 in https://github.com/spatie/laravel-permission/pull/2412
- Test alternate cache drivers by @erikn69 in https://github.com/spatie/laravel-permission/pull/2416
- Use attach instead of sync on traits by @erikn69 in https://github.com/spatie/laravel-permission/pull/2420
- Fewer sqls in syncRoles, syncPermissions by @erikn69 in https://github.com/spatie/laravel-permission/pull/2423
- Add middleware using static method by @jnoordsij in https://github.com/spatie/laravel-permission/pull/2424
- Update PHPDocs for IDE autocompletion by @erikn69 in https://github.com/spatie/laravel-permission/pull/2437
- [BC] Wildcard permissions algorithm performance improvements (ALERT: Breaking Changes) by @danharrin in https://github.com/spatie/laravel-permission/pull/2445
- Add withoutRole and withoutPermission scopes by @drbyte in https://github.com/spatie/laravel-permission/pull/2463
- Add support for service-to-service Passport client by @SuperDJ in https://github.com/spatie/laravel-permission/pull/2467
- Register OctaneReloadPermissions listener for Laravel Octane by @erikn69 in https://github.com/spatie/laravel-permission/pull/2403
- Add guard name to exceptions by @drbyte in https://github.com/spatie/laravel-permission/pull/2481
- Update contracts to allow for UUID by @drbyte in https://github.com/spatie/laravel-permission/pull/2480
- Avoid triggering eloquent.retrieved event by @erikn69 in https://github.com/spatie/laravel-permission/pull/2498
- [BC] Rename "Middlewares" namespace to "Middleware" by @drbyte in https://github.com/spatie/laravel-permission/pull/2499
- `@haspermission` directive by @axlwild in https://github.com/spatie/laravel-permission/pull/2515
- Add guard parameter to can() by @drbyte in https://github.com/spatie/laravel-permission/pull/2526
### New Contributors
- @xenaio-daniil made their first contribution in https://github.com/spatie/laravel-permission/pull/2280
- @JensvandeWiel made their first contribution in https://github.com/spatie/laravel-permission/pull/2336
- @fsamapoor made their first contribution in https://github.com/spatie/laravel-permission/pull/2361
- @yungifez made their first contribution in https://github.com/spatie/laravel-permission/pull/2394
- @HasanEksi made their first contribution in https://github.com/spatie/laravel-permission/pull/2418
- @jnoordsij made their first contribution in https://github.com/spatie/laravel-permission/pull/2424
- @danharrin made their first contribution in https://github.com/spatie/laravel-permission/pull/2445
- @SuperDJ made their first contribution in https://github.com/spatie/laravel-permission/pull/2467
- @ChillMouse made their first contribution in https://github.com/spatie/laravel-permission/pull/2438
- @Okipa made their first contribution in https://github.com/spatie/laravel-permission/pull/2492
- @edalzell made their first contribution in https://github.com/spatie/laravel-permission/pull/2494
- @sirosfakhri made their first contribution in https://github.com/spatie/laravel-permission/pull/2501
- @juliangums made their first contribution in https://github.com/spatie/laravel-permission/pull/2516
- @nnnnnnnngu made their first contribution in https://github.com/spatie/laravel-permission/pull/2524
- @axlwild made their first contribution in https://github.com/spatie/laravel-permission/pull/2515
- @shdehnavi made their first contribution in https://github.com/spatie/laravel-permission/pull/2527
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.11.1...6.0.0
## 5.11.1 - 2023-10-25
No functional changes. Just several small updates to the Documentation.
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.11.0...5.11.1
## 5.11.0 - 2023-08-30
### What's Changed
- [V5] Avoid triggering `eloquent.retrieved` event by @erikn69 in https://github.com/spatie/laravel-permission/pull/2490
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.10.2...5.11.0
## 5.10.2 - 2023-07-04
### What's Changed
- Fix Eloquent Strictness on `permission:show` Command by @erikn69 in https://github.com/spatie/laravel-permission/pull/2457
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.10.1...5.10.2
## 5.10.1 - 2023-04-12
### What's Changed
- [V5] Fix artisan command `permission:show` output of roles with underscores by @erikn69 in https://github.com/spatie/laravel-permission/pull/2396
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.10.0...5.10.1
## 5.10.0 - 2023-03-22
### What's Changed
- Fix delete permissions on Permissions Model by @erikn69 in https://github.com/spatie/laravel-permission/pull/2366
## 5.9.1 - 2023-02-06
Apologies for the break caused by 5.9.0 !
### Reverted Lazy binding of dependencies.
- Revert "fix: Lazily bind dependencies", originally #2309
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.9.0...5.9.1
## 5.9.0 - 2023-02-06
### What's Changed
- Add `permission-` prefix to publish tag names by @sedehi in https://github.com/spatie/laravel-permission/pull/2301
- Fix detaching user models on teams feature #2220 by @erikn69 in https://github.com/spatie/laravel-permission/pull/2221
- Hint model properties by @AJenbo in https://github.com/spatie/laravel-permission/pull/2230
- Custom wildcard verification/separators support by @erikn69 in https://github.com/spatie/laravel-permission/pull/2252
- fix: Lazily bind dependencies by @olivernybroe in https://github.com/spatie/laravel-permission/pull/2309
- Extract query to `getPermissionsWithRoles` method. by @xiCO2k in https://github.com/spatie/laravel-permission/pull/2316
- This will allow to extend the PermissionRegistrar class and change the query.
### New Contributors
- @sedehi made their first contribution in https://github.com/spatie/laravel-permission/pull/2301
- @parallels999 made their first contribution in https://github.com/spatie/laravel-permission/pull/2265
- @AJenbo made their first contribution in https://github.com/spatie/laravel-permission/pull/2230
- @olivernybroe made their first contribution in https://github.com/spatie/laravel-permission/pull/2309
- @xiCO2k made their first contribution in https://github.com/spatie/laravel-permission/pull/2316
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.8.0...5.9.0
## 5.8.0 - 2023-01-14
### What's Changed
- Laravel 10.x Support by @erikn69 in https://github.com/spatie/laravel-permission/pull/2298
#### Administrative
- [Docs] Link updated to match name change of related tool repo by @aliqasemzadeh in https://github.com/spatie/laravel-permission/pull/2253
- Fix tests badge by @erikn69 in https://github.com/spatie/laravel-permission/pull/2300
- Add Laravel Pint Support by @patinthehat in https://github.com/spatie/laravel-permission/pull/2269
- Normalize composer.json by @patinthehat in https://github.com/spatie/laravel-permission/pull/2259
- Add Dependabot Automation by @patinthehat in https://github.com/spatie/laravel-permission/pull/2257
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.7.0...5.8.0
## 5.7.0 - 2022-11-23
### What's Changed
- [Bugfix] Avoid checking permissions-via-roles on `Role` model (ref `Model::preventAccessingMissingAttributes()`) by @juliomotol in https://github.com/spatie/laravel-permission/pull/2227
### New Contributors
- @juliomotol made their first contribution in https://github.com/spatie/laravel-permission/pull/2227
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.6.0...5.7.0
## 5.6.0 - 2022-11-19
### What's Changed
- No longer throws an exception when checking `hasAllPermissions()` if the permission name does not exist by @mtawil in https://github.com/spatie/laravel-permission/pull/2248
### Doc Updates
- [Docs] Add syncPermissions() in role-permissions.md by @xorinzor in https://github.com/spatie/laravel-permission/pull/2235
- [Docs] Fix broken Link that link to freek's blog post by @chengkangzai in https://github.com/spatie/laravel-permission/pull/2234
### New Contributors
- @xorinzor made their first contribution in https://github.com/spatie/laravel-permission/pull/2235
- @chengkangzai made their first contribution in https://github.com/spatie/laravel-permission/pull/2234
- @mtawil made their first contribution in https://github.com/spatie/laravel-permission/pull/2248
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.16...5.6.0
## 5.5.16 - 2022-10-23
### What's Changed
- optimize `for` loop in WildcardPermission by @SubhanSh in https://github.com/spatie/laravel-permission/pull/2113
### New Contributors
- @SubhanSh made their first contribution in https://github.com/spatie/laravel-permission/pull/2113
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.15...5.5.16
## 5.5.15 - 2022-10-23
Autocomplete all Blade directives via Laravel Idea plugin
### What's Changed
- Autocomplete all Blade directives via Laravel Idea plugin by @maartenpaauw in https://github.com/spatie/laravel-permission/pull/2210
- Add tests for display roles/permissions on UnauthorizedException by @erikn69 in https://github.com/spatie/laravel-permission/pull/2228
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.14...5.5.15
## 5.5.14 - 2022-10-21
FIXED BREAKING CHANGE. (Sorry about that!)
### What's Changed
- Revert "Avoid calling the config helper in the role/perm model constructor" by @drbyte in https://github.com/spatie/laravel-permission/pull/2225
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.13...5.5.14
## 5.5.13 - 2022-10-21
### What's Changed
- fix UnauthorizedException: Wrong configuration was used in forRoles by @Sy-Dante in https://github.com/spatie/laravel-permission/pull/2224
### New Contributors
- @Sy-Dante made their first contribution in https://github.com/spatie/laravel-permission/pull/2224
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.12...5.5.13
## 5.5.12 - 2022-10-19
Fix regression introduced in `5.5.10`
### What's Changed
- Fix undefined index guard_name by @erikn69 in https://github.com/spatie/laravel-permission/pull/2219
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.11...5.5.12
## 5.5.11 - 2022-10-19
### What's Changed
- Support static arrays on blade directives by @erikn69 in https://github.com/spatie/laravel-permission/pull/2168
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.10...5.5.11
## 5.5.10 - 2022-10-19
### What's Changed
- Avoid calling the config helper in the role/perm model constructor by @adiafora in https://github.com/spatie/laravel-permission/pull/2098 as discussed in https://github.com/spatie/laravel-permission/issues/2097 regarding `DI`
### New Contributors
- @adiafora made their first contribution in https://github.com/spatie/laravel-permission/pull/2098
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.9...5.5.10
## 5.5.9 - 2022-10-19
Compatibility Bugfix
### What's Changed
- Prevent `MissingAttributeException` for `guard_name` by @ejunker in https://github.com/spatie/laravel-permission/pull/2216
### New Contributors
- @ejunker made their first contribution in https://github.com/spatie/laravel-permission/pull/2216
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.8...5.5.9
## 5.5.8 - 2022-10-19
`HasRoles` trait
### What's Changed
- Fix returning all roles instead of the assigned by @erikn69 in https://github.com/spatie/laravel-permission/pull/2194
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.7...5.5.8
## 5.5.7 - 2022-10-19
Optimize HasPermissions trait
### What's Changed
- Delegate permission collection filter to another method by @angeljqv in https://github.com/spatie/laravel-permission/pull/2182
- Delegate permission filter to another method by @angeljqv in https://github.com/spatie/laravel-permission/pull/2183
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.6...5.5.7
## 5.5.6 - 2022-10-19
Just a maintenance release.
### What's Changed
- Actions: add PHP 8.2 Build by @erikn69 in https://github.com/spatie/laravel-permission/pull/2214
- Docs: Fix small syntax error in teams-permissions.md by @miten5 in https://github.com/spatie/laravel-permission/pull/2171
- Docs: Update documentation for multiple guards by @gms8994 in https://github.com/spatie/laravel-permission/pull/2169
- Docs: Make Writing Policies link clickable by @maartenpaauw in https://github.com/spatie/laravel-permission/pull/2202
- Docs: Add note about non-standard User models by @androidacy-user in https://github.com/spatie/laravel-permission/pull/2179
- Docs: Fix explanation of results for hasAllDirectPermissions in role-permission.md by @drdan18 in https://github.com/spatie/laravel-permission/pull/2139
- Docs: Add ULIDs reference by @erikn69 in https://github.com/spatie/laravel-permission/pull/2213
### New Contributors
- @miten5 made their first contribution in https://github.com/spatie/laravel-permission/pull/2171
- @gms8994 made their first contribution in https://github.com/spatie/laravel-permission/pull/2169
- @maartenpaauw made their first contribution in https://github.com/spatie/laravel-permission/pull/2202
- @androidacy-user made their first contribution in https://github.com/spatie/laravel-permission/pull/2179
- @drdan18 made their first contribution in https://github.com/spatie/laravel-permission/pull/2139
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.5...5.5.6
## 5.5.5 - 2022-06-29
### What's Changed
- Custom primary keys tests(Only tests) by @erikn69 in https://github.com/spatie/laravel-permission/pull/2096
- [PHP 8.2] Fix `${var}` string interpolation deprecation by @Ayesh in https://github.com/spatie/laravel-permission/pull/2117
- Use `getKey`, `getKeyName` instead of `id` by @erikn69 in https://github.com/spatie/laravel-permission/pull/2116
- On WildcardPermission class use static instead of self for extending by @erikn69 in https://github.com/spatie/laravel-permission/pull/2111
- Clear roles array after hydrate from cache by @angeljqv in https://github.com/spatie/laravel-permission/pull/2099
### New Contributors
- @Ayesh made their first contribution in https://github.com/spatie/laravel-permission/pull/2117
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.4...5.5.5
## 5.5.4 - 2022-05-16
## What's Changed
- Support custom primary key names on models by @erikn69 in https://github.com/spatie/laravel-permission/pull/2092
- Fix UuidTrait on uuid doc page by @abhishekpaul in https://github.com/spatie/laravel-permission/pull/2094
- Support custom fields on cache by @erikn69 in https://github.com/spatie/laravel-permission/pull/2091
## New Contributors
- @abhishekpaul made their first contribution in https://github.com/spatie/laravel-permission/pull/2094
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.3...5.5.4
## 5.5.3 - 2022-05-05
## What's Changed
- Update .gitattributes by @angeljqv in https://github.com/spatie/laravel-permission/pull/2065
- Remove double semicolon from add_teams_fields.php.stub by @morganarnel in https://github.com/spatie/laravel-permission/pull/2067
- [V5] Allow revokePermissionTo to accept Permission[] by @erikn69 in https://github.com/spatie/laravel-permission/pull/2014
- [V5] Improve typing in role's findById and findOrCreate method by @itsfaqih in https://github.com/spatie/laravel-permission/pull/2022
- [V5] Cache loader improvements by @erikn69 in https://github.com/spatie/laravel-permission/pull/1912
## New Contributors
- @morganarnel made their first contribution in https://github.com/spatie/laravel-permission/pull/2067
- @itsfaqih made their first contribution in https://github.com/spatie/laravel-permission/pull/2022
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.2...5.5.3
## 5.5.2 - 2022-03-09
## What's Changed
- [Fixes BIG bug] register blade directives after resolving blade compiler by @tabacitu in https://github.com/spatie/laravel-permission/pull/2048
## New Contributors
- @tabacitu made their first contribution in https://github.com/spatie/laravel-permission/pull/2048
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.1...5.5.2
## 5.5.1 - 2022-03-03
## What's Changed
- Spelling correction by @gergo85 in https://github.com/spatie/laravel-permission/pull/2024
- update broken link to laravel exception by @kingzamzon in https://github.com/spatie/laravel-permission/pull/2023
- Fix Blade Directives incompatibility with renderers by @erikn69 in https://github.com/spatie/laravel-permission/pull/2039
## New Contributors
- @gergo85 made their first contribution in https://github.com/spatie/laravel-permission/pull/2024
- @kingzamzon made their first contribution in https://github.com/spatie/laravel-permission/pull/2023
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.5.0...5.5.1
## 5.5.0 - 2022-01-11
- add support for Laravel 9
## 5.4.0 - 2021-11-17
## What's Changed
- Add support for PHP 8.1 by @freekmurze in https://github.com/spatie/laravel-permission/pull/1926
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.3.2...5.4.0
## 5.3.2 - 2021-11-17
## What's Changed
- [V5] Support for custom key names on Role,Permission by @erikn69 in https://github.com/spatie/laravel-permission/pull/1913
**Full Changelog**: https://github.com/spatie/laravel-permission/compare/5.3.1...5.3.2
## 5.3.1 - 2021-11-04
- Fix hints, support int on scopePermission (#1908)
## 5.3.0 - 2021-10-29
- Option for custom logic for checking permissions (#1891)
## 5.2.0 - 2021-10-28
- [V5] Fix detaching on all teams instead of only current #1888 by @erikn69 in https://github.com/spatie/laravel-permission/pull/1890
- [V5] Add uuid compatibility support on teams by @erikn69 in https://github.com/spatie/laravel-permission/pull/1857
- Adds setRoleClass method to PermissionRegistrar by @timschwartz in https://github.com/spatie/laravel-permission/pull/1867
- Load permissions for preventLazyLoading by @bahramsadin in https://github.com/spatie/laravel-permission/pull/1884
- [V5] Doc for `Super Admin` on teams by @erikn69 in https://github.com/spatie/laravel-permission/pull/1845
## 5.1.1 - 2021-09-01
- Avoid Roles over-hydration #1834
## 5.1.0 - 2021-08-31
- No longer flush cache on User role/perm assignment changes #1832
- NOTE: You should test your app to be sure that you don't accidentally have deep dependencies on cache resets happening automatically in these cases.
- ALSO NOTE: If you have added custom code which depended on these flush operations, you may need to add your own cache-reset calls.
## 5.0.0 - 2021-08-31
- Change default-guard-lookup to prefer current user's guard (see BC note in #1817 )
- Teams/Groups feature (see docs, or PR #1804)
- Customized pivots instead of `role_id`,`permission_id` #1823
## 4.4.1 - 2021-09-01
- Avoid Roles over-hydration #1834
## 4.4.0 - 2021-08-28
- Avoid BC break (removed interface change) on cache change added in 4.3.0 #1826
- Made cache even smaller #1826
- Avoid re-sync on non-persisted objects when firing Eloquent::saved #1819
## 4.3.0 - 2021-08-17
- Speed up permissions cache lookups, and make cache smaller #1799
## 4.2.0 - 2021-06-04
- Add hasExactRoles method #1696
## 4.1.0 - 2021-06-01
- Refactor to resolve guard only once during middleware
- Refactor service provider by extracting some methods
## 4.0.1 - 2021-03-22
- Added note in migration for field lengths on MySQL 8. (either shorten the columns to 125 or use InnoDB)
## 4.0.0 - 2021-01-27
- Drop support on Laravel 5.8 #1615
- Fix bug when adding roles to a model that doesn't yet exist #1663
- Enforce unique constraints on database level #1261
- Changed PermissionRegistrar::initializeCache() public to allow reinitializing cache in custom situations. #1521
- Use Eloquent\Collection instead of Support\Collection for consistency, collection merging, etc #1630
This package now requires PHP 7.2.5 and Laravel 6.0 or higher.
If you are on a PHP version below 7.2.5 or a Laravel version below 6.0 you can use an older version of this package.
## 3.18.0 - 2020-11-27
- Allow PHP 8.0
## 3.17.0 - 2020-09-16
- Optional `$guard` parameter may be passed to `RoleMiddleware`, `PermissionMiddleware`, and `RoleOrPermissionMiddleware`. See #1565
## 3.16.0 - 2020-08-18
- Added Laravel 8 support
## 3.15.0 - 2020-08-15
- Change `users` relationship type to BelongsToMany
## 3.14.0 - 2020-08-15
- Declare table relations earlier to improve guarded/fillable detection accuracy (relates to Aug 2020 Laravel security patch)
## 3.13.0 - 2020-05-19
- Provide migration error text to stop caching local config when installing packages.
## 3.12.0 - 2020-05-14
- Add missing config setting for `display_role_in_exception`
- Ensure artisan `permission:show` command uses configured models
## 3.11.0 - 2020-03-03
- Allow guardName() as a function with priority over $guard_name property #1395
## 3.10.1 - 2020-03-03
- Update patch to handle intermittent error in #1370
## 3.10.0 - 2020-03-02
- Ugly patch to handle intermittent error: `Trying to access array offset on value of type null` in #1370
## 3.9.0 - 2020-02-26
- Add Wildcard Permissions feature #1381 (see PR or docs for details)
## 3.8.0 - 2020-02-18
- Clear in-memory permissions on boot, for benefit of long running processes like Swoole. #1378
## 3.7.2 - 2020-02-17
- Refine test for Lumen dependency. Ref #1371, Fixes #1372.
## 3.7.1 - 2020-02-15
- Internal refactoring of scopes to use whereIn instead of orWhere #1334, #1335
- Internal refactoring to flatten collection on splat #1341
## 3.7.0 - 2020-02-15
- Added methods to check any/all when querying direct permissions #1245
- Removed older Lumen dependencies #1371
## 3.6.0 - 2020-01-17
- Added Laravel 7.0 support
- Allow splat operator for passing roles to `hasAnyRole()`
## 3.5.0 - 2020-01-07
- Added missing `guardName` to Exception `PermissionDoesNotExist` #1316
## 3.4.1 - 2019-12-28
- Fix 3.4.0 for Lumen
## 3.4.0 - 2019-12-27
- Make compatible with Swoole - ie: for long-running Laravel instances
## 3.3.1 - 2019-12-24
- Expose Artisan commands to app layer, not just to console
## 3.3.0 - 2019-11-22
- Remove duplicate and unreachable code
- Remove checks for older Laravel versions
## 3.2.0 - 2019-10-16
- Implementation of optional guard check for hasRoles and hasAllRoles - See #1236
## 3.1.0 - 2019-10-16
- Use bigIncrements/bigInteger in migration - See #1224
## 3.0.0 - 2019-09-02
- Update dependencies to allow for Laravel 6.0
- Drop support for Laravel 5.7 and older, and PHP 7.1 and older. (They can use v2 of this package until they upgrade.)
- To be clear: v3 requires minimum Laravel 5.8 and PHP 7.2
## 2.38.0 - 2019-09-02
- Allow support for multiple role/permission models
- Load roles relationship only when missing
- Wrap helpers in function_exists() check
## 2.37.0 - 2019-04-09
- Added `permission:show` CLI command to display a table of roles/permissions
- `removeRole` now returns the model, consistent with other methods
- model `$guarded` properties updated to `protected`
- README updates
## 2.36.1 - 2019-03-05
- reverts the changes made in 2.36.0 due to some reported breaks.
## 2.36.0 - 2019-03-04
- improve performance by reducing another iteration in processing query results and returning earlier
## 2.35.0 - 2019-03-01
- overhaul internal caching strategy for better performance and fix cache miss when permission names contained spaces
- deprecated hasUncachedPermissionTo() (use hasPermissionTo() instead)
- added getPermissionNames() method
## 2.34.0 - 2019-02-26
- Add explicit pivotKeys to roles/permissions BelongsToMany relationships
## 2.33.0 - 2019-02-20
- Laravel 5.8 compatibility
## 2.32.0 - 2019-02-13
- Fix duplicate permissions being created through artisan command
## 2.31.0 - 2019-02-03
- Add custom guard query to role scope
- Remove use of array_wrap helper function due to future deprecation
## 2.30.0 - 2019-01-28
- Change cache config time to DateInterval instead of integer
This is in preparation for compatibility with Laravel 5.8's cache TTL change to seconds instead of minutes.
NOTE: If you leave your existing `config/permission.php` file alone, then with Laravel 5.8 the `60 * 24` will change from being treated as 24 hours to just 24 minutes. Depending on your app, this may or may not make a significant difference. Updating your config file to a specific DateInterval will add specificity and insulate you from the TTL change in Laravel 5.8.
Refs:
https://laravel-news.com/cache-ttl-change-coming-to-laravel-5-8
https://github.com/laravel/framework/commit/fd6eb89b62ec09df1ffbee164831a827e83fa61d
## 2.29.0 - 2018-12-15
- Fix bound `saved` event from firing on all subsequent models when calling assignRole or givePermissionTo on unsaved models. However, it is preferable to save the model first, and then add roles/permissions after saving. See #971.
## 2.28.2 - 2018-12-10
- Use config settings for cache reset in migration stub
## 2.28.1 - 2018-12-07
- Remove use of Cache facade, for Lumen compatibility
## 2.28.0 - 2018-11-30
- Rename `getCacheKey` method in HasPermissions trait to `getPermissionCacheKey` for clearer specificity.
## 2.27.0 - 2018-11-21
- Add ability to specify a cache driver for roles/permissions caching
## 2.26.2 - 2018-11-20
- Added the ability to reset the permissions cache via an Artisan command:
- `php artisan permission:cache-reset`
## 2.26.1 - 2018-11-19
- minor update to de-duplicate code overhead
- numerous internal updates to cache tests infrastructure
## 2.26.0 - 2018-11-19
- Substantial speed increase by caching the associations between models and permissions
### NOTES:
The following changes are not "breaking", but worth making the updates to your app for consistency.
1. Config file: The `config/permission.php` file changed to move cache-related settings into a sub-array. **You should review the changes and merge the updates into your own config file.** Specifically the `expiration_time` value has moved into a sub-array entry, and the old top-level entry is no longer used.
2. See the original config file here:
3. https://github.com/spatie/laravel-permission/blob/main/config/permission.php
4.
5. Cache Resets: If your `app` or `tests` are clearing the cache by specifying the cache key, **it is better to use the built-in forgetCachedPermissions() method** so that it properly handles tagged cache entries. Here is the recommended change:
6.
```diff
- app()['cache']->forget('spatie.permission.cache');
+ $this->app->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
```
1. Also this is a good time to point out that now with v2.25.0 and v2.26.0 most permission-cache-reset scenarios may no longer be needed in your app, so it's worth reviewing those cases, as you may gain some app speed improvement by removing unnecessary cache resets.
## 2.25.0 - 2018-11-07
- A model's `roles` and `permissions` relations (respectively) are now automatically reloaded after an Assign/Remove role or Grant/Revoke of permissions. This means there's no longer a need to call `->fresh()` on the model if the only reason is to reload the role/permission relations. (That said, you may want to call it for other reasons.)
- Added support for passing id to HasRole()
## 2.24.0 - 2018-11-06
- Fix operator used on RoleOrPermissionMiddleware, and avoid throwing PermissionDoesNotExist if invalid permission passed
- Auto-reload model role relation after using AssignRole
- Avoid empty permission creation when using the CreateRole command
## 2.23.0 - 2018-10-15
- Avoid unnecessary queries of user roles when fetching all permissions
## 2.22.1 - 2018-10-15
- Fix Lumen issue with Route helper added in 2.22.0
## 2.22.0 - 2018-10-11
- Added `Route::role()` and `Route::permission()` middleware helper functions
- Added new `role_or_permission` middleware to allow specifying "or" combinations
## 2.21.0 - 2018-09-29
- Revert changes from 2.17.1 in order to support Lumen 5.7
## 2.20.0 - 2018-09-19
- It will sync roles/permissions to models that are not persisted, by registering a `saved` callback.
- (It would previously throw an Integrity constraint violation QueryException on the pivot table insertion.)
## 2.19.2 - 2018-09-19
- add `@elserole` directive:
- Usage:
```php
@role('roleA')
// user hasRole 'roleA'
@elserole('roleB')
// user hasRole 'roleB' but not 'roleA'
@endrole
```
## 2.19.1 - 2018-09-14
- Spark-related fix to accommodate missing guard[providers] config
## 2.19.0 - 2018-09-10
- Add ability to pass in IDs or mixed values to `role` scope
- Add `@unlessrole`/`@endunlessrole` Blade directives
## 2.18.0 - 2018-09-06
- Expanded CLI `permission:create-role` command to create optionally create-and-link permissions in one command. Also now no longer throws an error if the role already exists.
## 2.17.1 - 2018-08-28
- Require laravel/framework instead of illuminate/* starting from ~5.4.0
- Removed old dependency for illuminate/database@~5.3.0 (Laravel 5.3 is not supported)
## 2.17.0 - 2018-08-24
- Laravel 5.7 compatibility
## 2.16.0 - 2018-08-20
- Replace static Permission::class and Role::class with dynamic value (allows custom models more easily)
- Added type checking in hasPermissionTo and hasDirectPermission
## 2.15.0 - 2018-08-15
- Make assigning the same role or permission twice not throw an exception
## 2.14.0 - 2018-08-13
- Allow using another key name than `model_id` by defining new `columns` array with `model_morph_key` key in config file. This improves UUID compatibility as discussed in #777.
## 2.13.0 - 2018-08-02
- Fix issue with null values passed to syncPermissions & syncRoles
## 2.12.2 - 2018-06-13
- added hasAllPermissions method
## 2.12.1 - 2018-04-23
- Reverted 2.12.0. REVERTS: "Add ability to pass guard name to gate methods like can()". Requires reworking of guard handling if we're going to add this feature.
## 2.12.0 - 2018-04-22
- Add ability to pass guard name to gate methods like can()
## 2.11.0 - 2018-04-16
- Improve speed of permission lookups with findByName, findById, findOrCreate
## 2.10.0 - 2018-04-15
- changes the type-hinted Authenticatable to Authorizable in the PermissionRegistrar.
- (Previously it was expecting models to implement the Authenticatable contract; but really that should have been Authorizable, since that's where the Gate functionality really is.)
## 2.9.2 - 2018-03-12
- Now findOrCreate() exists for both Roles and Permissions
- Internal code refactoring for future dev work
## 2.9.1 - 2018-02-23
- Permissions now support passing integer id for sync, find, hasPermissionTo and hasDirectPermissionTo
## 2.9.0 - 2018-02-07
- add compatibility with Laravel 5.6
- Allow assign/sync/remove Roles from Permission model
## 2.8.2 - 2018-02-07
- Allow a collection containing a model to be passed to role/permission scopes
## 2.8.1 - 2018-02-03
- Fix compatibility with Spark v2.0 to v5.0
## 2.8.0 - 2018-01-25
- Support getting guard_name from extended model when using static methods
## 2.7.9 - 2018-01-23
Changes related to throwing UnauthorizedException:
- When UnauthorizedException is thrown, a property is added with the expected role/permission which triggered it
- A configuration option may be set to include the list of required roles/permissions in the message
## 2.7.8 - 2018-01-02
- REVERTED: Dynamic permission_id and role_id columns according to tables name
- NOTE: This Dynamic field naming was a breaking change, so we've removed it for now.
BEST NOT TO USE v2.7.7 if you've changed tablenames in the config file.
## 2.7.7 - 2017-12-31
- updated `HasPermissions::getStoredPermission` to allow a collection to be returned, and to fix query when passing multiple permissions
- Give and revoke multiple permissions
- Dynamic permission_id and role_id columns according to tables name
- Add findOrCreate function to Permission model
- Improved Lumen support
- Allow guard name to be null for find role by id
## 2.7.6 - 2017-11-27
- added Lumen support
- updated `HasRole::assignRole` and `HasRole::syncRoles` to accept role id's in addition to role names as arguments
## 2.7.5 - 2017-10-26
- fixed `Gate::before` for custom gate callbacks
## 2.7.4 - 2017-10-26
- added cache clearing command in `up` migration for permission tables
- use config_path helper for better Lumen support
## 2.7.3 - 2017-10-21
- refactor middleware to throw custom `UnauthorizedException` (which raises an HttpException with 403 response)
- The 403 response is backward compatible
## 2.7.2 - 2017-10-18
- refactor `PermissionRegistrar` to use `$gate->before()`
- removed `log_registration_exception` as it is no longer relevant
## 2.7.1 - 2017-10-12
- fixed a bug where `Role`s and `Permission`s got detached when soft deleting a model
## 2.7.0 - 2017-09-27
- add support for L5.3
## 2.6.0 - 2017-09-10
- add `permission` scope
## 2.5.4 - 2017-09-07
- register the blade directives in the register method of the service provider
## 2.5.3 - 2017-09-07
- register the blade directives in the boot method of the service provider
## 2.5.2 - 2017-09-05
- let middleware use caching
## 2.5.1 - 2017-09-02
- add getRoleNames() method to return a collection of assigned roles
## 2.5.0 - 2017-08-30
- add compatibility with Laravel 5.5
## 2.4.2 - 2017-08-11
- automatically detach roles and permissions when a user gets deleted
## 2.4.1 - 2017-08-05
- fix processing of pipe symbols in `@hasanyrole` and `@hasallroles` Blade directives
## 2.4.0 -2017-08-05
- add `PermissionMiddleware` and `RoleMiddleware`
## 2.3.2 - 2017-07-28
- allow `hasAnyPermission` to take an array of permissions
## 2.3.1 - 2017-07-27
- fix commands not using custom models
## 2.3.0 - 2017-07-25
- add `create-permission` and `create-role` commands
## 2.2.0 - 2017-07-01
- `hasanyrole` and `hasallrole` can accept multiple roles
## 2.1.6 - 2017-06-06
- fixed a bug where `hasPermissionTo` wouldn't use the right guard name
## 2.1.5 - 2017-05-17
- fixed a bug that didn't allow you to assign a role or permission when using multiple guards
## 2.1.4 - 2017-05-10
- add `model_type` to the primary key of tables that use a polymorphic relationship
## 2.1.3 - 2017-04-21
- fixed a bug where the role()/permission() relation to user models would be saved incorrectly
- added users() relation on Permission and Role
## 2.1.2 - 2017-04-20
- fix a bug where the `role()`/`permission()` relation to user models would be saved incorrectly
- add `users()` relation on `Permission` and `Role`
## 2.0.2 - 2017-04-13
- check for duplicates when adding new roles and permissions
## 2.0.1 - 2017-04-11
- fix the order of the `foreignKey` and `relatedKey` in the relations
## 2.0.0 - 2017-04-10
- Requires minimum Laravel 5.4
- cache expiration is now configurable and set to one day by default
- roles and permissions can now be assigned to any model through the `HasRoles` trait
- removed deprecated `hasPermission` method
- renamed config file from `laravel-permission` to `permission`.
## 1.17.0 - 2018-08-24
- added support for Laravel 5.7
## 1.16.0 - 2018-02-07
- added support for Laravel 5.6
## 1.15 - 2017-12-08
- allow `hasAnyPermission` to take an array of permissions
## 1.14.1 - 2017-10-26
- fixed `Gate::before` for custom gate callbacks
## 1.14.0 - 2017-10-18
- refactor `PermissionRegistrar` to use `$gate->before()`
- removed `log_registration_exception` as it is no longer relevant
## 1.13.0 - 2017-08-31
- added compatibility for Laravel 5.5
## 1.12.0
- made foreign key name to users table configurable
## 1.11.1
- `hasPermissionTo` uses the cache to avoid extra queries when it is called multiple times
## 1.11.0
- add `getDirectPermissions`, `getPermissionsViaRoles`, `getAllPermissions`
## 1.10.0 - 2017-02-22
- add `hasAnyPermission`
## 1.9.0 - 2017-02-20
- add `log_registration_exception` in settings file
- fix for ambiguous column name `id` when using the role scope
## 1.8.0 - 2017-02-09
- `hasDirectPermission` method is now public
## 1.7.0 - 2016-01-23
- added support for Laravel 5.4
## 1.6.1 - 2016-01-19
- make exception logging more verbose
## 1.6.0 - 2016-12-27
- added `Role` scope
## 1.5.3 - 2016-12-15
- moved some things to `boot` method in SP to solve some compatibility problems with other packages
## 1.5.2 - 2016-08-26
- make compatible with L5.3
## 1.5.1 - 2016-07-23
- fixes `givePermissionTo` and `assignRole` in Laravel 5.1
## 1.5.0 - 2016-07-23
** this version does not work in Laravel 5.1, please upgrade to version 1.5.1 of this package
- allowed `givePermissionTo` to accept multiple permissions
- allowed `assignRole` to accept multiple roles
- added `syncPermissions`-method
- added `syncRoles`-method
- dropped support for PHP 5.5 and HHVM
## 1.4.0 - 2016-05-08
- added `hasPermissionTo` function to the `Role` model
## 1.3.4 - 2016-02-27
- `hasAnyRole` can now properly process an array
## 1.3.3 - 2016-02-24
- `hasDirectPermission` can now accept a string
## 1.3.2 - 2016-02-23
- fixed user table configuration
## 1.3.1 - 2016-01-10
- fixed bug when testing for non existing permissions
## 1.3.0 - 2015-12-25
- added compatibility for Laravel 5.2
## 1.2.1 - 2015-12-22
- use database_path to publish migrations
## 1.2.0 - 2015-10-28
###Added
- support for custom models
## 1.1.0 - 2015-10-12
### Added
- Blade directives
- `hasAllRoles()`- and `hasAnyRole()`-functions
## 1.0.2 - 2015-10-11
### Fixed
- Fix for running phpunit locally
## 1.0.1 - 2015-09-30
### Fixed
- Fixed the inconsistent naming of the `hasPermission`-method.
## 1.0.0 - 2015-09-16
### Added
- Everything, initial release
================================================
FILE: LICENSE.md
================================================
The MIT License (MIT)
Copyright (c) Spatie bvba <info@spatie.be>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
================================================
FILE: README.md
================================================
<div align="left">
<a href="https://spatie.be/open-source?utm_source=github&utm_medium=banner&utm_campaign=laravel-permission">
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://spatie.be/packages/header/laravel-permission/html/dark.webp">
<img alt="Logo for laravel-permission" src="https://spatie.be/packages/header/laravel-permission/html/light.webp">
</picture>
</a>
<h1>Associate users with permissions and roles</h1>
[](https://packagist.org/packages/spatie/laravel-permission)
[](https://github.com/spatie/laravel-permission/actions?query=workflow%3ATests+branch%3Amain)
[](https://packagist.org/packages/spatie/laravel-permission)
</div>
## Documentation, Installation, and Usage Instructions
See the [documentation](https://spatie.be/docs/laravel-permission/) for detailed installation and usage instructions.
## What It Does
This package allows you to manage user permissions and roles in a database.
Once installed you can do stuff like this:
```php
// Adding permissions to a user
$user->givePermissionTo('edit articles');
// Adding permissions via a role
$user->assignRole('writer');
$role->givePermissionTo('edit articles');
```
Because all permissions will be registered on [Laravel's gate](https://laravel.com/docs/authorization), you can check if a user has a permission with Laravel's default `can` function:
```php
$user->can('edit articles');
```
## Support us
[<img src="https://github-ads.s3.eu-central-1.amazonaws.com/laravel-permission.jpg?t=1" width="419px" />](https://spatie.be/github-ad-click/laravel-permission)
We invest a lot of resources into creating [best in class open source packages](https://spatie.be/open-source). You can support us by [buying one of our paid products](https://spatie.be/open-source/support-us).
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on [our contact page](https://spatie.be/about-us). We publish all received postcards on [our virtual postcard wall](https://spatie.be/open-source/postcards).
## Changelog
Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.
## Contributing
Please see [CONTRIBUTING](https://github.com/spatie/.github/blob/main/CONTRIBUTING.md) for details.
### Testing
``` bash
composer test
```
### Security
If you discover any security-related issues, please email [security@spatie.be](mailto:security@spatie.be) instead of using the issue tracker.
## Postcardware
You're free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.
Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.
We publish all received postcards [on our company website](https://spatie.be/en/opensource/postcards).
## Credits
- [Chris Brown](https://github.com/drbyte)
- [Freek Van der Herten](https://github.com/freekmurze)
- [All Contributors](../../contributors)
This package is heavily based on [Jeffrey Way](https://twitter.com/jeffrey_way)'s awesome [Laracasts](https://laracasts.com) lessons
on [permissions and roles](https://laracasts.com/series/whats-new-in-laravel-5-1/episodes/16). His original code
can be found [in this repo on GitHub](https://github.com/laracasts/laravel-5-roles-and-permissions-demo).
Special thanks to [Alex Vanderbist](https://github.com/AlexVanderbist) who greatly helped with `v2`, and to [Chris Brown](https://github.com/drbyte) for his longtime support helping us maintain the package.
Special thanks to [Caneco](https://twitter.com/caneco) for the original logo.
## Alternatives
- [Povilas Korop](https://twitter.com/@povilaskorop) did an excellent job listing the alternatives [in an article on Laravel News](https://laravel-news.com/two-best-roles-permissions-packages). In that same article, he compares laravel-permission to [Joseph Silber](https://github.com/JosephSilber)'s [Bouncer]((https://github.com/JosephSilber/bouncer)), which in our book is also an excellent package.
- [santigarcor/laratrust](https://github.com/santigarcor/laratrust) implements team support
- [ultraware/roles](https://github.com/ultraware/roles) (archived) takes a slightly different approach to its features.
- [zizaco/entrust](https://github.com/zizaco/entrust) offers some wildcard pattern matching
## License
The MIT License (MIT). Please see [License File](LICENSE.md) for more information.
================================================
FILE: art/README.md
================================================
<p align="center">
<img src="/art/socialcard.png" width="1280" title="Social Card of Laravel Permission">
</p>
# Laravel Permission Art
The logo was inspired by the [Spatie](https://spatie.be) brand, and the well known minimal design of Laravel packages.
## Fonts
The logo is using the following fonts:
- [Inter 500](https://fonts.google.com/specimen/Inter#500)
- [Inter 600](https://fonts.google.com/specimen/Inter#600)
## Colors
| |#hex |rgb() |
|--- |--- |--- |
||`#E8F1F4`|`rgb(232,241,244)`|
||`#C6DDE4`|`rgb(198,221,228)`|
||`#A3C8D4`|`rgb(163,200,212)`|
||`#5E9EB3`|`rgb(94,158,179)` |
||`#197593`|`rgb(25,117,147)` |
||`#176984`|`rgb(23,105,132)` |
||`#0F4658`|`rgb(15,70,88)` |
||`#0B3542`|`rgb(11,53,66)` |
||`#08232C`|`rgb(8,35,44)` |
## Requirements
- A screen or a printer
## Installation
- Open the file
- *Right-click* on the image
- Choose **"Save image as…"** option
## Maintainers
**Laravel Permission** logo is designed and maintained by [Caneco](https://twitter.com/caneco).
## License
All rights reserved, but with the following extra conditions:
- It is **OK** to use the Laravel Permission logo in the following cases:
- In marketing materials for technical events, e.g. meetups, hackathons, conferences and workshops that are related to Laravel.
- In open source projects related to Laravel.
- In technical articles/videos/books/papers for educational purposes.
- To illustrate a commercial product.
- It is **NOT OK** to use the Laravel Permission logo in the following cases without prior written consent from the copyright owners:
- Using the Laravel Permission logo in a commercial product for purposes other than illustrating its integration.
- Sell physical products that uses the Laravel Permission logo or its variants, e.g. t-shirts.
By any means the owner reserves the right of final explanation for any use case not explicitly stated above.
================================================
FILE: composer.json
================================================
{
"name": "spatie/laravel-permission",
"description": "Permission handling for Laravel 12 and up",
"license": "MIT",
"keywords": [
"spatie",
"laravel",
"permission",
"permissions",
"roles",
"acl",
"rbac",
"security"
],
"authors": [
{
"name": "Freek Van der Herten",
"email": "freek@spatie.be",
"homepage": "https://spatie.be",
"role": "Developer"
}
],
"homepage": "https://github.com/spatie/laravel-permission",
"require": {
"php": "^8.4",
"illuminate/auth": "^12.0|^13.0",
"illuminate/container": "^12.0|^13.0",
"illuminate/contracts": "^12.0|^13.0",
"illuminate/database": "^12.0|^13.0",
"spatie/laravel-package-tools": "^1.0"
},
"require-dev": {
"larastan/larastan": "^3.9",
"laravel/passport": "^13.0",
"laravel/pint": "^1.0",
"orchestra/testbench": "^10.0|^11.0",
"pestphp/pest": "^3.0|^4.0",
"pestphp/pest-plugin-laravel": "^3.0|^4.1",
"phpstan/phpstan": "^2.1"
},
"minimum-stability": "dev",
"prefer-stable": true,
"autoload": {
"psr-4": {
"Spatie\\Permission\\": "src"
},
"files": [
"src/helpers.php"
]
},
"autoload-dev": {
"psr-4": {
"Spatie\\Permission\\Tests\\": "tests"
}
},
"config": {
"sort-packages": true,
"allow-plugins": {
"pestphp/pest-plugin": true
}
},
"extra": {
"branch-alias": {
"dev-main": "7.x-dev",
"dev-master": "7.x-dev"
},
"laravel": {
"providers": [
"Spatie\\Permission\\PermissionServiceProvider"
]
}
},
"scripts": {
"test": "pest",
"format": "pint",
"analyse": "echo 'Checking dependencies...' && composer require --dev larastan/larastan && phpstan analyse"
}
}
================================================
FILE: config/permission.php
================================================
<?php
return [
'models' => [
/*
* When using the "HasPermissions" trait from this package, we need to know which
* Eloquent model should be used to retrieve your permissions. Of course, it
* is often just the "Permission" model but you may use whatever you like.
*
* The model you want to use as a Permission model needs to implement the
* `Spatie\Permission\Contracts\Permission` contract.
*/
'permission' => Spatie\Permission\Models\Permission::class,
/*
* When using the "HasRoles" trait from this package, we need to know which
* Eloquent model should be used to retrieve your roles. Of course, it
* is often just the "Role" model but you may use whatever you like.
*
* The model you want to use as a Role model needs to implement the
* `Spatie\Permission\Contracts\Role` contract.
*/
'role' => Spatie\Permission\Models\Role::class,
],
'table_names' => [
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your roles. We have chosen a basic
* default value but you may easily change it to any table you like.
*/
'roles' => 'roles',
/*
* When using the "HasPermissions" trait from this package, we need to know which
* table should be used to retrieve your permissions. We have chosen a basic
* default value but you may easily change it to any table you like.
*/
'permissions' => 'permissions',
/*
* When using the "HasPermissions" trait from this package, we need to know which
* table should be used to retrieve your models permissions. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'model_has_permissions' => 'model_has_permissions',
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your models roles. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'model_has_roles' => 'model_has_roles',
/*
* When using the "HasRoles" trait from this package, we need to know which
* table should be used to retrieve your roles permissions. We have chosen a
* basic default value but you may easily change it to any table you like.
*/
'role_has_permissions' => 'role_has_permissions',
],
'column_names' => [
/*
* Change this if you want to name the related pivots other than defaults
*/
'role_pivot_key' => null, // default 'role_id',
'permission_pivot_key' => null, // default 'permission_id',
/*
* Change this if you want to name the related model primary key other than
* `model_id`.
*
* For example, this would be nice if your primary keys are all UUIDs. In
* that case, name this `model_uuid`.
*/
'model_morph_key' => 'model_id',
/*
* Change this if you want to use the teams feature and your related model's
* foreign key is other than `team_id`.
*/
'team_foreign_key' => 'team_id',
],
/*
* When set to true, the method for checking permissions will be registered on the gate.
* Set this to false if you want to implement custom logic for checking permissions.
*/
'register_permission_check_method' => true,
/*
* When set to true, Laravel\Octane\Events\OperationTerminated event listener will be registered
* this will refresh permissions on every TickTerminated, TaskTerminated and RequestTerminated
* NOTE: This should not be needed in most cases, but an Octane/Vapor combination benefited from it.
*/
'register_octane_reset_listener' => false,
/*
* Events will fire when a role or permission is assigned/unassigned:
* \Spatie\Permission\Events\RoleAttachedEvent
* \Spatie\Permission\Events\RoleDetachedEvent
* \Spatie\Permission\Events\PermissionAttachedEvent
* \Spatie\Permission\Events\PermissionDetachedEvent
*
* To enable, set to true, and then create listeners to watch these events.
*/
'events_enabled' => false,
/*
* Teams Feature.
* When set to true the package implements teams using the 'team_foreign_key'.
* If you want the migrations to register the 'team_foreign_key', you must
* set this to true before doing the migration.
* If you already did the migration then you must make a new migration to also
* add 'team_foreign_key' to 'roles', 'model_has_roles', and 'model_has_permissions'
* (view the latest version of this package's migration file)
*/
'teams' => false,
/*
* The class to use to resolve the permissions team id
*/
'team_resolver' => \Spatie\Permission\DefaultTeamResolver::class,
/*
* Passport Client Credentials Grant
* When set to true the package will use Passports Client to check permissions
*/
'use_passport_client_credentials' => false,
/*
* When set to true, the required permission names are added to exception messages.
* This could be considered an information leak in some contexts, so the default
* setting is false here for optimum safety.
*/
'display_permission_in_exception' => false,
/*
* When set to true, the required role names are added to exception messages.
* This could be considered an information leak in some contexts, so the default
* setting is false here for optimum safety.
*/
'display_role_in_exception' => false,
/*
* By default wildcard permission lookups are disabled.
* See documentation to understand supported syntax.
*/
'enable_wildcard_permission' => false,
/*
* The class to use for interpreting wildcard permissions.
* If you need to modify delimiters, override the class and specify its name here.
*/
// 'wildcard_permission' => Spatie\Permission\WildcardPermission::class,
/* Cache-specific settings */
'cache' => [
/*
* By default all permissions are cached for 24 hours to speed up performance.
* When permissions or roles are updated the cache is flushed automatically.
*/
'expiration_time' => \DateInterval::createFromDateString('24 hours'),
/*
* The cache key used to store all permissions.
*/
'key' => 'spatie.permission.cache',
/*
* You may optionally indicate a specific cache driver to use for permission and
* role caching using any of the `store` drivers listed in the cache.php config
* file. Using 'default' here means to use the `default` set in cache.php.
*/
'store' => 'default',
],
];
================================================
FILE: database/migrations/add_teams_fields.php.stub
================================================
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
$teams = config('permission.teams');
$tableNames = config('permission.table_names');
$columnNames = config('permission.column_names');
$pivotRole = $columnNames['role_pivot_key'] ?? 'role_id';
$pivotPermission = $columnNames['permission_pivot_key'] ?? 'permission_id';
if (! $teams) {
return;
}
throw_if(empty($tableNames), 'Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.');
throw_if(empty($columnNames['team_foreign_key'] ?? null), 'Error: team_foreign_key on config/permission.php not loaded. Run [php artisan config:clear] and try again.');
if (! Schema::hasColumn($tableNames['roles'], $columnNames['team_foreign_key'])) {
Schema::table($tableNames['roles'], function (Blueprint $table) use ($columnNames) {
$table->unsignedBigInteger($columnNames['team_foreign_key'])->nullable()->after('id');
$table->index($columnNames['team_foreign_key'], 'roles_team_foreign_key_index');
$table->dropUnique('roles_name_guard_name_unique');
$table->unique([$columnNames['team_foreign_key'], 'name', 'guard_name']);
});
}
if (! Schema::hasColumn($tableNames['model_has_permissions'], $columnNames['team_foreign_key'])) {
Schema::table($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames, $pivotPermission) {
$table->unsignedBigInteger($columnNames['team_foreign_key'])->default('1');
$table->index($columnNames['team_foreign_key'], 'model_has_permissions_team_foreign_key_index');
if (DB::getDriverName() !== 'sqlite') {
$table->dropForeign([$pivotPermission]);
}
$table->dropPrimary();
$table->primary([$columnNames['team_foreign_key'], $pivotPermission, $columnNames['model_morph_key'], 'model_type'],
'model_has_permissions_permission_model_type_primary');
if (DB::getDriverName() !== 'sqlite') {
$table->foreign($pivotPermission)
->references('id')
->on($tableNames['permissions'])
->cascadeOnDelete();
}
});
}
if (! Schema::hasColumn($tableNames['model_has_roles'], $columnNames['team_foreign_key'])) {
Schema::table($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames, $pivotRole) {
$table->unsignedBigInteger($columnNames['team_foreign_key'])->default('1');
$table->index($columnNames['team_foreign_key'], 'model_has_roles_team_foreign_key_index');
if (DB::getDriverName() !== 'sqlite') {
$table->dropForeign([$pivotRole]);
}
$table->dropPrimary();
$table->primary([$columnNames['team_foreign_key'], $pivotRole, $columnNames['model_morph_key'], 'model_type'],
'model_has_roles_role_model_type_primary');
if (DB::getDriverName() !== 'sqlite') {
$table->foreign($pivotRole)
->references('id')
->on($tableNames['roles'])
->cascadeOnDelete();
}
});
}
app('cache')
->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null)
->forget(config('permission.cache.key'));
}
/**
* Reverse the migrations.
*/
public function down(): void {}
};
================================================
FILE: database/migrations/create_permission_tables.php.stub
================================================
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
$teams = config('permission.teams');
$tableNames = config('permission.table_names');
$columnNames = config('permission.column_names');
$pivotRole = $columnNames['role_pivot_key'] ?? 'role_id';
$pivotPermission = $columnNames['permission_pivot_key'] ?? 'permission_id';
throw_if(empty($tableNames), 'Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.');
throw_if($teams && empty($columnNames['team_foreign_key'] ?? null), 'Error: team_foreign_key on config/permission.php not loaded. Run [php artisan config:clear] and try again.');
/**
* See `docs/prerequisites.md` for suggested lengths on 'name' and 'guard_name' if "1071 Specified key was too long" errors are encountered.
*/
Schema::create($tableNames['permissions'], static function (Blueprint $table) {
$table->id(); // permission id
$table->string('name');
$table->string('guard_name');
$table->timestamps();
$table->unique(['name', 'guard_name']);
});
/**
* See `docs/prerequisites.md` for suggested lengths on 'name' and 'guard_name' if "1071 Specified key was too long" errors are encountered.
*/
Schema::create($tableNames['roles'], static function (Blueprint $table) use ($teams, $columnNames) {
$table->id(); // role id
if ($teams || config('permission.testing')) { // permission.testing is a fix for sqlite testing
$table->unsignedBigInteger($columnNames['team_foreign_key'])->nullable();
$table->index($columnNames['team_foreign_key'], 'roles_team_foreign_key_index');
}
$table->string('name');
$table->string('guard_name');
$table->timestamps();
if ($teams || config('permission.testing')) {
$table->unique([$columnNames['team_foreign_key'], 'name', 'guard_name']);
} else {
$table->unique(['name', 'guard_name']);
}
});
Schema::create($tableNames['model_has_permissions'], static function (Blueprint $table) use ($tableNames, $columnNames, $pivotPermission, $teams) {
$table->unsignedBigInteger($pivotPermission);
$table->string('model_type');
$table->unsignedBigInteger($columnNames['model_morph_key']);
$table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_permissions_model_id_model_type_index');
$table->foreign($pivotPermission)
->references('id') // permission id
->on($tableNames['permissions'])
->cascadeOnDelete();
if ($teams) {
$table->unsignedBigInteger($columnNames['team_foreign_key']);
$table->index($columnNames['team_foreign_key'], 'model_has_permissions_team_foreign_key_index');
$table->primary([$columnNames['team_foreign_key'], $pivotPermission, $columnNames['model_morph_key'], 'model_type'],
'model_has_permissions_permission_model_type_primary');
} else {
$table->primary([$pivotPermission, $columnNames['model_morph_key'], 'model_type'],
'model_has_permissions_permission_model_type_primary');
}
});
Schema::create($tableNames['model_has_roles'], static function (Blueprint $table) use ($tableNames, $columnNames, $pivotRole, $teams) {
$table->unsignedBigInteger($pivotRole);
$table->string('model_type');
$table->unsignedBigInteger($columnNames['model_morph_key']);
$table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_roles_model_id_model_type_index');
$table->foreign($pivotRole)
->references('id') // role id
->on($tableNames['roles'])
->cascadeOnDelete();
if ($teams) {
$table->unsignedBigInteger($columnNames['team_foreign_key']);
$table->index($columnNames['team_foreign_key'], 'model_has_roles_team_foreign_key_index');
$table->primary([$columnNames['team_foreign_key'], $pivotRole, $columnNames['model_morph_key'], 'model_type'],
'model_has_roles_role_model_type_primary');
} else {
$table->primary([$pivotRole, $columnNames['model_morph_key'], 'model_type'],
'model_has_roles_role_model_type_primary');
}
});
Schema::create($tableNames['role_has_permissions'], static function (Blueprint $table) use ($tableNames, $pivotRole, $pivotPermission) {
$table->unsignedBigInteger($pivotPermission);
$table->unsignedBigInteger($pivotRole);
$table->foreign($pivotPermission)
->references('id') // permission id
->on($tableNames['permissions'])
->cascadeOnDelete();
$table->foreign($pivotRole)
->references('id') // role id
->on($tableNames['roles'])
->cascadeOnDelete();
$table->primary([$pivotPermission, $pivotRole], 'role_has_permissions_permission_id_role_id_primary');
});
app('cache')
->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null)
->forget(config('permission.cache.key'));
}
/**
* Reverse the migrations.
*/
public function down(): void
{
$tableNames = config('permission.table_names');
throw_if(empty($tableNames), 'Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.');
Schema::dropIfExists($tableNames['role_has_permissions']);
Schema::dropIfExists($tableNames['model_has_roles']);
Schema::dropIfExists($tableNames['model_has_permissions']);
Schema::dropIfExists($tableNames['roles']);
Schema::dropIfExists($tableNames['permissions']);
}
};
================================================
FILE: docs/_index.md
================================================
---
title: v7
slogan: Associate users with roles and permissions
githubUrl: https://github.com/spatie/laravel-permission
branch: main
---
================================================
FILE: docs/about-us.md
================================================
---
title: About us
---
[Spatie](https://spatie.be) is a webdesign agency based in Antwerp, Belgium.
Open source software is used in all projects we deliver. Laravel, Nginx, Ubuntu are just a few
of the free pieces of software we use every single day. For this, we are very grateful.
When we feel we have solved a problem in a way that can help other developers,
we release our code as open source software [on GitHub](https://spatie.be/opensource).
This package is heavily based on [Jeffrey Way](https://twitter.com/jeffrey_way)'s awesome [Laracasts](https://laracasts.com) lessons
on [permissions and roles](https://laracasts.com/series/whats-new-in-laravel-5-1/episodes/16). His original code
can be found [in this repo on GitHub](https://github.com/laracasts/laravel-5-roles-and-permissions-demo). And newer lessons on [mastering permissions in Laravel](https://laracasts.com/series/mastering-permissions-in-laravel) talk about other ways to implement some of these features as well.
Special thanks to [Alex Vanderbist](https://github.com/AlexVanderbist) who greatly helped with `v2`, and to [Chris Brown](https://github.com/drbyte) for his longtime support helping us maintain the package.
================================================
FILE: docs/advanced-usage/_index.md
================================================
---
title: Advanced usage
weight: 3
---
================================================
FILE: docs/advanced-usage/cache.md
================================================
---
title: Cache
weight: 5
---
Role and Permission data are cached to speed up performance.
## Automatic Cache Refresh Using Built-In Functions
When you **use the built-in functions** for manipulating roles and permissions, the cache is automatically reset for you, and relations are automatically reloaded for the current model record:
```php
// When handling permissions assigned to roles:
$role->givePermissionTo('edit articles');
$role->revokePermissionTo('edit articles');
$role->syncPermissions(params);
// When linking roles to permissions:
$permission->assignRole('writer');
$permission->removeRole('writer');
$permission->syncRoles(params);
```
HOWEVER, if you manipulate permission/role data directly in the database instead of calling the supplied methods, then you will not see the changes reflected in the application unless you manually reset the cache.
Additionally, because the Role and Permission models are Eloquent models which implement the `RefreshesPermissionCache` trait, creating and deleting Roles and Permissions will automatically clear the cache. If you have created your own models which do not extend the default models then you will need to implement the trait yourself.
**NOTE: User-specific role/permission assignments are kept in-memory.**
Examples:
```php
// These operations on a User do not call a cache-reset, because the User-related assignments are in-memory.
$user->assignRole('writer');
$user->removeRole('writer');
$user->syncRoles(params);
```
## Manual cache reset
To manually reset the cache for this package, you can run the following in your app code:
```php
app()->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
```
Or you can use an Artisan command:
```bash
php artisan permission:cache-reset
```
(This command is effectively an alias for `artisan cache:forget spatie.permission.cache` but respects the package config as well.)
## Octane cache reset
In many cases Octane will not need additional cache resets; however, if you find that cache results are stale or crossing over between requests, you can force a cache flush upon every Octane reset cycle by editing the `/config/permission.php` and setting `register_octane_reset_listener` to true.
## Cache Configuration Settings
This package allows you to customize cache-related operations via its config file. In most cases the defaults are fine; however, in a multitenancy situation you may wish to do some cache-prefix overrides when switching tenants. See below for more details.
### Cache Expiration Time
The default cache `expiration_time` is `24 hours`.
If you wish to alter the expiration time you may do so in the `config/permission.php` file, in the `cache` array.
### Cache Key
The default cache key is `spatie.permission.cache`.
We recommend not changing the cache "key" name. Usually changing it is a bad idea. More likely setting the cache `prefix` is better, as mentioned below.
### Cache Identifier / Prefix
Laravel Tip: If you are leveraging a caching service such as `redis` or `memcached` and there are other sites running on your server, you could run into cache clashes between apps.
To prevent other applications from accidentally using/changing your cached data, it is prudent to set your own cache `prefix` in Laravel's `/config/cache.php` to something unique for each application which shares the same caching service.
Most multi-tenant "packages" take care of this for you when switching tenants. Optionally you might need to change cache boot order by writing a custom [cache boostrapper](https://github.com/spatie/laravel-permission/discussions/2310#discussioncomment-10855389).
Tip: Most parts of your multitenancy app will relate to a single tenant during a given request lifecycle, so the following step will not be needed: However, in the less-common situation where your app might be switching between multiple tenants during a single request lifecycle (specifically: where changing the cache key/prefix (such as when switching between tenants) or switching the cache store), then after switching tenants or changing the cache configuration you will need to reinitialize the cache of the `PermissionRegistrar` so that the updated `CacheStore` and cache configuration are used.
```php
app()->make(\Spatie\Permission\PermissionRegistrar::class)->initializeCache();
```
### Custom Cache Store
You can configure the package to use any of the Cache Stores you've configured in Laravel's `config/cache.php`. This way you can point this package's caching to its own specified resource.
In `config/permission.php` set `cache.store` to the name of any one of the `config/cache.php` stores you've defined.
## Disabling Cache
Setting `'cache.store' => 'array'` in `config/permission.php` will effectively disable caching by this package between requests (it will only cache in-memory until the current request is completed processing, never persisting it).
Alternatively, in development mode you can bypass ALL of Laravel's caching between visits by setting `CACHE_DRIVER=array` in `.env`. You can see an example of this in the default `phpunit.xml` file that comes with a new Laravel install. Of course, don't do this in production though!
## File cache Store
This situation is not specific to this package, but is mentioned here due to the common question being asked.
If you are using the `File` cache Store and run into problems clearing the cache, it is most likely because your filesystem's permissions are preventing the PHP CLI from altering the cache files because the PHP-FPM process is running as a different user.
Work with your server administrator to fix filesystem ownership on your cache files.
## Database cache Store
TIP: If you have `CACHE_STORE=database` set in your `.env`, remember that [you must install Laravel's cache tables via a migration before performing any cache operations](https://laravel.com/docs/cache#prerequisites-database). If you fail to install those migrations, you'll run into errors like `Call to a member function perform() on null` when the cache store attempts to purge or update the cache. This package does strategic cache resets in various places, so may trigger that error if your app's cache dependencies aren't set up.
================================================
FILE: docs/advanced-usage/custom-permission-check.md
================================================
---
title: Custom Permission Check
weight: 6
---
## Default Permission Check Functionality
By default, this package registers a `Gate::before()` method call on [Laravel's gate](https://laravel.com/docs/authorization). This method is responsible for checking if the user has the required permission or not, for calls to `can()` helpers and most `model policies`. Whether a user has a permission or not is determined by checking the user's permissions stored in the database.
In the permission config file, `register_permission_check_method` is set to `true`, which means this package operates using the default behavior described above. Only set this to `false` if you want to bypass the default operation and implement your own custom logic for checking permissions, as described below.
## Using Custom Permission Check Functionality
However, in some cases, you might want to implement custom logic for checking if the user has a permission or not.
Let's say that your application uses access tokens for authentication and when issuing the tokens, you add a custom claim containing all the permissions the user has. In this case, if you want to check whether the user has the required permission or not based on the permissions in your custom claim in the access token, then you need to implement your own logic for handling this.
You could, for example, create a `Gate::before()` method call to handle this:
**/app/Providers/AppServiceProvider.php**
```php
use Illuminate\Support\Facades\Gate;
public function boot(): void
{
...
Gate::before(function ($user, $ability) {
return $user->hasTokenPermission($ability) ?: null;
});
}
```
Here `hasTokenPermission` is a **custom method you need to implement yourself, or call some other method on your model**.
================================================
FILE: docs/advanced-usage/events.md
================================================
---
title: Events
weight: 5
---
By default Events are not enabled, because not all apps need to fire events related to roles and permissions.
However, you may enable events by setting the `events_enabled => true` in `config/permission.php`
Note that the events can receive the role or permission details as a model ID or as an Eloquent record, or as an array or collection of ids or records. Be sure to inspect the parameter before acting on it.
## Available Events
The following events are available since `v7.0.0`:
```
\Spatie\Permission\Events\RoleAttachedEvent::class
\Spatie\Permission\Events\RoleDetachedEvent::class
\Spatie\Permission\Events\PermissionAttachedEvent::class
\Spatie\Permission\Events\PermissionDetachedEvent::class
```
Between `v6.15.0` and `v7.0.0` the events did not have "Event" as a suffix, so they were:
```
\Spatie\Permission\Events\RoleAttached::class
\Spatie\Permission\Events\RoleDetached::class
\Spatie\Permission\Events\PermissionAttached::class
\Spatie\Permission\Events\PermissionDetached::class
```
================================================
FILE: docs/advanced-usage/exceptions.md
================================================
---
title: Exceptions
weight: 3
---
If you need to override exceptions thrown by this package, you can simply use normal [Laravel practices for handling exceptions](https://laravel.com/docs/errors#rendering-exceptions).
An example is shown below for your convenience, but nothing here is specific to this package other than the name of the exception.
You can find all the exceptions added by this package in the code here: [https://github.com/spatie/laravel-permission/tree/main/src/Exceptions](https://github.com/spatie/laravel-permission/tree/main/src/Exceptions)
**/bootstrap/app.php**
```php
->withExceptions(function (Exceptions $exceptions) {
$exceptions->render(function (\Spatie\Permission\Exceptions\UnauthorizedException $e, $request) {
return response()->json([
'responseMessage' => 'You do not have the required authorization.',
'responseStatus' => 403,
]);
});
}
```
================================================
FILE: docs/advanced-usage/extending.md
================================================
---
title: Extending
weight: 4
---
## Adding fields to your models
You can add your own migrations to make changes to the role/permission tables, as you would for adding/changing fields in any other tables in your Laravel project.
Following that, you can add any necessary logic for interacting with those fields into your custom/extended Models.
Here is an example of adding a 'description' field to your Permissions and Roles tables:
```sh
php artisan make:migration add_description_to_permissions_tables
```
And in the migration file:
```php
public function up()
{
Schema::table('permissions', function (Blueprint $table) {
$table->string('description')->nullable();
});
Schema::table('roles', function (Blueprint $table) {
$table->string('description')->nullable();
});
}
```
Semi-Related article: [Adding Extra Fields To Pivot Table](https://quickadminpanel.com/blog/laravel-belongstomany-add-extra-fields-to-pivot-table/) (video)
## Adding a description to roles and permissions
A common question is "how do I add a description for my roles or permissions?".
By default, a 'description' field is not included in this package, to keep the model memory usage low, because not every app has a need for displayed descriptions.
But you are free to add it yourself if you wish. You can use the example above.
### Multiple Language Descriptions
If you need your 'description' to support multiple languages, simply use Laravel's built-in language features. You might prefer to rename the 'description' field in these migration examples from 'description' to 'description_key' for clarity.
## Extending User Models
Laravel's authorization features are available in models which implement the `Illuminate\Foundation\Auth\Access\Authorizable` trait.
By default Laravel does this in `\App\Models\User` by extending `Illuminate\Foundation\Auth\User`, in which the trait and `Illuminate\Contracts\Auth\Access\Authorizable` contract are declared.
If you are creating your own User models and wish Authorization features to be available, you need to implement `Illuminate\Contracts\Auth\Access\Authorizable` in one of those ways as well.
## Child User Models
Due to the nature of polymorphism and Eloquent's hard-coded mapping of model names in the database, setting relationships for child models that inherit permissions of the parent can be difficult (even near impossible depending on app requirements, especially when attempting to do inverse mappings). However, one thing you might consider if you need the child model to never have its own permissions/roles but to only use its parent's permissions/roles, is to [override the `getMorphClass` method on the model](https://github.com/laravel/framework/issues/17830#issuecomment-345619085).
eg: This could be useful, but only if you're willing to give up the child's independence for roles/permissions:
```php
public function getMorphClass()
{
return 'users';
}
```
## Extending Role and Permission Models
If you are extending or replacing the role/permission models, you will need to specify your new models in this package's `config/permission.php` file.
First be sure that you've published the configuration file (see the Installation instructions), and edit it to update the `models.role` and `models.permission` values to point to your new models.
Note the following requirements when extending/replacing the models:
### Extending
If you need to EXTEND the existing `Role` or `Permission` models note that:
- Your `Role` model needs to `extend` the `Spatie\Permission\Models\Role` model
- Your `Permission` model needs to `extend` the `Spatie\Permission\Models\Permission` model
- You need to update `config/permission.php` to specify your namespaced model
eg:
```php
<?php
namespace App\Models;
use Spatie\Permission\Models\Role as SpatieRole;
class Role extends SpatieRole
{
// You might set a public property like guard_name or connection, or override other Eloquent Model methods/properties
}
```
### Replacing
In MOST cases you will only EXTEND the models as described above.
In the rare case that you have need to REPLACE the existing `Role` or `Permission` models you need to keep the following things in mind:
- If you are REPLACING and NOT EXTENDING the existing Model, do the following (and do NOT extend as described above):
- Your `Role` model needs to implement the `Spatie\Permission\Contracts\Role` contract
- Your `Permission` model needs to implement the `Spatie\Permission\Contracts\Permission` contract
- You need to update `config/permission.php` to specify your namespaced model
================================================
FILE: docs/advanced-usage/other.md
================================================
---
title: Other
weight: 9
---
**Schema Diagram:**
You can find a schema diagram at [https://drawsql.app/templates/laravel-permission](https://drawsql.app/templates/laravel-permission)
================================================
FILE: docs/advanced-usage/phpstorm.md
================================================
---
title: PhpStorm Interaction
weight: 8
---
## Extending PhpStorm
> **Note**
> When using Laravel Idea plugin all directives are automatically added.
You may wish to extend PhpStorm to support Blade Directives of this package.
1. In PhpStorm, open Preferences, and navigate to **Languages and Frameworks -> PHP -> Blade**
(File | Settings | Languages & Frameworks | PHP | Blade)
2. Uncheck "Use default settings", then click on the `Directives` tab.
3. Add the following new directives for the laravel-permission package:
**role**
- has parameter = YES
- Prefix: `<?php if(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasRole', {`
- Suffix: `})): ?>`
--
**elserole**
- has parameter = YES
- Prefix: `<?php elseif(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasRole', {`
- Suffix: `})): ?>`
**endrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasrole**
- has parameter = YES
- Prefix: `<?php if(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasRole', {`
- Suffix: `})): ?>`
--
**endhasrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasanyrole**
- has parameter = YES
- Prefix: `<?php if(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasAnyRole', {`
- Suffix: `})): ?>`
--
**endhasanyrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasallroles**
- has parameter = YES
- Prefix: `<?php if(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasAllRoles', {`
- Suffix: `})): ?>`
--
**endhasallroles**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**unlessrole**
- has parameter = YES
- Prefix: `<?php if(! \\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasRole', {`
- Suffix: `})): ?>`
--
**endunlessrole**
- has parameter = NO
- Prefix: blank
- Suffix: blank
--
**hasexactroles**
- has parameter = YES
- Prefix: `<?php if(\\Spatie\\Permission\\PermissionServiceProvider::bladeMethodWrapper('hasExactRoles', {`
- Suffix: `})): ?>`
--
**endhasexactroles**
- has parameter = NO
- Prefix: blank
- Suffix: blank
================================================
FILE: docs/advanced-usage/seeding.md
================================================
---
title: Database Seeding
weight: 2
---
## Flush cache before/after seeding
You may discover that it is best to flush this package's cache **BEFORE seeding, to avoid cache conflict errors**.
And if you use the `WithoutModelEvents` trait in your seeders, flush it **AFTER creating any roles/permissions as well, before assigning or granting them**.
```php
// reset cached roles and permissions
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
```
You can optionally flush the cache before seeding by using the `SetUp()` method of your test suite (see the Testing page in the docs).
Or it can be done directly in a seeder class, as shown below.
## Database Cache Store
TIP: If you have `CACHE_STORE=database` set in your `.env`, remember that [you must install Laravel's cache tables via a migration before performing any cache operations](https://laravel.com/docs/cache#prerequisites-database). If you fail to install those migrations, you'll run into errors like `Call to a member function perform() on null` when the cache store attempts to purge or update the cache. This package does strategic cache resets in various places, so may trigger that error if your app's cache dependencies aren't set up.
## Roles/Permissions Seeder
Here is a sample seeder, which first clears the cache, creates permissions and then assigns permissions to roles (the order of these steps is intentional):
```php
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
class RolesAndPermissionsSeeder extends Seeder
{
public function run(): void
{
// Reset cached roles and permissions
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'edit articles']);
Permission::create(['name' => 'delete articles']);
Permission::create(['name' => 'publish articles']);
Permission::create(['name' => 'unpublish articles']);
// update cache to know about the newly created permissions (required if using WithoutModelEvents in seeders)
app()[\Spatie\Permission\PermissionRegistrar::class]->forgetCachedPermissions();
// create roles and assign created permissions
// this can be done as separate statements
$role = Role::create(['name' => 'writer']);
$role->givePermissionTo('edit articles');
// or may be done by chaining
$role = Role::create(['name' => 'moderator'])
->givePermissionTo(['publish articles', 'unpublish articles']);
$role = Role::create(['name' => 'super-admin']);
$role->givePermissionTo(Permission::all());
}
}
```
## User Seeding with Factories and States
To use Factory States to assign roles after creating users:
```php
// Factory:
public function definition() {...}
public function active(): static
{
return $this->state(fn (array $attributes) => [
'status' => 1,
])
->afterCreating(function (User $user) {
$user->assignRole('ActiveMember');
});
}
// Seeder:
// To create 4 users using this 'active' state in a Seeder:
User::factory(4)->active()->create();
```
To seed multiple users and then assign each of them a role, WITHOUT using Factory States:
```php
// Seeder:
User::factory()
->count(50)
->create()
->each(function ($user) {
$user->assignRole('Member');
});
```
## Speeding up seeding for large data sets
When seeding large quantities of roles or permissions you may consider using Eloquent's `insert` command instead of `create`, as this bypasses all the internal checks that this package does when calling `create` (including extra queries to verify existence, test guards, etc).
```php
$arrayOfPermissionNames = ['writer', 'editor'];
$permissions = collect($arrayOfPermissionNames)->map(function ($permission) {
return ['name' => $permission, 'guard_name' => 'web'];
});
Permission::insert($permissions->toArray());
```
Alternatively you could use `DB::insert`, as long as you also provide all the required data fields. One example of this is shown below ... but note that this example hard-codes the table names and field names, thus does not respect any customizations you may have in your permissions config file.
```php
$permissionsByRole = [
'admin' => ['restore posts', 'force delete posts'],
'editor' => ['create a post', 'update a post', 'delete a post'],
'viewer' => ['view all posts', 'view a post']
];
$insertPermissions = fn ($role) => collect($permissionsByRole[$role])
->map(fn ($name) => DB::table('permissions')->insertGetId(['name' => $name, 'guard_name' => 'web']))
->toArray();
$permissionIdsByRole = [
'admin' => $insertPermissions('admin'),
'editor' => $insertPermissions('editor'),
'viewer' => $insertPermissions('viewer')
];
foreach ($permissionIdsByRole as $role => $permissionIds) {
$role = Role::whereName($role)->first();
DB::table('role_has_permissions')
->insert(
collect($permissionIds)->map(fn ($id) => [
'role_id' => $role->id,
'permission_id' => $id
])->toArray()
);
}
// and also add the command to flush the cache again now after doing all these inserts
```
**CAUTION**: ANY TIME YOU DIRECTLY RUN DB QUERIES you are bypassing cache-control features. So you will need to manually flush the package cache AFTER running direct DB queries, even in a seeder.
================================================
FILE: docs/advanced-usage/testing.md
================================================
---
title: Testing
weight: 1
---
## Clear Cache During Tests
In your application's tests, if you are not seeding roles and permissions as part of your test `setUp()` then you may run into a chicken/egg situation where roles and permissions aren't registered with the gate (because your tests create them after that gate registration is done). Working around this is simple:
In your tests simply add a `setUp()` instruction to re-register the permissions, like this:
```php
protected function setUp(): void
{
// first include all the normal setUp operations
parent::setUp();
// now de-register all the roles and permissions by clearing the permission cache
$this->app->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
}
```
## Clear Cache When Using Seeders
If you are using Laravel's `LazilyRefreshDatabase` trait, you most likely want to avoid seeding permissions before every test, because that would negate the use of the `LazilyRefreshDatabase` trait. To overcome this, you should wrap your seeder in an event listener for the `DatabaseRefreshed` event:
```php
Event::listen(DatabaseRefreshed::class, function () {
$this->artisan('db:seed', ['--class' => RoleAndPermissionSeeder::class]);
$this->app->make(\Spatie\Permission\PermissionRegistrar::class)->forgetCachedPermissions();
});
```
Note that `PermissionRegistrar::forgetCachedPermissions()` is called AFTER seeding. This is to prevent a caching issue that can occur when the database is set up after permissions have already been registered and cached.
## Bypassing Cache When Testing
The caching infrastructure for this package is "always on", but when running your test suite you may wish to reduce its impact.
Two things you might wish to explore include:
- Change the cache driver to `array`. **Very often you will have already done this in your `phpunit.xml` configuration.**
- Shorten cache lifetime to 1 second, by setting the config (not necessary if cache driver is set to `array`) in your test suite TestCase:
`'permission.cache.expiration_time' = \DateInterval::createFromDateString('1 seconds')`
## Testing Using Factories
Many applications do not require using factories to create fake roles/permissions for testing, because they use a Seeder to create specific roles and permissions that the application uses; thus tests are performed using the declared roles and permissions.
However, if your application allows users to define their own roles and permissions you may wish to use Model Factories to generate roles and permissions as part of your test suite.
When using Laravel's class-based Model Factory features you will need to `extend` this package's `Role` and/or `Permission` model into your app's namespace, add the `HasFactory` trait to it, and define a model factory for it. Then you can use that factory in your seeders like any other factory related to your application's models.
================================================
FILE: docs/advanced-usage/timestamps.md
================================================
---
title: Timestamps
weight: 10
---
## Excluding Timestamps from JSON
If you want to exclude timestamps from JSON output of role/permission pivots, you can extend the Role and Permission models into your own App namespace and mark the pivot as hidden:
```php
protected $hidden = ['pivot'];
```
## Adding Timestamps to Pivots
If you want to add timestamps to your pivot tables, you can do it with a few steps:
- update the tables by calling `$table->timestamps();` in a migration
- extend the `Permission` and `Role` models and add `->withTimestamps();` to the `BelongsToMany` relationshps for `roles()` and `permissions()`
- update your `User` models (wherever you use the `HasRoles` or `HasPermissions` traits) by adding `->withTimestamps();` to the `BelongsToMany` relationships for `roles()` and `permissions()`
================================================
FILE: docs/advanced-usage/ui-options.md
================================================
---
title: UI Options
weight: 11
---
## Need a UI?
The package doesn't come with any UI/screens out of the box, you should build that yourself.
But: [do you really need a UI? Consider what Aaron and Joel have to say in this podcast episode](https://show.nocompromises.io/episodes/should-you-manage-roles-and-permissions-with-a-ui)
If you decide you need a UI, even if it's not for creating/editing role/permission names, but just for controlling which Users have access to which roles/permissions, following are some options to get you started:
- [Code With Tony - video series](https://www.youtube.com/watch?v=lGfV1ddMhHA) to create an admin panel for managing roles and permissions in Laravel 9.
- [FilamentPHP plugin](https://filamentphp.com/plugins/tharinda-rodrigo-spatie-roles-permissions) to manage roles and permissions using this package. (There are a few other Filament plugins which do similarly; use whichever suits your needs best.)
- If you'd like to build your own UI, and understand the underlying logic for Gates and Roles and Users, the [Laravel 6 User Login and Management With Roles](https://www.youtube.com/watch?v=7PpJsho5aak&list=PLxFwlLOncxFLazmEPiB4N0iYc3Dwst6m4) video series by Mark Twigg of Penguin Digital gives thorough coverage to the topic, the theory, and implementation of a basic Roles system, independent of this Permissions Package.
- [Laravel Nova package by @vyuldashev for managing Roles and Permissions](https://github.com/vyuldashev/nova-permission)
- [Laravel Nova package by @paras-malhotra for managing Roles and Permissions and permissions based authorization for Nova Resources](https://github.com/insenseanalytics/laravel-nova-permission)
- [How to create a UI for managing the permissions and roles](http://www.qcode.in/easy-roles-and-permissions-in-laravel-5-4/)
- [Laravel User Management for managing users, roles, permissions, departments and authorization](https://github.com/Mekaeil/LaravelUserManagement) by [Mekaeil](https://github.com/Mekaeil)
- [Generating UI boilerplate using InfyOm](https://youtu.be/hlGu2pa1bdU) video tutorial by [Shailesh](https://github.com/shailesh-ladumor)
- [LiveWire Base Admin Panel](https://github.com/aliqasemzadeh/bap) User management by [AliQasemzadeh](https://github.com/aliqasemzadeh)
- [JetAdmin](https://github.com/aliqasemzadeh/jetadmin) JetAdmin use laravel livewire starter kit and manage permissions. [AliQasemzadeh](https://github.com/aliqasemzadeh)
- [QuickPanel](https://github.com/aliqasemzadeh/quickpanel) Quick Panel (TALL Flowbite Starter Kit). [AliQasemzadeh](https://github.com/aliqasemzadeh)
================================================
FILE: docs/advanced-usage/uuid.md
================================================
---
title: UUID/ULID
weight: 7
---
If you're using UUIDs (ULID, GUID, etc) for your User models or Role/Permission models there are a few considerations to note.
> NOTE: THIS IS NOT A FULL LESSON ON HOW TO IMPLEMENT UUIDs IN YOUR APP.
Since each UUID implementation approach is different, some of these may or may not benefit you. As always, your implementation may vary.
We use "uuid" in the examples below. Adapt for ULID or GUID as needed.
## Migrations
You will need to update the `create_permission_tables.php` migration after creating it with `php artisan vendor:publish`. After making your edits, be sure to run the migration!
**User Models using UUIDs**
If your User models are using `uuid` instead of `unsignedBigInteger` then you'll need to reflect the change in the migration provided by this package. Something like the following would be typical, for **both** `model_has_permissions` and `model_has_roles` tables:
```diff
// note: this is done in two places in the default migration file, so edit both places:
- $table->unsignedBigInteger($columnNames['model_morph_key'])
+ $table->uuid($columnNames['model_morph_key'])
```
**Roles and Permissions using UUIDS**
If you also want the roles and permissions to use a UUID for their `id` value, then you'll need to change the id fields accordingly, and manually set the primary key.
```diff
Schema::create($tableNames['permissions'], function (Blueprint $table) {
- $table->bigIncrements('id'); // permission id
+ $table->uuid('uuid')->primary()->unique(); // permission id
//...
});
Schema::create($tableNames['roles'], function (Blueprint $table) {
- $table->bigIncrements('id'); // role id
+ $table->uuid('uuid')->primary()->unique(); // role id
//...
});
Schema::create($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames) {
- $table->unsignedBigInteger($pivotPermission);
+ $table->uuid($pivotPermission);
$table->string('model_type');
//...
$table->foreign($pivotPermission)
- ->references('id') // permission id
+ ->references('uuid') // permission id
->on($tableNames['permissions'])
->onDelete('cascade');
//...
Schema::create($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames) {
- $table->unsignedBigInteger($pivotRole);
+ $table->uuid($pivotRole);
//...
$table->foreign($pivotRole)
- ->references('id') // role id
+ ->references('uuid') // role id
->on($tableNames['roles'])
->onDelete('cascade');//...
Schema::create($tableNames['role_has_permissions'], function (Blueprint $table) use ($tableNames) {
- $table->unsignedBigInteger($pivotPermission);
- $table->unsignedBigInteger($pivotRole);
+ $table->uuid($pivotPermission);
+ $table->uuid($pivotRole);
$table->foreign($pivotPermission)
- ->references('id') // permission id
+ ->references('uuid') // permission id
->on($tableNames['permissions'])
->onDelete('cascade');
$table->foreign($pivotRole)
- ->references('id') // role id
+ ->references('uuid') // role id
->on($tableNames['roles'])
->onDelete('cascade');
```
## Configuration (OPTIONAL)
You might want to change the pivot table field name from `model_id` to `model_uuid`, just for semantic purposes.
For this, in the `permission.php` configuration file edit `column_names.model_morph_key`:
- OPTIONAL: Change to `model_uuid` instead of the default `model_id`.
```diff
'column_names' => [
/*
* Change this if you want to name the related pivots other than defaults
*/
'role_pivot_key' => null, //default 'role_id',
'permission_pivot_key' => null, //default 'permission_id',
/*
* Change this if you want to name the related model primary key other than
* `model_id`.
*
* For example, this would be nice if your primary keys are all UUIDs. In
* that case, name this `model_uuid`.
*/
- 'model_morph_key' => 'model_id',
+ 'model_morph_key' => 'model_uuid',
],
```
- If you extend the models into your app, be sure to list those models in your `permissions.php` configuration file. See the Extending section of the documentation and the Models section below.
## Models
If you want all the role/permission objects to have a UUID instead of an integer, you will need to Extend the default Role and Permission models into your own namespace in order to set some specific properties. (See the Extending section of the docs, where it explains requirements of Extending, as well as the `permissions.php` configuration settings you need to update.)
Examples:
Create new models, which extend the Role and Permission models of this package, and add Laravel's `HasUuids` trait (available since Laravel 9):
```bash
php artisan make:model Role
php artisan make:model Permission
```
`App\Model\Role.php`
```php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Spatie\Permission\Models\Role as SpatieRole;
class Role extends SpatieRole
{
use HasFactory;
use HasUuids;
protected $primaryKey = 'uuid';
}
```
`App\Model\Permission.php`
```php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Concerns\HasUuids;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Spatie\Permission\Models\Permission as SpatiePermission;
class Permission extends SpatiePermission
{
use HasFactory;
use HasUuids;
protected $primaryKey = 'uuid';
}
```
And edit `config/permission.php`
```diff
'models' => [
/*
* When using the "HasPermissions" trait from this package, we need to know which
* Eloquent model should be used to retrieve your permissions. Of course, it
* is often just the "Permission" model but you may use whatever you like.
*
* The model you want to use as a Permission model needs to implement the
* `Spatie\Permission\Contracts\Permission` contract.
*/
- 'permission' => Spatie\Permission\Models\Permission::class
+ 'permission' => \App\Models\Permission::class,
/*
* When using the "HasRoles" trait from this package, we need to know which
* Eloquent model should be used to retrieve your roles. Of course, it
* is often just the "Role" model but you may use whatever you like.
*
* The model you want to use as a Role model needs to implement the
* `Spatie\Permission\Contracts\Role` contract.
*/
- 'role' => Spatie\Permission\Models\Role::class,
+ 'role' => \App\Models\Role::class,
],
```
================================================
FILE: docs/basic-usage/_index.md
================================================
---
title: Basic Usage
weight: 1
---
================================================
FILE: docs/basic-usage/artisan.md
================================================
---
title: Artisan Commands
weight: 10
---
## Creating roles and permissions with Artisan Commands
You can create a role or permission from the console with artisan commands.
```bash
php artisan permission:create-role writer
```
```bash
php artisan permission:create-permission "edit articles"
```
When creating permissions/roles for specific guards you can specify the guard names as a second argument:
```bash
php artisan permission:create-role writer web
```
```bash
php artisan permission:create-permission "edit articles" web
```
When creating roles you can also create and link permissions at the same time:
```bash
php artisan permission:create-role writer web "create articles|edit articles"
```
When creating roles with teams enabled you can set the team id by adding the `--team-id` parameter:
```bash
php artisan permission:create-role --team-id=1 writer
php artisan permission:create-role writer api --team-id=1
```
## Displaying roles and permissions in the console
There is also a `show` command to show a table of roles and permissions per guard:
```bash
php artisan permission:show
```
## Resetting the Cache
When you use the built-in functions for manipulating roles and permissions, the cache is automatically reset for you, and relations are automatically reloaded for the current model record.
See the Advanced-Usage/Cache section of these docs for detailed specifics.
If you need to manually reset the cache for this package, you may use the following artisan command:
```bash
php artisan permission:cache-reset
```
Again, it is more efficient to use the API provided by this package, instead of manually clearing the cache.
================================================
FILE: docs/basic-usage/basic-usage.md
================================================
---
title: Basic Usage
weight: 1
---
## Add The Trait
First, add the `Spatie\Permission\Traits\HasRoles` trait to your `User` model(s):
```php
use Illuminate\Foundation\Auth\User as Authenticatable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
// ...
}
```
## Create A Permission
This package allows for users to be associated with permissions and roles. Every role is associated with multiple permissions.
A `Role` and a `Permission` are regular Eloquent models. They require a `name` and can be created like this:
```php
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
$role = Role::create(['name' => 'writer']);
$permission = Permission::create(['name' => 'edit articles']);
```
## Assign A Permission To A Role
A permission can be assigned to a role using either of these methods:
```php
$role->givePermissionTo($permission);
$permission->assignRole($role);
```
## Sync Permissions To A Role
Multiple permissions can be synced to a role using either of these methods:
```php
$role->syncPermissions($permissions);
$permission->syncRoles($roles);
```
## Remove Permission From A Role
A permission can be removed from a role using either of these methods:
```php
$role->revokePermissionTo($permission);
$permission->removeRole($role);
```
## Guard Name
If you're using multiple guards then the `guard_name` attribute must be set as well. Read about it in the [using multiple guards](./multiple-guards) documentation.
## Get Permissions For A User
The `HasRoles` trait adds Eloquent relationships to your models, which can be accessed directly or used as a base query:
```php
// get a list of all permissions directly assigned to the user
$permissionNames = $user->getPermissionNames(); // collection of name strings
$permissions = $user->permissions; // collection of permission objects
// get all permissions for the user, either directly, or from roles, or from both
$permissions = $user->getDirectPermissions();
$permissions = $user->getPermissionsViaRoles();
$permissions = $user->getAllPermissions();
// get the names of the user's roles
$roles = $user->getRoleNames(); // Returns a collection
```
## Scopes
The `HasRoles` trait also adds `role` and `withoutRole` scopes to your models to scope the query to certain roles or permissions:
```php
$users = User::role('writer')->get(); // Returns only users with the role 'writer'
$nonEditors = User::withoutRole('editor')->get(); // Returns only users without the role 'editor'
```
The `role` and `withoutRole` scopes can accept a string, a `\Spatie\Permission\Models\Role` object or an `\Illuminate\Support\Collection` object.
The same trait also adds scopes to only get users that have or don't have a certain permission.
```php
$users = User::permission('edit articles')->get(); // Returns only users with the permission 'edit articles' (inherited or directly)
$usersWhoCannotEditArticles = User::withoutPermission('edit articles')->get(); // Returns all users without the permission 'edit articles' (inherited or directly)
```
The scope can accept a string, a `\Spatie\Permission\Models\Permission` object or an `\Illuminate\Support\Collection` object.
## Eloquent Calls
Since Role and Permission models are extended from Eloquent models, basic Eloquent calls can be used as well:
```php
$allUsersWithAllTheirRoles = User::with('roles')->get();
$allUsersWithAllTheirDirectPermissions = User::with('permissions')->get();
$allRolesInDatabase = Role::all()->pluck('name');
$usersWithoutAnyRoles = User::doesntHave('roles')->get();
$allRolesExceptAandB = Role::whereNotIn('name', ['role A', 'role B'])->get();
```
## Counting Users Having A Role
One way to count all users who have a certain role is by filtering the collection of all Users with their Roles:
```php
$managersCount = User::with('roles')->get()->filter(
fn ($user) => $user->roles->where('name', 'Manager')->toArray()
)->count();
```
================================================
FILE: docs/basic-usage/blade-directives.md
================================================
---
title: Blade directives
weight: 7
---
## Permissions
This package lets you use Laravel's native `@can` directive to check if a user has a certain permission (whether you gave them that permission directly or if you granted it indirectly via a role):
```php
@can('edit articles')
//
@endcan
```
or
```php
@if(auth()->user()->can('edit articles') && $some_other_condition)
//
@endif
```
You can use `@can`, `@cannot`, `@canany`, and `@guest` to test for permission-related access.
When using a permission-name associated with permissions created in this package, you can use `@can('permission-name', 'guard_name')` if you need to check against a specific guard.
Example:
```php
@can('edit articles', 'guard_name')
//
@endcan
```
You can also use `@haspermission('permission-name')` or `@haspermission('permission-name', 'guard_name')` in similar fashion. With corresponding `@endhaspermission`.
There is no `@hasanypermission` directive: use `@canany` instead.
## Roles
As discussed in the Best Practices section of the docs, **it is strongly recommended to always use permission directives**, instead of role directives.
Additionally, if your reason for testing against Roles is for a Super-Admin, see the *Defining A Super-Admin* section of the docs.
If you actually need to directly test for Roles, this package offers some Blade directives to verify whether the currently logged in user has all or any of a given list of roles.
Optionally you can pass in the `guard` that the check will be performed on as a second argument.
## Blade and Roles
Check for a specific role:
```php
@role('writer')
I am a writer!
@else
I am not a writer...
@endrole
```
is the same as
```php
@hasrole('writer')
I am a writer!
@else
I am not a writer...
@endhasrole
```
which is also the same as
```php
@if(auth()->user()->hasRole('writer'))
//
@endif
```
Check for any role in a list:
```php
@hasanyrole($collectionOfRoles)
I have one or more of these roles!
@else
I have none of these roles...
@endhasanyrole
// or
@hasanyrole('writer|admin')
I am either a writer or an admin or both!
@else
I have none of these roles...
@endhasanyrole
```
Check for all roles:
```php
@hasallroles($collectionOfRoles)
I have all of these roles!
@else
I do not have all of these roles...
@endhasallroles
// or
@hasallroles('writer|admin')
I am both a writer and an admin!
@else
I do not have all of these roles...
@endhasallroles
```
Alternatively, `@unlessrole` gives the reverse for checking a singular role, like this:
```php
@unlessrole('does not have this role')
I do not have the role
@else
I do have the role
@endunlessrole
```
You can also determine if a user has exactly all of a given list of roles:
```php
@hasexactroles('writer|admin')
I am both a writer and an admin and nothing else!
@else
I do not have all of these roles or have more other roles...
@endhasexactroles
```
================================================
FILE: docs/basic-usage/direct-permissions.md
================================================
---
title: Direct Permissions
weight: 2
---
## Best Practice
INSTEAD OF DIRECT PERMISSIONS, it is better to assign permissions to Roles, and then assign Roles to Users.
See the [Roles vs Permissions](../best-practices/roles-vs-permissions) section of the docs for a deeper explanation.
HOWEVER, If you have reason to directly assign individual permissions to specific users (instead of to roles which are assigned to those users), you can do that as well:
## Direct Permissions to Users
### Giving/Revoking direct permissions
A permission can be given to any user:
```php
$user->givePermissionTo('edit articles');
// You can also give multiple permission at once
$user->givePermissionTo('edit articles', 'delete articles');
// You may also pass an array
$user->givePermissionTo(['edit articles', 'delete articles']);
```
A permission can be revoked from a user:
```php
$user->revokePermissionTo('edit articles');
```
Or revoke & add new permissions in one go:
```php
$user->syncPermissions(['edit articles', 'delete articles']);
```
## Checking Direct Permissions
Like all permissions assigned via roles, you can check if a user has a permission by using Laravel's default `can` function. This will also allow you to use Super-Admin features provided by Laravel's Gate:
```php
$user->can('edit articles');
```
> NOTE: The following `hasPermissionTo`, `hasAnyPermission`, `hasAllPermissions` functions do not support Super-Admin functionality. Use `can`, `canAny` instead.
You can check if a user has a permission:
```php
$user->hasPermissionTo('edit articles');
```
Or you may pass an integer representing the permission id
```php
$user->hasPermissionTo('1');
$user->hasPermissionTo(Permission::find(1)->id);
$user->hasPermissionTo($somePermission->id);
```
You can check if a user has Any of an array of permissions:
```php
$user->hasAnyPermission(['edit articles', 'publish articles', 'unpublish articles']);
```
...or if a user has All of an array of permissions:
```php
$user->hasAllPermissions(['edit articles', 'publish articles', 'unpublish articles']);
```
You may also pass integers to lookup by permission id
```php
$user->hasAnyPermission(['edit articles', 1, 5]);
```
================================================
FILE: docs/basic-usage/enums.md
================================================
---
title: Enums
weight: 4
---
## Enum Prerequisites
Internally, Enums implicitly implement `\BackedEnum`, which is how this package recognizes that you're passing an Enum.
NOTE: Presently (versions 6, 7) this package does not support using `$casts` to specify enums on the `Permission` model. You can still use enums to reference things as shown below, just without declaring it in a `$casts` property.
## Code Requirements
You can create your Enum object for use with Roles and/or Permissions. You will probably create separate Enums for Roles and for Permissions, although if your application needs are simple you might choose a single Enum for both.
Usually the list of application Roles is much shorter than the list of Permissions, so having separate objects for them can make them easier to manage.
Here is an example Enum for Roles. You would do similarly for Permissions.
```php
namespace App\Enums;
enum RolesEnum: string
{
// case NAMEINAPP = 'name-in-database';
case WRITER = 'writer';
case EDITOR = 'editor';
case USERMANAGER = 'user-manager';
// extra helper to allow for greater customization of displayed values, without disclosing the name/value data directly
public function label(): string
{
return match ($this) {
static::WRITER => 'Writers',
static::EDITOR => 'Editors',
static::USERMANAGER => 'User Managers',
};
}
}
```
## Creating Roles/Permissions using Enums
When **creating** roles/permissions, you cannot pass an Enum name directly, because Eloquent expects a string for the name.
Use Laravel's `enum_value()` function for simplicity:
```php
$role = app(Role::class)->findOrCreate(enum_value(RolesEnum::WRITER), 'web');
```
Same with creating Permissions.
### Authorizing using Enums
In your application code, when checking for authorization using features of this package, you can use `MyEnum::NAME` directly in most cases, without passing `->value` to convert to a string.
There may occasionally be times where you will need to manually fallback to adding `->value` (eg: `MyEnum::NAME->value`) when using features that aren't aware of Enum support, such as when you need to pass `string` values instead of an `Enum` to a function that doesn't recognize Enums. Again, wrap it with `enum_value()` as a simple workaround.
Examples:
```php
// the following are identical because `hasPermissionTo` is aware of `BackedEnum` support:
$user->hasPermissionTo(PermissionsEnum::VIEWPOSTS);
$user->hasPermissionTo(PermissionsEnum::VIEWPOSTS->value);
$user->hasPermissionTo(enum_value(PermissionsEnum::VIEWPOSTS));
// Blade directives:
@can(enum_value(PermissionsEnum::VIEWPOSTS))
```
## Package methods supporting BackedEnums:
The following methods of this package support passing `BackedEnum` parameters directly:
```php
$user->assignRole(RolesEnum::WRITER);
$user->removeRole(RolesEnum::EDITOR);
$role->givePermissionTo(PermissionsEnum::EDITPOSTS);
$role->revokePermissionTo(PermissionsEnum::EDITPOSTS);
$user->givePermissionTo(PermissionsEnum::EDITPOSTS);
$user->revokePermissionTo(PermissionsEnum::EDITPOSTS);
$user->hasPermissionTo(PermissionsEnum::EDITPOSTS);
$user->hasAnyPermission([PermissionsEnum::EDITPOSTS, PermissionsEnum::VIEWPOSTS]);
$user->hasDirectPermission(PermissionsEnum::EDITPOSTS);
$user->hasRole(RolesEnum::WRITER);
$user->hasAllRoles([RolesEnum::WRITER, RolesEnum::EDITOR]);
$user->hasExactRoles([RolesEnum::WRITER, RolesEnum::EDITOR, RolesEnum::MANAGER]);
```
================================================
FILE: docs/basic-usage/middleware.md
================================================
---
title: Middleware
weight: 11
---
## Default Middleware
For checking against a single permission (see Best Practices) using `can`, you can use the built-in Laravel middleware provided by `\Illuminate\Auth\Middleware\Authorize::class` like this:
```php
Route::group(['middleware' => ['can:publish articles']], function () { ... });
// or with static method
Route::group(['middleware' => [\Illuminate\Auth\Middleware\Authorize::using('publish articles')]], function () { ... });
```
## Package Middleware
**See a typo? Note that since v6 the _'Middleware'_ namespace is singular. Prior to v6 it was _'Middlewares'_. Time to upgrade your implementation!**
This package comes with `RoleMiddleware`, `PermissionMiddleware` and `RoleOrPermissionMiddleware` middleware.
You can register their aliases for easy reference elsewhere in your app:
Open `/bootstrap/app.php` and register them there:
```php
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'role' => \Spatie\Permission\Middleware\RoleMiddleware::class,
'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
'role_or_permission' => \Spatie\Permission\Middleware\RoleOrPermissionMiddleware::class,
]);
})
```
### Middleware Priority
If your app is triggering *404 Not Found* responses when a *403 Not Authorized* response might be expected, it might be a middleware priority clash. Explore reordering priorities so that this package's middleware runs before Laravel's `SubstituteBindings` middleware. (See [Middleware docs](https://laravel.com/docs/master/middleware#sorting-middleware) ).
If needed, you could optionally explore `$middleware->prependToGroup()` instead. See the Laravel Documentation for details.
## Using Middleware in Routes and Controllers
After you have registered the aliases as shown above, you can use them in your Routes and Controllers much the same way you use any other middleware:
### Routes
```php
Route::group(['middleware' => ['role:manager']], function () { ... });
Route::group(['middleware' => ['permission:publish articles']], function () { ... });
Route::group(['middleware' => ['role_or_permission:publish articles']], function () { ... });
// for a specific guard:
Route::group(['middleware' => ['role:manager,api']], function () { ... });
// multiple middleware
Route::group(['middleware' => ['role:manager','permission:publish articles']], function () { ... });
```
You can specify multiple roles or permissions with a `|` (pipe) character, which is treated as `OR`:
```php
Route::group(['middleware' => ['role:manager|writer']], function () { ... });
Route::group(['middleware' => ['permission:publish articles|edit articles']], function () { ... });
Route::group(['middleware' => ['role_or_permission:manager|edit articles']], function () { ... });
// for a specific guard
Route::group(['middleware' => ['permission:publish articles|edit articles,api']], function () { ... });
```
### Controllers
If your controller implements the `HasMiddleware` interface, you can register [controller middleware](https://laravel.com/docs/12.x/controllers#controller-middleware) using the `middleware()` method:
```php
public static function middleware(): array
{
return [
// examples with aliases, pipe-separated names, guards, etc:
'role_or_permission:manager|edit articles',
new Middleware('role:author', only: ['index']),
new Middleware(\Spatie\Permission\Middleware\RoleMiddleware::using('manager'), except:['show']),
new Middleware(\Spatie\Permission\Middleware\PermissionMiddleware::using('delete records,api'), only:['destroy']),
];
}
```
You can also use Laravel's Model Policy feature in your controller methods. See the Model Policies section of these docs.
## Middleware via Static Methods
All of the middleware can also be applied by calling the static `using` method, which accepts either an array or a `|`-separated string as input.
```php
Route::group(['middleware' => [\Spatie\Permission\Middleware\RoleMiddleware::using('manager')]], function () { ... });
Route::group(['middleware' => [\Spatie\Permission\Middleware\PermissionMiddleware::using('publish articles|edit articles')]], function () { ... });
Route::group(['middleware' => [\Spatie\Permission\Middleware\RoleOrPermissionMiddleware::using(['manager', 'edit articles'])]], function () { ... });
```
================================================
FILE: docs/basic-usage/multiple-guards.md
================================================
---
title: Using multiple guards
weight: 9
---
When using the default Laravel auth configuration all of the core methods of this package will work out of the box, with no extra configuration required.
However, when using multiple guards they will act like namespaces for your permissions and roles: Every guard has its own set of permissions and roles that can be assigned to its user model.
## The Downside To Multiple Guards
Note that this package requires you to register a permission name (same for roles) for each guard you want to authenticate with. So, "edit-article" would have to be created multiple times for each guard your app uses. An exception will be thrown if you try to authenticate against a non-existing permission+guard combination. Same for roles.
> **Tip**: If your app uses only a single guard, but it is not `web` (Laravel's default, which shows "first" in the auth config file) then change the order of your listed guards in your `config/auth.php` to list your primary guard as the default and as the first in the list of defined guards. While you're editing that file, it is best to remove any guards you don't use, too.
>
> OR you could use the suggestion below to force the use of a single guard:
## Forcing Use Of A Single Guard
If your app structure does NOT differentiate between guards when it comes to roles/permissions, (ie: if ALL your roles/permissions are the SAME for ALL guards), you can override the `getDefaultGuardName` function by adding it to your User model, and specifying your desired `$guard_name`. Then you only need to create roles/permissions for that single `$guard_name`, not duplicating them. The example here sets it to `web`, but use whatever your application's default is:
```php
protected string $guard_name = 'web';
protected function getDefaultGuardName(): string { return $this->guard_name; }
````
## Using permissions and roles with multiple guards
When creating new permissions and roles, if no guard is specified, then the **first** defined guard in `auth.guards` config array will be used.
```php
// Create a manager role for users authenticating with the admin guard:
$role = Role::create(['guard_name' => 'admin', 'name' => 'manager']);
// Define a `publish articles` permission for the admin users belonging to the admin guard
$permission = Permission::create(['guard_name' => 'admin', 'name' => 'publish articles']);
// Define a *different* `publish articles` permission for the regular users belonging to the web guard
$permission = Permission::create(['guard_name' => 'web', 'name' => 'publish articles']);
```
To check if a user has permission for a specific guard:
```php
$user->hasPermissionTo('publish articles', 'admin');
```
> **Note**: When determining whether a role/permission is valid on a given model, it checks against the first matching guard in this order (it does NOT check role/permission for EACH possibility, just the first match):
- first the guardName() method if it exists on the model (may return a string or array);
- then the `$guard_name` property if it exists on the model (may return a string or array);
- then the first-defined guard/provider combination in the `auth.guards` config array that matches the loaded model's guard;
- then the `auth.defaults.guard` config (which is the user's guard if they are logged in, else the default in the file).
## Assigning permissions and roles to guard users
You can use the same core methods to assign permissions and roles to users; just make sure the `guard_name` on the permission or role matches the guard of the user, otherwise a `GuardDoesNotMatch` or `Role/PermissionDoesNotExist` exception will be thrown.
If your User is able to consume multiple roles or permissions from different guards; make sure the User class's `$guard_name` property or `guardName()` method returns all allowed guards as an array:
```php
protected $guard_name = ['web', 'admin'];
````
or
```php
public function guardName() { return ['web', 'admin']; }
````
## Using blade directives with multiple guards
You can use all of the blade directives offered by this package by passing in the guard you wish to use as the second argument to the directive:
```php
@role('super-admin', 'admin')
I am a super-admin!
@else
I am not a super-admin...
@endrole
```
================================================
FILE: docs/basic-usage/new-app.md
================================================
---
title: Example App
weight: 90
---
## Creating A Demo App
If you want to just try out the features of this package you can get started with the following.
The examples on this page are primarily added for assistance in creating a quick demo app for troubleshooting purposes, to post the repo on github for convenient sharing to collaborate or get support.
If you're new to Laravel or to any of the concepts mentioned here, you can learn more in the [Laravel documentation](https://laravel.com/docs/) and in the free videos at Laracasts such as with the [Laravel 11 in 30 days](https://laracasts.com/series/30-days-to-learn-laravel-11) or [Laravel 8 From Scratch](https://laracasts.com/series/laravel-8-from-scratch/) series.
### Initial setup:
```sh
cd ~/Sites
laravel new mypermissionsdemo
# (No Starter Kit is needed, but you could go with Livewire or Breeze/Jetstream, with Laravel's Built-In-Auth; or use Bootstrap using laravel/ui described later, below)
# (You might be asked to select a dark-mode-support choice)
# (Choose your desired testing framework: Pest or PHPUnit)
# (If offered, say Yes to initialize a Git repo, so that you can track your code changes)
# (If offered a database selection, choose SQLite, because it is simplest for test scenarios)
# (If prompted, say Yes to run default database migrations)
# (If prompted, say Yes to run npm install and related commands)
cd mypermissionsdemo
# The following git commands are not needed if you Initialized a git repo while "laravel new" was running above:
git init
git add .
git commit -m "Fresh Laravel Install"
# These Environment steps are not needed if you already selected SQLite while "laravel new" was running above:
cp -n .env.example .env
sed -i '' 's/DB_CONNECTION=mysql/DB_CONNECTION=sqlite/' .env
sed -i '' 's/DB_DATABASE=/#DB_DATABASE=/' .env
touch database/database.sqlite
# Package
composer require spatie/laravel-permission
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
git add .
git commit -m "Add Spatie Laravel Permissions package"
php artisan migrate:fresh
# Add `HasRoles` trait to User model
sed -i '' $'s/use HasFactory, Notifiable;/use HasFactory, Notifiable;\\\n use \\\\Spatie\\\\Permission\\\\Traits\\\\HasRoles;/' app/Models/User.php
sed -i '' $'s/use HasApiTokens, HasFactory, Notifiable;/use HasApiTokens, HasFactory, Notifiable;\\\n use \\\\Spatie\\\\Permission\\\\Traits\\\\HasRoles;/' app/Models/User.php
git add . && git commit -m "Add HasRoles trait"
```
If you didn't install a Starter Kit like Livewire or Breeze or Jetstream, add Laravel's basic auth scaffolding:
This Auth scaffolding will make it simpler to provide login capability for a test/demo user, and test roles/permissions with them.
```php
composer require laravel/ui --dev
php artisan ui bootstrap --auth
# npm install && npm run build
git add . && git commit -m "Setup auth scaffold"
```
### Add some basic permissions
- Add a new file, `/database/seeders/PermissionsDemoSeeder.php` such as the following (You could create it with `php artisan make:seed` and then edit the file accordingly):
```php
<?php
namespace Database\Seeders;
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
use Spatie\Permission\PermissionRegistrar;
class PermissionsDemoSeeder extends Seeder
{
/**
* Create the initial roles and permissions.
*/
public function run(): void
{
// Reset cached roles and permissions
app()[PermissionRegistrar::class]->forgetCachedPermissions();
// create permissions
Permission::create(['name' => 'edit articles']);
Permission::create(['name' => 'delete articles']);
Permission::create(['name' => 'publish articles']);
Permission::create(['name' => 'unpublish articles']);
// create roles and assign existing permissions
$role1 = Role::create(['name' => 'writer']);
$role1->givePermissionTo('edit articles');
$role1->givePermissionTo('delete articles');
$role2 = Role::create(['name' => 'admin']);
$role2->givePermissionTo('publish articles');
$role2->givePermissionTo('unpublish articles');
$role3 = Role::create(['name' => 'Super-Admin']);
// gets all permissions via Gate::before rule; see AuthServiceProvider
// create demo users
$user = \App\Models\User::factory()->create([
'name' => 'Example User',
'email' => 'tester@example.com',
]);
$user->assignRole($role1);
$user = \App\Models\User::factory()->create([
'name' => 'Example Admin User',
'email' => 'admin@example.com',
]);
$user->assignRole($role2);
$user = \App\Models\User::factory()->create([
'name' => 'Example Super-Admin User',
'email' => 'superadmin@example.com',
]);
$user->assignRole($role3);
}
}
```
- re-migrate and seed the database:
```sh
php artisan migrate:fresh --seed --seeder=PermissionsDemoSeeder
```
### Grant Super-Admin access
Super-Admins are a common feature. The following approach allows that when your Super-Admin user is logged in, all permission-checks in your app which call `can()` or `@can()` will return true.
- Create a role named `Super-Admin`. (Or whatever name you wish; but use it consistently just like you must with any role name.)
- Add a Gate::before check in your `AuthServiceProvider` (or `AppServiceProvider` since Laravel 11):
```diff
+ use Illuminate\Support\Facades\Gate;
public function boot()
{
+ // Implicitly grant "Super-Admin" role all permission checks using can()
+ Gate::before(function ($user, $ability) {
+ if ($user->hasRole('Super-Admin')) {
+ return true;
+ }
+ });
}
```
### Application Code
The permissions created in the seeder above imply that there will be some sort of Posts or Article features, and that various users will have various access control levels to manage/view those objects.
Your app will have Models, Controllers, routes, Views, Factories, Policies, Tests, middleware, and maybe additional Seeders.
You can see examples of these in the demo app at https://github.com/drbyte/spatie-permissions-demo/
### Quick Examples
If you are creating a demo app for reporting a bug or getting help with troubleshooting something, skip this section and proceed to "Sharing" below.
If this is your first app with this package, you may want some quick permission examples to see it in action. If you've set up your app using the instructions above, the following examples will work in conjunction with the users and permissions created in the seeder.
Three users were created: tester@example.com, admin@example.com, superadmin@example.com and the password for each is "password".
`/resources/views/dashboard.php`
```diff
<div class="p-6 text-gray-900">
{{ __("You're logged in!") }}
</div>
+ @can('edit articles')
+ You can EDIT ARTICLES.
+ @endcan
+ @can('publish articles')
+ You can PUBLISH ARTICLES.
+ @endcan
+ @can('only super-admins can see this section')
+ Congratulations, you are a super-admin!
+ @endcan
```
With the above code, when you login with each respective user, you will see different messages based on that access.
Here's a routes example with Breeze and Laravel 11.
Edit `/routes/web.php`:
```diff
-Route::middleware('auth')->group(function () {
+Route::middleware('role_or_permission:publish articles')->group(function () {
Route::get('/profile', [ProfileController::class, 'edit'])->name('profile.edit');
Route::patch('/profile', [ProfileController::class, 'update'])->name('profile.update');
Route::delete('/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');
});
```
With the above change, you will be unable to access the user "Profile" page unless you are logged in with "admin" or "super-admin". You could change `role_or_permission:publish_articles` to `role:writer` to make it only available to the "test" user.
## Sharing
To share your app on Github for easy collaboration:
- create a new public repository on Github, without any extras like readme/etc.
- follow github's sample code for linking your local repo and uploading the code. It will look like this:
```sh
git remote add origin git@github.com:YOURUSERNAME/REPONAME.git
git push -u origin main
```
The above only needs to be done once.
- then add the rest of your code by making new commits:
```sh
git add .
git commit -m "Explain what your commit is about here"
git push origin main
```
Repeat the above process whenever you change code that you want to share.
Those are the basics!
================================================
FILE: docs/basic-usage/passport.md
================================================
---
title: Passport Client Credentials Grant usage
weight: 12
---
**NOTE** currently this only works for Laravel 9 and Passport 11 and newer.
## Install Passport
First of all make sure to have Passport installed as described in the [Laravel documentation](https://laravel.com/docs/master/passport).
## Extend the Client model
After installing the Passport package we need to extend Passports Client model.
The extended Client model should look like something as shown below.
```php
use Illuminate\Contracts\Auth\Access\Authorizable as AuthorizableContract;
use Illuminate\Foundation\Auth\Access\Authorizable;
use Laravel\Passport\Client as BaseClient;
use Spatie\Permission\Traits\HasRoles;
class Client extends BaseClient implements AuthorizableContract
{
use HasRoles;
use Authorizable;
public $guard_name = 'api';
// or
public function guardName()
{
return 'api';
}
}
```
You need to extend the Client model to make it possible to add the required traits and properties/ methods.
The extended Client should either provide a `$guard_name` property or a `guardName()` method.
They should return a string that matches the [configured](https://laravel.com/docs/master/passport#installation) guard name for the passport driver.
To tell Passport to use this extended Client, add the rule below to the `boot` method of your `App\Providers\AuthServiceProvider` class.
```php
Passport::useClientModel(\App\Models\Client::class); // Use the namespace of your extended Client.
```
## Middleware
All middleware provided by this package work with the Client.
Do make sure that you only wrap your routes in the [`client`](https://laravel.com/docs/master/passport#via-middleware) middleware and not the `auth:api` middleware as well.
Wrapping routes in the `auth:api` middleware currently does not work for the Client Credentials Grant.
## Config
Finally, update the config file as well. Setting `use_passport_client_credentials` to `true` will make sure that the right checks are performed.
```php
// config/permission.php
'use_passport_client_credentials' => true,
```
================================================
FILE: docs/basic-usage/role-permissions.md
================================================
---
title: Using Permissions via Roles
weight: 3
---
## Assigning Roles
A role can be assigned to any user:
```php
$user->assignRole('writer');
// You can also assign multiple roles at once
$user->assignRole('writer', 'admin');
// or as an array
$user->assignRole(['writer', 'admin']);
```
A role can be removed from a user:
```php
$user->removeRole('writer');
```
Roles can also be synced:
```php
// All current roles will be removed from the user and replaced by the array given
$user->syncRoles(['writer', 'admin']);
```
## Checking Roles
You can determine if a user has a certain role:
```php
$user->hasRole('writer');
// or at least one role from an array of roles:
$user->hasRole(['editor', 'moderator']);
```
You can also determine if a user has any of a given list of roles:
```php
$user->hasAnyRole(['writer', 'reader']);
// or
$user->hasAnyRole('writer', 'reader');
```
You can also determine if a user has all of a given list of roles:
```php
$user->hasAllRoles(Role::all());
```
You can also determine if a user has exactly all of a given list of roles:
```php
$user->hasExactRoles(Role::all());
```
The `assignRole`, `hasRole`, `hasAnyRole`, `hasAllRoles`, `hasExactRoles` and `removeRole` functions can accept a
string, a `\Spatie\Permission\Models\Role` object or an `\Illuminate\Support\Collection` object.
## Assigning Permissions to Roles
A permission can be given to a role:
```php
$role->givePermissionTo('edit articles');
```
You can determine if a role has a certain permission:
```php
$role->hasPermissionTo('edit articles');
```
A permission can be revoked from a role:
```php
$role->revokePermissionTo('edit articles');
```
Or revoke & add new permissions in one go:
```php
$role->syncPermissions(['edit articles', 'delete articles']);
```
The `givePermissionTo` and `revokePermissionTo` functions can accept a
string or a `Spatie\Permission\Models\Permission` object.
**NOTE: Permissions are inherited from roles automatically.**
## What Permissions Does A Role Have?
The `permissions` property on any given role returns a collection with all the related permission objects. This collection can respond to usual Eloquent Collection operations, such as count, sort, etc.
```php
// get collection
$role->permissions;
// return only the permission names:
$role->permissions->pluck('name');
// count the number of permissions assigned to a role
count($role->permissions);
// or
$role->permissions->count();
```
## Assigning Direct Permissions To A User
Additionally, individual permissions can be assigned to the user too.
For instance:
```php
$role = Role::findByName('writer');
$role->givePermissionTo('edit articles');
$user->assignRole('writer');
$user->givePermissionTo('delete articles');
```
In the above example, a role is given permission to edit articles and this role is assigned to a user.
Now the user can edit articles and additionally delete articles. The permission of 'delete articles' is the user's direct permission because it is assigned directly to them.
When we call `$user->hasDirectPermission('delete articles')` it returns `true`,
but `false` for `$user->hasDirectPermission('edit articles')`.
This method is useful if one builds a form for setting permissions for roles and users in an application and wants to restrict or change inherited permissions of roles of the user, i.e. allowing to change only direct permissions of the user.
You can check if the user has a Specific or All or Any of a set of permissions directly assigned:
```php
// Check if the user has Direct permission
$user->hasDirectPermission('edit articles')
// Check if the user has All direct permissions
$user->hasAllDirectPermissions(['edit articles', 'delete articles']);
// Check if the user has Any permission directly
$user->hasAnyDirectPermission(['create articles', 'delete articles']);
```
By following the previous example, when we call `$user->hasAllDirectPermissions(['edit articles', 'delete articles'])`
it returns `false`, because the user does not have `edit articles` as a direct permission.
When we call
`$user->hasAnyDirectPermission('edit articles')`, it returns `true` because the user has one of the provided permissions.
You can examine all of these permissions:
```php
// Direct permissions
$user->getDirectPermissions() // Or $user->permissions;
// Permissions inherited from the user's roles
$user->getPermissionsViaRoles();
// All permissions which apply on the user (inherited and direct)
$user->getAllPermissions();
```
All these responses are collections of `Spatie\Permission\Models\Permission` objects.
If we follow the previous example, the first response will be a collection with the `delete article` permission and
the second will be a collection with the `edit article` permission and the third will contain both.
================================================
FILE: docs/basic-usage/super-admin.md
================================================
---
title: Defining a Super-Admin
weight: 8
---
We strongly recommend that a Super-Admin be handled by setting a global `Gate::before` or `Gate::after` rule which checks for the desired role.
Then you can implement the best-practice of primarily using permission-based controls (@can and $user->can, etc) throughout your app, without always having to check for "is this a super-admin" everywhere. **Best not to use role-checking (ie: `hasRole`) (except here in Gate/Policy rules) when you have Super Admin features like this.**
## Gate::before/Policy::before vs HasPermissionTo / HasAnyPermission / HasDirectPermission / HasAllPermissions
IMPORTANT:
The Gate::before is the best approach for Super-Admin functionality, and aligns well with the described "Best Practices" of using roles as a way of grouping permissions, and assigning that access to Users. Using this approach, you can/must call Laravel's standard `can()`, `canAny()`, `cannot()`, etc checks for permission authorization to get a correct Super response.
### HasPermissionTo, HasAllPermissions, HasAnyPermission, HasDirectPermission
Calls to this package's internal API which bypass Laravel's Gate (such as a direct call to `->hasPermissionTo()`) will not go through the Gate, and thus will not get the Super response, unless you have actually added that specific permission to the Super-Admin "role".
The only reason for giving specific permissions to a Super-Admin role is if you intend to call the `has` methods directly instead of the Gate's `can()` methods.
## `Gate::before`
If you want a "Super Admin" role to respond `true` to all permissions, without needing to assign all those permissions to a role, you can use [Laravel's `Gate::before()` method](https://laravel.com/docs/master/authorization#intercepting-gate-checks). For example:
`/app/Providers/AppServiceProvider`:
```php
use Illuminate\Support\Facades\Gate;
// ...
public function boot(): void
{
// Implicitly grant "Super Admin" role all permissions
// This works in the app by using gate-related functions like auth()->user->can() and @can()
Gate::before(function ($user, $ability) {
return $user->hasRole('Super Admin') ? true : null;
});
}
```
NOTE: `Gate::before` rules need to return `null` rather than `false`, else it will interfere with normal policy operation. [See more.](https://laracasts.com/discuss/channels/laravel/policy-gets-never-called#reply=492526)
Jeffrey Way explains the concept of a super-admin (and a model owner, and model policies) in the [Laravel 6 Authorization Filters](https://laracasts.com/series/laravel-6-from-scratch/episodes/51) video and some related lessons in that chapter.
## Policy `before()`
If you aren't using `Gate::before()` as described above, you could alternatively grant super-admin control by checking the role in individual Policy classes, using the `before()` method.
Here is an example from the [Laravel Documentation on Policy Filters](https://laravel.com/docs/master/authorization#policy-filters), where you can define `before()` in your Policy where needed:
```php
use App\Models\User; // could be any Authorizable model
/**
* Perform pre-authorization checks on the model.
*/
public function before(User $user, string $ability): ?bool
{
if ($user->hasRole('Super Admin')) {
return true;
}
return null; // see the note above in Gate::before about why null must be returned here.
}
```
## `Gate::after`
Alternatively you might want to move the Super Admin check to the `Gate::after` phase instead, particularly if your Super Admin shouldn't be allowed to do things your app doesn't want "anyone" to do, such as writing more than 1 review, or bypassing unsubscribe rules, etc.
The following code snippet is inspired from [Freek's blog article](https://freek.dev/1325-when-to-use-gateafter-in-laravel) where this topic is discussed further. You can also consult the [Laravel Docs on gate interceptions](https://laravel.com/docs/master/authorization#intercepting-gate-checks)
```php
// somewhere in a service provider
Gate::after(function ($user, $ability) {
return $user->hasRole('Super Admin'); // note this returns boolean
});
```
================================================
FILE: docs/basic-usage/teams-permissions.md
================================================
---
title: Teams permissions
weight: 5
---
When enabled, teams permissions offers you flexible control for a variety of scenarios. The idea behind teams permissions is inspired by the default permission implementation of [Laratrust](https://laratrust.santigarcor.me/).
## Enabling Teams Permissions Feature
NOTE: These configuration changes must be made **before** performing the migration when first installing the package.
If you have already run the migration and want to upgrade your implementation, you can run the artisan console command `php artisan permission:setup-teams`, to create a new migration file named [`xxxx_xx_xx_xx_add_teams_fields.php`](https://github.com/spatie/laravel-permission/blob/main/database/migrations/add_teams_fields.php.stub) and then run `php artisan migrate` to upgrade your database tables.
Teams permissions can be enabled in the permission config file:
```php
// config/permission.php
'teams' => true,
```
Also, if you want to use a custom foreign key for teams you set it in the permission config file:
```php
// config/permission.php
'team_foreign_key' => 'custom_team_id',
```
## Working with Teams Permissions
After implementing a solution for selecting a team on the authentication process
(for example, setting the `team_id` of the currently selected team on the **session**: `session(['team_id' => $team->team_id]);` ),
we can set global `team_id` from anywhere, but works better if you create a `Middleware`.
Example Team Middleware:
```php
namespace App\Http\Middleware;
class TeamsPermission
{
public function handle($request, \Closure $next){
if(!empty(auth()->user())){
// session value set on login
setPermissionsTeamId(session('team_id'));
}
// other custom ways to get team_id
/*if(!empty(auth('api')->user())){
// `getTeamIdFromToken()` example of custom method for getting the set team_id
setPermissionsTeamId(auth('api')->user()->getTeamIdFromToken());
}*/
return $next($request);
}
}
```
**YOU MUST ALSO** set [the `$middlewarePriority` array](https://laravel.com/docs/master/middleware#sorting-middleware) in `app/Http/Kernel.php` to include your custom middleware before the `SubstituteBindings` middleware, else you may get *404 Not Found* responses when a *403 Not Authorized* response might be expected.
For example you can add something similar to the `boot` method of your `AppServiceProvider`:
```php
use App\Http\Middleware\YourCustomMiddlewareClass;
use Illuminate\Foundation\Http\Kernel;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
public function register(): void
{
//
}
public function boot(): void
{
/** @var Kernel $kernel */
$kernel = app()->make(Kernel::class);
$kernel->addToMiddlewarePriorityBefore(
YourCustomMiddlewareClass::class,
SubstituteBindings::class,
);
}
}
```
### Using LiveWire?
You may need to register your team middleware as Persisted in Livewire. See [Livewire docs: Configuring Persistent Middleware](https://livewire.laravel.com/docs/security#configuring-persistent-middleware)
## Roles Creating
When creating a role you can pass the `team_id` as an optional parameter
```php
// with null team_id it creates a global role; global roles can be assigned to any team and they are unique
Role::create(['name' => 'writer', 'team_id' => null]);
// creates a role with team_id = 1; team roles can have the same name on different teams
Role::create(['name' => 'reader', 'team_id' => 1]);
// creating a role without team_id makes the role take the default global team_id
Role::create(['name' => 'reviewer']);
```
## Roles/Permissions Assignment and Removal
The role/permission assignment and removal for teams are the same as without teams, but they take the global `team_id` which is set on login.
## Changing The Active Team ID
While your middleware will set a user's `team_id` upon login, you may later need to set it to another team for various reasons. The two most common reasons are these:
### Switching Teams After Login
If your application allows the user to switch between various teams which they belong to, you can activate the roles/permissions for that team by calling `setPermissionsTeamId($new_team_id)` and unsetting relations as described below.
### Administrating Team Details
You may have created a User-Manager page where you can view the roles/permissions of users on certain teams. For managing that user in each team they belong to, you must also use `setPermissionsTeamId($new_team_id)` to cause lookups to relate to that new team, and unset prior relations as described below.
### Querying Roles/Permissions for Other Teams
Whenever you switch the active `team_id` using `setPermissionsTeamId()`, you need to `unset` the user's/model's `roles` and `permissions` relations before querying what roles/permissions that user has (`$user->roles`, etc) and before calling any authorization functions (`can()`, `hasPermissionTo()`, `hasRole()`, etc).
Example:
```php
// set active global team_id
setPermissionsTeamId($new_team_id);
// $user = Auth::user();
// unset cached model relations so new team relations will get reloaded
$user->unsetRelation('roles')->unsetRelation('permissions');
// Now you can check:
$roles = $user->roles;
$hasRole = $user->hasRole('my_role');
$user->hasPermissionTo('foo');
$user->can('bar');
// etc
```
## Defining a Super-Admin on Teams
Global roles can be assigned to different teams, and `team_id` (which is the primary key of the relationships) is always required.
If you want a "Super Admin" global role for a user, when you create a new team you must assign it to your user. Example:
```php
namespace App\Models;
class YourTeamModel extends \Illuminate\Database\Eloquent\Model
{
// ...
public static function boot()
{
parent::boot();
// here assign this team to a global user with global default role
self::created(function ($model) {
// temporary: get session team_id for restore at end
$session_team_id = getPermissionsTeamId();
// set actual new team_id to package instance
setPermissionsTeamId($model);
// get the admin user and assign roles/permissions on new team model
User::find('your_user_id')->assignRole('Super Admin');
// restore session team_id to package instance using temporary value stored above
setPermissionsTeamId($session_team_id);
});
}
// ...
}
```
================================================
FILE: docs/basic-usage/wildcard-permissions.md
================================================
---
title: Wildcard permissions
weight: 6
---
When enabled, wildcard permissions offers you a flexible representation for a variety of permission schemes.
The wildcard permissions implementation is inspired by the default permission implementation of
[Apache Shiro](https://shiro.apache.org/permissions.html). See the Shiro documentation for more examples and deeper explanation of the concepts.
## Enabling Wildcard Features
Wildcard permissions can be enabled in the permission config file:
```php
// config/permission.php
'enable_wildcard_permission' => true,
```
## Wildcard Syntax
A wildcard permission string is made of one or more parts separated by dots (.).
```php
$permission = 'posts.create.1';
```
The meaning of each part of the string depends on the application layer.
> You can use as many parts as you like. So you are not limited to the three-tiered structure, even though
this is the common use-case, representing `{resource}.{action}.{target}`.
> **NOTE: You must actually create the wildcarded permissions** (eg: `posts.create.1`) before you can assign them or check for them.
> **NOTE: You must create any wildcard permission patterns** (eg: `posts.create.*`) before you can assign them or check for them.
## Using Wildcards
> ALERT: The `*` means "ALL". It does **not** mean "ANY".
Each part can also contain wildcards (`*`). So let's say we assign the following permission to a user:
```php
Permission::create(['name'=>'posts.*']);
$user->givePermissionTo('posts.*');
// is the same as
Permission::create(['name'=>'posts']);
$user->givePermissionTo('posts');
```
Given the example above, everyone who is assigned to this permission will be allowed every action on posts. It is not necessary to use a
wildcard on the last part of the string. This is automatically assumed.
```php
// will be true
$user->can('posts.create');
$user->can('posts.edit');
$user->can('posts.delete');
```
(Note that the `posts.create` and `posts.edit` and `posts.delete` permissions must also be created.)
## Meaning of the * Asterisk
The `*` means "ALL". It does **not** mean "ANY".
Thus `can('post.*')` will only pass if the user has been assigned `post.*` explicitly, and the `post.*` Permission has been created.
## Subparts
Besides the use of parts and wildcards, subparts can also be used. Subparts are divided with commas (,). This is a
powerful feature that lets you create complex permission schemes.
```php
// user can only do the actions create, update and view on both resources posts and users
Permission::create(['name'=>'posts,users.create,update,view']);
$user->givePermissionTo('posts,users.create,update,view');
// user can do the actions create, update, view on any available resource
Permission::create(['name'=>'*.create,update,view']);
$user->givePermissionTo('*.create,update,view');
// user can do any action on posts with ids 1, 4 and 6
Permission::create(['name'=>'posts.*.1,4,6']);
$user->givePermissionTo('posts.*.1,4,6');
```
> Remember: the meaning of each 'part' is determined by your application! So, you are free to use each part as you like. And you can use as many parts and subparts as you want.
================================================
FILE: docs/best-practices/_index.md
================================================
---
title: Best Practices
weight: 2
---
================================================
FILE: docs/best-practices/performance.md
================================================
---
title: Performance Tips
weight: 10
---
On small apps, most of the following will be moot, and unnecessary.
Often we think in terms of "roles have permissions" so we lookup a Role, and call `$role->givePermissionTo()`
to indicate what users with that role are allowed to do. This is perfectly fine!
And yet, in some situations, particularly if your app is deleting and adding new permissions frequently,
you may find that things are more performant if you lookup the permission and assign it to the role, like:
`$permission->assignRole($role)`.
The end result is the same, but sometimes it runs quite a lot faster.
Also, because of the way this package enforces some protections for you, on large databases you may find
that instead of creating permissions with:
``
gitextract_mhl3dih5/
├── .editorconfig
├── .gitattributes
├── .github/
│ ├── FUNDING.yml
│ ├── ISSUE_TEMPLATE/
│ │ ├── 1_Bug_report.yml
│ │ └── config.yml
│ ├── dependabot.yml
│ └── workflows/
│ ├── dependabot-auto-merge.yml
│ ├── fix-php-code-style-issues.yml
│ ├── phpstan.yml
│ ├── run-tests.yml
│ ├── test-cache-drivers.yml
│ └── update-changelog.yml
├── .gitignore
├── CHANGELOG.md
├── LICENSE.md
├── README.md
├── art/
│ └── README.md
├── composer.json
├── config/
│ └── permission.php
├── database/
│ └── migrations/
│ ├── add_teams_fields.php.stub
│ └── create_permission_tables.php.stub
├── docs/
│ ├── _index.md
│ ├── about-us.md
│ ├── advanced-usage/
│ │ ├── _index.md
│ │ ├── cache.md
│ │ ├── custom-permission-check.md
│ │ ├── events.md
│ │ ├── exceptions.md
│ │ ├── extending.md
│ │ ├── other.md
│ │ ├── phpstorm.md
│ │ ├── seeding.md
│ │ ├── testing.md
│ │ ├── timestamps.md
│ │ ├── ui-options.md
│ │ └── uuid.md
│ ├── basic-usage/
│ │ ├── _index.md
│ │ ├── artisan.md
│ │ ├── basic-usage.md
│ │ ├── blade-directives.md
│ │ ├── direct-permissions.md
│ │ ├── enums.md
│ │ ├── middleware.md
│ │ ├── multiple-guards.md
│ │ ├── new-app.md
│ │ ├── passport.md
│ │ ├── role-permissions.md
│ │ ├── super-admin.md
│ │ ├── teams-permissions.md
│ │ └── wildcard-permissions.md
│ ├── best-practices/
│ │ ├── _index.md
│ │ ├── performance.md
│ │ ├── roles-vs-permissions.md
│ │ └── using-policies.md
│ ├── changelog.md
│ ├── installation-laravel.md
│ ├── introduction.md
│ ├── prerequisites.md
│ ├── questions-issues.md
│ ├── support-us.md
│ └── upgrading.md
├── ide.json
├── phpstan-baseline.neon
├── phpstan.neon.dist
├── phpunit.xml.dist
├── pint.json
├── resources/
│ └── boost/
│ └── skills/
│ └── laravel-permission-development/
│ └── SKILL.md
├── src/
│ ├── Commands/
│ │ ├── AssignRoleCommand.php
│ │ ├── CacheResetCommand.php
│ │ ├── CreatePermissionCommand.php
│ │ ├── CreateRoleCommand.php
│ │ ├── ShowCommand.php
│ │ └── UpgradeForTeamsCommand.php
│ ├── Contracts/
│ │ ├── Permission.php
│ │ ├── PermissionsTeamResolver.php
│ │ ├── Role.php
│ │ └── Wildcard.php
│ ├── DefaultTeamResolver.php
│ ├── Events/
│ │ ├── PermissionAttachedEvent.php
│ │ ├── PermissionDetachedEvent.php
│ │ ├── RoleAttachedEvent.php
│ │ └── RoleDetachedEvent.php
│ ├── Exceptions/
│ │ ├── GuardDoesNotMatch.php
│ │ ├── PermissionAlreadyExists.php
│ │ ├── PermissionDoesNotExist.php
│ │ ├── RoleAlreadyExists.php
│ │ ├── RoleDoesNotExist.php
│ │ ├── UnauthorizedException.php
│ │ ├── WildcardPermissionInvalidArgument.php
│ │ ├── WildcardPermissionNotImplementsContract.php
│ │ └── WildcardPermissionNotProperlyFormatted.php
│ ├── Guard.php
│ ├── Middleware/
│ │ ├── PermissionMiddleware.php
│ │ ├── RoleMiddleware.php
│ │ └── RoleOrPermissionMiddleware.php
│ ├── Models/
│ │ ├── Permission.php
│ │ └── Role.php
│ ├── PermissionRegistrar.php
│ ├── PermissionServiceProvider.php
│ ├── Traits/
│ │ ├── HasPermissions.php
│ │ ├── HasRoles.php
│ │ └── RefreshesPermissionCache.php
│ ├── WildcardPermission.php
│ └── helpers.php
└── tests/
├── Commands/
│ ├── CommandTest.php
│ └── TeamCommandTest.php
├── Integration/
│ ├── BladeTest.php
│ ├── CacheTest.php
│ ├── CustomGateTest.php
│ ├── GateTest.php
│ ├── MultipleGuardsTest.php
│ ├── PermissionRegistrarTest.php
│ ├── PolicyTest.php
│ ├── RouteTest.php
│ └── WildcardRouteTest.php
├── Middleware/
│ ├── PermissionMiddlewareTest.php
│ ├── RoleMiddlewareTest.php
│ ├── RoleOrPermissionMiddlewareTest.php
│ └── WildcardMiddlewareTest.php
├── Models/
│ ├── PermissionTest.php
│ ├── RoleTest.php
│ ├── RoleWithNestingTest.php
│ └── WildcardRoleTest.php
├── Pest.php
├── TestSupport/
│ ├── ContentPolicy.php
│ ├── TestCase.php
│ ├── TestHelper.php
│ ├── TestModels/
│ │ ├── Admin.php
│ │ ├── Client.php
│ │ ├── Content.php
│ │ ├── Manager.php
│ │ ├── Permission.php
│ │ ├── Role.php
│ │ ├── RuntimeRole.php
│ │ ├── SoftDeletingUser.php
│ │ ├── TestRolePermissionsEnum.php
│ │ ├── User.php
│ │ ├── UserWithoutHasRoles.php
│ │ └── WildcardPermission.php
│ └── resources/
│ └── views/
│ ├── can.blade.php
│ ├── guardHasAllRoles.blade.php
│ ├── guardHasAllRolesArray.blade.php
│ ├── guardHasAllRolesPipe.blade.php
│ ├── guardHasAnyRole.blade.php
│ ├── guardHasAnyRolePipe.blade.php
│ ├── guardHasRole.blade.php
│ ├── guardRole.blade.php
│ ├── guardunlessrole.blade.php
│ ├── hasAllRoles.blade.php
│ ├── hasAnyRole.blade.php
│ ├── hasRole.blade.php
│ ├── haspermission.blade.php
│ ├── role.blade.php
│ └── unlessrole.blade.php
└── Traits/
├── HasPermissionsTest.php
├── HasPermissionsWithCustomModelsTest.php
├── HasRolesTest.php
├── HasRolesWithCustomModelsTest.php
├── TeamHasPermissionsTest.php
├── TeamHasRolesTest.php
└── WildcardHasPermissionsTest.php
SYMBOL INDEX (259 symbols across 54 files)
FILE: src/Commands/AssignRoleCommand.php
class AssignRoleCommand (line 9) | class AssignRoleCommand extends Command
method handle (line 20) | public function handle(PermissionRegistrar $permissionRegistrar): int
FILE: src/Commands/CacheResetCommand.php
class CacheResetCommand (line 8) | class CacheResetCommand extends Command
method handle (line 14) | public function handle(): int
FILE: src/Commands/CreatePermissionCommand.php
class CreatePermissionCommand (line 8) | class CreatePermissionCommand extends Command
method handle (line 16) | public function handle(): int
FILE: src/Commands/CreateRoleCommand.php
class CreateRoleCommand (line 11) | class CreateRoleCommand extends Command
method handle (line 21) | public function handle(PermissionRegistrar $permissionRegistrar): int
method makePermissions (line 49) | protected function makePermissions(?string $string = null): ?Collection
FILE: src/Commands/ShowCommand.php
class ShowCommand (line 11) | class ShowCommand extends Command
method handle (line 19) | public function handle(): int
FILE: src/Commands/UpgradeForTeamsCommand.php
class UpgradeForTeamsCommand (line 8) | class UpgradeForTeamsCommand extends Command
method handle (line 16) | public function handle(): int
method createMigration (line 60) | protected function createMigration(): bool
method getExistingMigrationsWarning (line 74) | protected function getExistingMigrationsWarning(array $existingMigrati...
method alreadyExistingMigrations (line 85) | protected function alreadyExistingMigrations(): array
method getMigrationPath (line 92) | protected function getMigrationPath(?string $date = null): string
FILE: src/Contracts/Permission.php
type Permission (line 16) | interface Permission
method roles (line 21) | public function roles(): BelongsToMany;
method findByName (line 29) | public static function findByName(string $name, ?string $guardName): s...
method findById (line 37) | public static function findById(int|string $id, ?string $guardName): s...
method findOrCreate (line 42) | public static function findOrCreate(string $name, ?string $guardName):...
FILE: src/Contracts/PermissionsTeamResolver.php
type PermissionsTeamResolver (line 7) | interface PermissionsTeamResolver
method getPermissionsTeamId (line 9) | public function getPermissionsTeamId(): int|string|null;
method setPermissionsTeamId (line 11) | public function setPermissionsTeamId(int|string|Model|null $id): void;
FILE: src/Contracts/Role.php
type Role (line 17) | interface Role
method permissions (line 22) | public function permissions(): BelongsToMany;
method findByName (line 30) | public static function findByName(string $name, ?string $guardName): s...
method findById (line 38) | public static function findById(int|string $id, ?string $guardName): s...
method findOrCreate (line 43) | public static function findOrCreate(string $name, ?string $guardName):...
method hasPermissionTo (line 48) | public function hasPermissionTo(string|int|Permission|BackedEnum $perm...
FILE: src/Contracts/Wildcard.php
type Wildcard (line 5) | interface Wildcard
method getIndex (line 7) | public function getIndex(): array;
method implies (line 9) | public function implies(string $permission, string $guardName, array $...
FILE: src/DefaultTeamResolver.php
class DefaultTeamResolver (line 8) | class DefaultTeamResolver implements PermissionsTeamResolver
method setPermissionsTeamId (line 12) | public function setPermissionsTeamId(int|string|Model|null $id): void
method getPermissionsTeamId (line 20) | public function getPermissionsTeamId(): int|string|null
FILE: src/Events/PermissionAttachedEvent.php
class PermissionAttachedEvent (line 14) | class PermissionAttachedEvent
method __construct (line 27) | public function __construct(public Model $model, public mixed $permiss...
FILE: src/Events/PermissionDetachedEvent.php
class PermissionDetachedEvent (line 14) | class PermissionDetachedEvent
method __construct (line 27) | public function __construct(public Model $model, public mixed $permiss...
FILE: src/Events/RoleAttachedEvent.php
class RoleAttachedEvent (line 14) | class RoleAttachedEvent
method __construct (line 27) | public function __construct(public Model $model, public mixed $rolesOr...
FILE: src/Events/RoleDetachedEvent.php
class RoleDetachedEvent (line 14) | class RoleDetachedEvent
method __construct (line 27) | public function __construct(public Model $model, public mixed $rolesOr...
FILE: src/Exceptions/GuardDoesNotMatch.php
class GuardDoesNotMatch (line 8) | class GuardDoesNotMatch extends InvalidArgumentException
method create (line 10) | public static function create(string $givenGuard, Collection $expected...
FILE: src/Exceptions/PermissionAlreadyExists.php
class PermissionAlreadyExists (line 7) | class PermissionAlreadyExists extends InvalidArgumentException
method create (line 9) | public static function create(string $permissionName, string $guardNam...
FILE: src/Exceptions/PermissionDoesNotExist.php
class PermissionDoesNotExist (line 7) | class PermissionDoesNotExist extends InvalidArgumentException
method create (line 9) | public static function create(string $permissionName, ?string $guardNa...
method withId (line 17) | public static function withId(int|string $permissionId, ?string $guard...
FILE: src/Exceptions/RoleAlreadyExists.php
class RoleAlreadyExists (line 7) | class RoleAlreadyExists extends InvalidArgumentException
method create (line 9) | public static function create(string $roleName, string $guardName): st...
FILE: src/Exceptions/RoleDoesNotExist.php
class RoleDoesNotExist (line 7) | class RoleDoesNotExist extends InvalidArgumentException
method named (line 9) | public static function named(string $roleName, ?string $guardName): st...
method withId (line 17) | public static function withId(int|string $roleId, ?string $guardName):...
FILE: src/Exceptions/UnauthorizedException.php
class UnauthorizedException (line 8) | class UnauthorizedException extends HttpException
method forRoles (line 14) | public static function forRoles(array $roles): static
method forPermissions (line 28) | public static function forPermissions(array $permissions): static
method forRolesOrPermissions (line 42) | public static function forRolesOrPermissions(array $rolesOrPermissions...
method missingTraitHasRoles (line 56) | public static function missingTraitHasRoles(Authorizable $user): static
method notLoggedIn (line 63) | public static function notLoggedIn(): static
method getRequiredRoles (line 68) | public function getRequiredRoles(): array
method getRequiredPermissions (line 73) | public function getRequiredPermissions(): array
FILE: src/Exceptions/WildcardPermissionInvalidArgument.php
class WildcardPermissionInvalidArgument (line 7) | class WildcardPermissionInvalidArgument extends InvalidArgumentException
method create (line 9) | public static function create(): static
FILE: src/Exceptions/WildcardPermissionNotImplementsContract.php
class WildcardPermissionNotImplementsContract (line 7) | class WildcardPermissionNotImplementsContract extends InvalidArgumentExc...
method create (line 9) | public static function create(): static
FILE: src/Exceptions/WildcardPermissionNotProperlyFormatted.php
class WildcardPermissionNotProperlyFormatted (line 7) | class WildcardPermissionNotProperlyFormatted extends InvalidArgumentExce...
method create (line 9) | public static function create(string $permission): static
FILE: src/Guard.php
class Guard (line 11) | class Guard
method getNames (line 19) | public static function getNames(string|Model $model): Collection
method getProviderModel (line 45) | protected static function getProviderModel(string $provider): ?string
method getConfigAuthGuards (line 67) | protected static function getConfigAuthGuards(string $class): Collection
method getModelForGuard (line 84) | public static function getModelForGuard(string $guard): ?string
method getDefaultName (line 101) | public static function getDefaultName(string|Model $class): string
method getPassportClient (line 118) | public static function getPassportClient(?string $guard): ?Authorizable
FILE: src/Middleware/PermissionMiddleware.php
class PermissionMiddleware (line 14) | class PermissionMiddleware
method handle (line 16) | public function handle(Request $request, Closure $next, $permission, ?...
method using (line 47) | public static function using(array|string|BackedEnum $permission, ?str...
method parsePermissionsToString (line 56) | protected static function parsePermissionsToString(array|string|Backed...
FILE: src/Middleware/RoleMiddleware.php
class RoleMiddleware (line 14) | class RoleMiddleware
method handle (line 16) | public function handle(Request $request, Closure $next, $role, ?string...
method using (line 47) | public static function using(array|string|BackedEnum $role, ?string $g...
method parseRolesToString (line 56) | protected static function parseRolesToString(array|string|BackedEnum $...
FILE: src/Middleware/RoleOrPermissionMiddleware.php
class RoleOrPermissionMiddleware (line 14) | class RoleOrPermissionMiddleware
method handle (line 16) | public function handle(Request $request, Closure $next, $roleOrPermiss...
method using (line 47) | public static function using(array|string|BackedEnum $roleOrPermission...
method parseRoleOrPermissionToString (line 55) | protected static function parseRoleOrPermissionToString(array|string|B...
FILE: src/Models/Permission.php
class Permission (line 25) | class Permission extends Model implements PermissionContract
method __construct (line 32) | public function __construct(array $attributes = [])
method create (line 47) | public static function create(array $attributes = [])
method roles (line 63) | public function roles(): BelongsToMany
method users (line 78) | public function users(): BelongsToMany
method findByName (line 96) | public static function findByName(string $name, ?string $guardName = n...
method findById (line 114) | public static function findById(int|string $id, ?string $guardName = n...
method findOrCreate (line 131) | public static function findOrCreate(string $name, ?string $guardName =...
method getPermissions (line 146) | protected static function getPermissions(array $params = [], bool $onl...
method getPermission (line 158) | protected static function getPermission(array $params = []): ?Permissi...
FILE: src/Models/Role.php
class Role (line 27) | class Role extends Model implements RoleContract
method __construct (line 34) | public function __construct(array $attributes = [])
method create (line 49) | public static function create(array $attributes = [])
method permissions (line 77) | public function permissions(): BelongsToMany
method users (line 92) | public function users(): BelongsToMany
method findByName (line 110) | public static function findByName(string $name, ?string $guardName = n...
method findById (line 128) | public static function findById(int|string $id, ?string $guardName = n...
method findOrCreate (line 146) | public static function findOrCreate(string $name, ?string $guardName =...
method findByParam (line 172) | protected static function findByParam(array $params = []): ?RoleContract
method hasPermissionTo (line 201) | public function hasPermissionTo($permission, ?string $guardName = null...
FILE: src/PermissionRegistrar.php
class PermissionRegistrar (line 17) | class PermissionRegistrar
method __construct (line 53) | public function __construct(CacheManager $cacheManager)
method initializeCache (line 63) | public function initializeCache(): void
method getCacheStoreFromConfig (line 78) | protected function getCacheStoreFromConfig(): Repository
method setPermissionsTeamId (line 97) | public function setPermissionsTeamId(int|string|Model|null $id): void
method getPermissionsTeamId (line 102) | public function getPermissionsTeamId(): int|string|null
method registerPermissions (line 111) | public function registerPermissions(Gate $gate): bool
method forgetCachedPermissions (line 128) | public function forgetCachedPermissions(): bool
method forgetWildcardPermissionIndex (line 136) | public function forgetWildcardPermissionIndex(?Model $record = null): ...
method getWildcardPermissionIndex (line 147) | public function getWildcardPermissionIndex(Model $record): array
method clearPermissionsCollection (line 161) | public function clearPermissionsCollection(): void
method loadPermissions (line 175) | private function loadPermissions(int $retries = 0): void
method getPermissions (line 219) | public function getPermissions(array $params = [], bool $onlyOne = fal...
method getPermissionClass (line 237) | public function getPermissionClass(): string
method setPermissionClass (line 242) | public function setPermissionClass(string $permissionClass): static
method getRoleClass (line 251) | public function getRoleClass(): string
method setRoleClass (line 256) | public function setRoleClass(string $roleClass): static
method getCacheRepository (line 265) | public function getCacheRepository(): Repository
method getCacheStore (line 270) | public function getCacheStore(): Store
method getPermissionsWithRoles (line 275) | protected function getPermissionsWithRoles(): Collection
method aliasedArray (line 283) | private function aliasedArray(array|Model $model): array
method aliasModelFields (line 293) | private function aliasModelFields(Model $newKeys): void
method getSerializedPermissionsForCache (line 310) | private function getSerializedPermissionsForCache(): array
method getSerializedRoleRelation (line 328) | private function getSerializedRoleRelation(Model $permission): array
method getHydratedPermissionCollection (line 350) | private function getHydratedPermissionCollection(): Collection
method getHydratedRoleCollection (line 362) | private function getHydratedRoleCollection(array $roles): Collection
method hydrateRolesCache (line 369) | private function hydrateRolesCache(): void
method isUid (line 382) | public static function isUid(mixed $value): bool
FILE: src/PermissionServiceProvider.php
class PermissionServiceProvider (line 22) | class PermissionServiceProvider extends PackageServiceProvider
method configurePackage (line 24) | public function configurePackage(Package $package): void
method registeringPackage (line 40) | public function registeringPackage(): void
method packageBooted (line 45) | public function packageBooted(): void
method bladeMethodWrapper (line 63) | public static function bladeMethodWrapper(string $method, mixed $role,...
method registerBladeExtensions (line 68) | protected function registerBladeExtensions(BladeCompiler $bladeCompile...
method registerModelBindings (line 84) | protected function registerModelBindings(): void
method registerMacroHelpers (line 90) | protected function registerMacroHelpers(): void
method registerOctaneListener (line 117) | protected function registerOctaneListener(): void
method registerAbout (line 140) | protected function registerAbout(): void
FILE: src/Traits/HasPermissions.php
type HasPermissions (line 25) | trait HasPermissions
method bootHasPermissions (line 33) | public static function bootHasPermissions(): void
method getPermissionClass (line 52) | public function getPermissionClass(): string
method getWildcardClass (line 61) | public function getWildcardClass(): string
method permissions (line 83) | public function permissions(): BelongsToMany
method scopePermission (line 108) | public function scopePermission(Builder $query, $permissions, bool $wi...
method scopeWithoutPermission (line 137) | public function scopeWithoutPermission(Builder $query, $permissions): ...
method convertToPermissionModels (line 147) | protected function convertToPermissionModels($permissions): array
method filterPermission (line 173) | public function filterPermission($permission, ?string $guardName = nul...
method hasPermissionTo (line 205) | public function hasPermissionTo($permission, ?string $guardName = null...
method hasWildcardPermission (line 221) | protected function hasWildcardPermission($permission, ?string $guardNa...
method checkPermissionTo (line 252) | public function checkPermissionTo($permission, ?string $guardName = nu...
method hasAnyPermission (line 266) | public function hasAnyPermission(...$permissions): bool
method hasAllPermissions (line 284) | public function hasAllPermissions(...$permissions): bool
method hasPermissionViaRole (line 300) | protected function hasPermissionViaRole(Permission $permission): bool
method hasDirectPermission (line 316) | public function hasDirectPermission($permission): bool
method getPermissionsViaRoles (line 327) | public function getPermissionsViaRoles(): Collection
method getAllPermissions (line 341) | public function getAllPermissions(): Collection
method collectPermissions (line 358) | private function collectPermissions(...$permissions): array
method givePermissionTo (line 387) | public function givePermissionTo(...$permissions): static
method forgetWildcardPermissionIndex (line 429) | public function forgetWildcardPermissionIndex(): void
method syncPermissions (line 442) | public function syncPermissions(...$permissions): static
method revokePermissionTo (line 459) | public function revokePermissionTo($permission): static
method getPermissionNames (line 480) | public function getPermissionNames(): Collection
method getStoredPermission (line 489) | protected function getStoredPermission($permissions)
method ensureModelSharesGuard (line 517) | protected function ensureModelSharesGuard($roleOrPermission): void
method getGuardNames (line 524) | protected function getGuardNames(): Collection
method getDefaultGuardName (line 529) | protected function getDefaultGuardName(): string
method forgetCachedPermissions (line 537) | public function forgetCachedPermissions(): void
method hasAllDirectPermissions (line 547) | public function hasAllDirectPermissions(...$permissions): bool
method hasAnyDirectPermission (line 565) | public function hasAnyDirectPermission(...$permissions): bool
FILE: src/Traits/HasRoles.php
type HasRoles (line 19) | trait HasRoles
method bootHasRoles (line 25) | public static function bootHasRoles(): void
method getRoleClass (line 42) | public function getRoleClass(): string
method roles (line 54) | public function roles(): BelongsToMany
method scopeRole (line 81) | public function scopeRole(Builder $query, $roles, ?string $guard = nul...
method scopeWithoutRole (line 111) | public function scopeWithoutRole(Builder $query, $roles, ?string $guar...
method collectRoles (line 121) | private function collectRoles(...$roles): array
method assignRole (line 147) | public function assignRole(...$roles): static
method removeRole (line 200) | public function removeRole(...$role): static
method syncRoles (line 227) | public function syncRoles(...$roles): static
method hasRole (line 250) | public function hasRole($roles, ?string $guard = null): bool
method hasAnyRole (line 309) | public function hasAnyRole(...$roles): bool
method hasAllRoles (line 319) | public function hasAllRoles($roles, ?string $guard = null): bool
method hasExactRoles (line 353) | public function hasExactRoles($roles, ?string $guard = null): bool
method getDirectPermissions (line 378) | public function getDirectPermissions(): Collection
method getRoleNames (line 383) | public function getRoleNames(): Collection
method getStoredRole (line 390) | protected function getStoredRole($role): Role
method convertPipeToArray (line 405) | protected function convertPipeToArray(string $pipeString): array
FILE: src/Traits/RefreshesPermissionCache.php
type RefreshesPermissionCache (line 7) | trait RefreshesPermissionCache
method bootRefreshesPermissionCache (line 9) | public static function bootRefreshesPermissionCache()
FILE: src/WildcardPermission.php
class WildcardPermission (line 10) | class WildcardPermission implements Wildcard
method __construct (line 21) | public function __construct(protected Model $record) {}
method getIndex (line 23) | public function getIndex(): array
method buildIndex (line 38) | protected function buildIndex(array $index, array $parts, string $perm...
method implies (line 77) | public function implies(string $permission, string $guardName, array $...
method checkIndex (line 88) | protected function checkIndex(array $permission, array $index): bool
FILE: src/helpers.php
function getModelForGuard (line 8) | function getModelForGuard(string $guard): ?string
function setPermissionsTeamId (line 15) | function setPermissionsTeamId(int|string|Model|null $id): void
function getPermissionsTeamId (line 22) | function getPermissionsTeamId(): int|string|null
FILE: tests/Integration/BladeTest.php
function renderView (line 6) | function renderView(string $view, array $parameters): string
FILE: tests/Integration/CacheTest.php
function resetQueryCount (line 34) | function resetQueryCount(): void
function assertQueryCount (line 39) | function assertQueryCount(int $expected): void
FILE: tests/TestSupport/ContentPolicy.php
class ContentPolicy (line 7) | class ContentPolicy
method before (line 9) | public function before(Authorizable $user, string $ability): ?bool
method view (line 14) | public function view($user, $content)
method update (line 19) | public function update($user, $modelRecord): bool
FILE: tests/TestSupport/TestCase.php
class TestCase (line 25) | class TestCase extends Orchestra
method setUp (line 55) | protected function setUp(): void
method tearDown (line 71) | protected function tearDown(): void
method getPackageProviders (line 83) | protected function getPackageProviders($app): array
method getEnvironmentSetUp (line 96) | protected function getEnvironmentSetUp($app)
method setUpDatabase (line 137) | protected function setUpDatabase($app)
method setUpBaseTestPermissions (line 175) | protected function setUpBaseTestPermissions($app): void
method setUpPassport (line 190) | public function setUpPassport(): void
method prepareMigration (line 209) | private function prepareMigration(): void
method setUpTeams (line 238) | public function setUpTeams(): void
method setUpCustomModels (line 253) | public function setUpCustomModels(): void
method setUpRoleNesting (line 277) | public function setUpRoleNesting(): void
method reloadPermissions (line 292) | protected function reloadPermissions(): void
method createCacheTable (line 297) | public function createCacheTable(): void
method setUpRoutes (line 309) | public function setUpRoutes(): void
method runMiddleware (line 319) | public function runMiddleware($middleware, $permission, $guard = null,...
method getLastRouteMiddlewareFromRouter (line 335) | public function getLastRouteMiddlewareFromRouter($router)
method getRouter (line 340) | public function getRouter()
method getRouteResponse (line 345) | public function getRouteResponse()
method getLaravelVersion (line 352) | protected function getLaravelVersion(): float
FILE: tests/TestSupport/TestHelper.php
class TestHelper (line 9) | class TestHelper
method testMiddleware (line 16) | public function testMiddleware($middleware, $parameter)
FILE: tests/TestSupport/TestModels/Admin.php
class Admin (line 5) | class Admin extends User
FILE: tests/TestSupport/TestModels/Client.php
class Client (line 10) | class Client extends BaseClient implements AuthorizableContract
FILE: tests/TestSupport/TestModels/Content.php
class Content (line 7) | class Content extends Model
FILE: tests/TestSupport/TestModels/Manager.php
class Manager (line 5) | class Manager extends User
method guardName (line 9) | public function guardName(): string
FILE: tests/TestSupport/TestModels/Permission.php
class Permission (line 8) | class Permission extends \Spatie\Permission\Models\Permission
method boot (line 19) | protected static function boot()
method getIncrementing (line 29) | public function getIncrementing(): bool
method getKeyType (line 34) | public function getKeyType(): string
FILE: tests/TestSupport/TestModels/Role.php
class Role (line 9) | class Role extends \Spatie\Permission\Models\Role
method getNameAttribute (line 22) | public function getNameAttribute(): \BackedEnum|string
method parents (line 33) | public function parents(): BelongsToMany
method children (line 42) | public function children(): BelongsToMany
method boot (line 51) | protected static function boot()
method getIncrementing (line 61) | public function getIncrementing(): bool
method getKeyType (line 66) | public function getKeyType(): string
FILE: tests/TestSupport/TestModels/RuntimeRole.php
class RuntimeRole (line 5) | class RuntimeRole extends \Spatie\Permission\Models\Role
FILE: tests/TestSupport/TestModels/SoftDeletingUser.php
class SoftDeletingUser (line 7) | class SoftDeletingUser extends User
FILE: tests/TestSupport/TestModels/TestRolePermissionsEnum.php
method label (line 31) | public function label(): string
FILE: tests/TestSupport/TestModels/User.php
class User (line 7) | class User extends UserWithoutHasRoles
FILE: tests/TestSupport/TestModels/UserWithoutHasRoles.php
class UserWithoutHasRoles (line 11) | class UserWithoutHasRoles extends Model implements AuthenticatableContra...
FILE: tests/TestSupport/TestModels/WildcardPermission.php
class WildcardPermission (line 7) | class WildcardPermission extends BaseWildcardPermission
Condensed preview — 161 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (698K chars).
[
{
"path": ".editorconfig",
"chars": 312,
"preview": "; This file is for unifying the coding style for different editors and IDEs.\n; More information at http://editorconfig.o"
},
{
"path": ".gitattributes",
"chars": 566,
"preview": "# Path-based git attributes\n# https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html\n\n# Ignore all test and"
},
{
"path": ".github/FUNDING.yml",
"chars": 15,
"preview": "github: spatie\n"
},
{
"path": ".github/ISSUE_TEMPLATE/1_Bug_report.yml",
"chars": 1821,
"preview": "name: Bug Report\ndescription: \"Report a reproducible bug.\"\nbody:\n - type: markdown\n attributes:\n value: |\n "
},
{
"path": ".github/ISSUE_TEMPLATE/config.yml",
"chars": 351,
"preview": "blank_issues_enabled: true\ncontact_links:\n - name: Feature Request\n url: https://github.com/spatie/laravel-permi"
},
{
"path": ".github/dependabot.yml",
"chars": 120,
"preview": "version: 2\n\nupdates:\n\n - package-ecosystem: \"github-actions\"\n directory: \"/\"\n schedule:\n interval: \"weekly\"\n"
},
{
"path": ".github/workflows/dependabot-auto-merge.yml",
"chars": 1529,
"preview": "name: dependabot-auto-merge\non: pull_request_target\n\npermissions:\n pull-requests: write\n contents: write\n\njobs:\n depe"
},
{
"path": ".github/workflows/fix-php-code-style-issues.yml",
"chars": 477,
"preview": "name: Fix PHP code style issues\n\non:\n push:\n paths:\n - '**.php'\n\njobs:\n php-code-styling:\n runs-on: ubuntu-"
},
{
"path": ".github/workflows/phpstan.yml",
"chars": 885,
"preview": "name: PHPStan\n\non:\n push:\n paths:\n - '**.php'\n - 'phpstan.neon.dist'\n pull_request:\n "
},
{
"path": ".github/workflows/run-tests.yml",
"chars": 1204,
"preview": "name: Run Tests - Current\n\non:\n - push\n - pull_request\n\njobs:\n test:\n runs-on: ubuntu-latest\n\n strategy:\n "
},
{
"path": ".github/workflows/test-cache-drivers.yml",
"chars": 1596,
"preview": "name: \"Run Tests - Cache Drivers\"\n\non: [push, pull_request]\n\njobs:\n cache:\n\n runs-on: ubuntu-latest\n\n services:\n "
},
{
"path": ".github/workflows/update-changelog.yml",
"chars": 645,
"preview": "name: \"Update Changelog\"\n\non:\n release:\n types: [released]\n\njobs:\n update:\n runs-on: ubuntu-latest\n\n steps:\n "
},
{
"path": ".gitignore",
"chars": 152,
"preview": "build\ncomposer.lock\nvendor\ntests/temp\n.idea\n.phpunit.cache\n.phpunit.result.cache\n.php-cs-fixer.cache\ntests/TestSupport/C"
},
{
"path": "CHANGELOG.md",
"chars": 64236,
"preview": "# Changelog\n\nAll notable changes to `laravel-permission` will be documented in this file\n\n## 7.2.4 - 2026-03-17\n\n### Wha"
},
{
"path": "LICENSE.md",
"chars": 1090,
"preview": "The MIT License (MIT)\n\nCopyright (c) Spatie bvba <info@spatie.be>\n\nPermission is hereby granted, free of charge, to any "
},
{
"path": "README.md",
"chars": 4910,
"preview": "<div align=\"left\">\n <a href=\"https://spatie.be/open-source?utm_source=github&utm_medium=banner&utm_campaign=laravel-p"
},
{
"path": "art/README.md",
"chars": 2267,
"preview": "<p align=\"center\">\n <img src=\"/art/socialcard.png\" width=\"1280\" title=\"Social Card of Laravel Permission\">\n</p>\n\n# La"
},
{
"path": "composer.json",
"chars": 2063,
"preview": "{\n \"name\": \"spatie/laravel-permission\",\n \"description\": \"Permission handling for Laravel 12 and up\",\n \"license\""
},
{
"path": "config/permission.php",
"chars": 7071,
"preview": "<?php\n\nreturn [\n\n 'models' => [\n\n /*\n * When using the \"HasPermissions\" trait from this package, we ne"
},
{
"path": "database/migrations/add_teams_fields.php.stub",
"chars": 4031,
"preview": "<?php\n\nuse Illuminate\\Database\\Migrations\\Migration;\nuse Illuminate\\Database\\Schema\\Blueprint;\nuse Illuminate\\Support\\Fa"
},
{
"path": "database/migrations/create_permission_tables.php.stub",
"chars": 6442,
"preview": "<?php\n\nuse Illuminate\\Database\\Migrations\\Migration;\nuse Illuminate\\Database\\Schema\\Blueprint;\nuse Illuminate\\Support\\Fa"
},
{
"path": "docs/_index.md",
"chars": 138,
"preview": "---\ntitle: v7\nslogan: Associate users with roles and permissions\ngithubUrl: https://github.com/spatie/laravel-permission"
},
{
"path": "docs/about-us.md",
"chars": 1202,
"preview": "---\ntitle: About us\n---\n\n[Spatie](https://spatie.be) is a webdesign agency based in Antwerp, Belgium.\n\nOpen source softw"
},
{
"path": "docs/advanced-usage/_index.md",
"chars": 40,
"preview": "---\ntitle: Advanced usage\nweight: 3\n---\n"
},
{
"path": "docs/advanced-usage/cache.md",
"chars": 6270,
"preview": "---\ntitle: Cache\nweight: 5\n---\n\nRole and Permission data are cached to speed up performance.\n\n## Automatic Cache Refresh"
},
{
"path": "docs/advanced-usage/custom-permission-check.md",
"chars": 1786,
"preview": "---\ntitle: Custom Permission Check\nweight: 6\n---\n\n## Default Permission Check Functionality\nBy default, this package reg"
},
{
"path": "docs/advanced-usage/events.md",
"chars": 1046,
"preview": "---\ntitle: Events\nweight: 5\n---\n\nBy default Events are not enabled, because not all apps need to fire events related to "
},
{
"path": "docs/advanced-usage/exceptions.md",
"chars": 935,
"preview": "---\ntitle: Exceptions\nweight: 3\n---\n\nIf you need to override exceptions thrown by this package, you can simply use norma"
},
{
"path": "docs/advanced-usage/extending.md",
"chars": 4636,
"preview": "---\ntitle: Extending\nweight: 4\n---\n\n## Adding fields to your models\nYou can add your own migrations to make changes to t"
},
{
"path": "docs/advanced-usage/other.md",
"chars": 187,
"preview": "---\ntitle: Other\nweight: 9\n---\n\n**Schema Diagram:**\n\nYou can find a schema diagram at [https://drawsql.app/templates/lar"
},
{
"path": "docs/advanced-usage/phpstorm.md",
"chars": 2146,
"preview": "---\ntitle: PhpStorm Interaction\nweight: 8\n---\n\n## Extending PhpStorm \n\n> **Note**\n> When using Laravel Idea plugin all d"
},
{
"path": "docs/advanced-usage/seeding.md",
"chars": 5608,
"preview": "---\ntitle: Database Seeding\nweight: 2\n---\n\n## Flush cache before/after seeding\n\nYou may discover that it is best to flus"
},
{
"path": "docs/advanced-usage/testing.md",
"chars": 2976,
"preview": "---\ntitle: Testing\nweight: 1\n---\n\n## Clear Cache During Tests\n\nIn your application's tests, if you are not seeding roles"
},
{
"path": "docs/advanced-usage/timestamps.md",
"chars": 829,
"preview": "---\ntitle: Timestamps\nweight: 10\n---\n\n## Excluding Timestamps from JSON\n\nIf you want to exclude timestamps from JSON out"
},
{
"path": "docs/advanced-usage/ui-options.md",
"chars": 2619,
"preview": "---\ntitle: UI Options\nweight: 11\n---\n\n## Need a UI?\n\nThe package doesn't come with any UI/screens out of the box, you sh"
},
{
"path": "docs/advanced-usage/uuid.md",
"chars": 6967,
"preview": "---\ntitle: UUID/ULID\nweight: 7\n---\n\nIf you're using UUIDs (ULID, GUID, etc) for your User models or Role/Permission mode"
},
{
"path": "docs/basic-usage/_index.md",
"chars": 37,
"preview": "---\ntitle: Basic Usage\nweight: 1\n---\n"
},
{
"path": "docs/basic-usage/artisan.md",
"chars": 1666,
"preview": "---\ntitle: Artisan Commands\nweight: 10\n---\n\n## Creating roles and permissions with Artisan Commands\n\nYou can create a ro"
},
{
"path": "docs/basic-usage/basic-usage.md",
"chars": 3966,
"preview": "---\ntitle: Basic Usage\nweight: 1\n---\n\n## Add The Trait\nFirst, add the `Spatie\\Permission\\Traits\\HasRoles` trait to your "
},
{
"path": "docs/basic-usage/blade-directives.md",
"chars": 2947,
"preview": "---\ntitle: Blade directives\nweight: 7\n---\n\n## Permissions\nThis package lets you use Laravel's native `@can` directive to"
},
{
"path": "docs/basic-usage/direct-permissions.md",
"chars": 2207,
"preview": "---\ntitle: Direct Permissions\nweight: 2\n---\n\n## Best Practice\n\nINSTEAD OF DIRECT PERMISSIONS, it is better to assign per"
},
{
"path": "docs/basic-usage/enums.md",
"chars": 3558,
"preview": "---\ntitle: Enums\nweight: 4\n---\n\n## Enum Prerequisites\n\nInternally, Enums implicitly implement `\\BackedEnum`, which is ho"
},
{
"path": "docs/basic-usage/middleware.md",
"chars": 4444,
"preview": "---\ntitle: Middleware\nweight: 11\n---\n\n## Default Middleware\n\nFor checking against a single permission (see Best Practice"
},
{
"path": "docs/basic-usage/multiple-guards.md",
"chars": 4325,
"preview": "---\ntitle: Using multiple guards\nweight: 9\n---\n\nWhen using the default Laravel auth configuration all of the core method"
},
{
"path": "docs/basic-usage/new-app.md",
"chars": 8786,
"preview": "---\ntitle: Example App\nweight: 90\n---\n\n## Creating A Demo App\n\nIf you want to just try out the features of this package "
},
{
"path": "docs/basic-usage/passport.md",
"chars": 2118,
"preview": "---\ntitle: Passport Client Credentials Grant usage\nweight: 12\n---\n\n**NOTE** currently this only works for Laravel 9 and "
},
{
"path": "docs/basic-usage/role-permissions.md",
"chars": 4834,
"preview": "---\ntitle: Using Permissions via Roles\nweight: 3\n---\n\n## Assigning Roles\n\nA role can be assigned to any user:\n\n```php\n$u"
},
{
"path": "docs/basic-usage/super-admin.md",
"chars": 4193,
"preview": "---\ntitle: Defining a Super-Admin\nweight: 8\n---\n\nWe strongly recommend that a Super-Admin be handled by setting a global"
},
{
"path": "docs/basic-usage/teams-permissions.md",
"chars": 6705,
"preview": "---\ntitle: Teams permissions\nweight: 5\n---\n\nWhen enabled, teams permissions offers you flexible control for a variety of"
},
{
"path": "docs/basic-usage/wildcard-permissions.md",
"chars": 3167,
"preview": "---\ntitle: Wildcard permissions\nweight: 6\n---\n\nWhen enabled, wildcard permissions offers you a flexible representation f"
},
{
"path": "docs/best-practices/_index.md",
"chars": 40,
"preview": "---\ntitle: Best Practices\nweight: 2\n---\n"
},
{
"path": "docs/best-practices/performance.md",
"chars": 1281,
"preview": "---\ntitle: Performance Tips\nweight: 10\n---\n\nOn small apps, most of the following will be moot, and unnecessary.\n\nOften w"
},
{
"path": "docs/best-practices/roles-vs-permissions.md",
"chars": 2520,
"preview": "---\ntitle: Roles vs Permissions\nweight: 1\n---\n\nBest-Practice for thinking about Roles vs Permissions is this:\n\n**Roles**"
},
{
"path": "docs/best-practices/using-policies.md",
"chars": 2128,
"preview": "---\ntitle: Model Policies\nweight: 2\n---\n\nThe best way to incorporate access control for application features is with [La"
},
{
"path": "docs/changelog.md",
"chars": 175,
"preview": "---\ntitle: Changelog\nweight: 10\n---\n\nAll notable changes to laravel-permission are documented [on GitHub](https://github"
},
{
"path": "docs/installation-laravel.md",
"chars": 3236,
"preview": "---\ntitle: Installation in Laravel\nweight: 4\n---\n\n## Laravel Version Compatibility\n\nSee the \"Prerequisites\" documentatio"
},
{
"path": "docs/introduction.md",
"chars": 900,
"preview": "---\ntitle: Introduction\nweight: 1\n---\n\nThis package allows you to manage user permissions and roles in a database.\n\nOnce"
},
{
"path": "docs/prerequisites.md",
"chars": 5637,
"preview": "---\ntitle: Prerequisites\nweight: 3\n---\n\n## Laravel Version Compatibility\n\nLaravel Version | Package Version\n------------"
},
{
"path": "docs/questions-issues.md",
"chars": 443,
"preview": "---\ntitle: Questions and issues\nweight: 9\n---\n\nFind yourself stuck using the package? Found a bug? Do you have general q"
},
{
"path": "docs/support-us.md",
"chars": 549,
"preview": "---\ntitle: Support us\nweight: 2\n---\n\nWe invest a lot of resources into creating [best in class open source packages](htt"
},
{
"path": "docs/upgrading.md",
"chars": 10048,
"preview": "---\ntitle: Upgrading\nweight: 6\n---\n\n## Upgrade Essentials\n\nALL upgrades of this package should follow these steps:\n\n1. C"
},
{
"path": "ide.json",
"chars": 2462,
"preview": "{\n \"$schema\": \"https://laravel-ide.com/schema/laravel-ide-v2.json\",\n \"blade\": {\n \"directives\": [\n "
},
{
"path": "phpstan-baseline.neon",
"chars": 27,
"preview": "parameters:\n\tignoreErrors:\n"
},
{
"path": "phpstan.neon.dist",
"chars": 1158,
"preview": "includes:\n - ./vendor/larastan/larastan/extension.neon\n - phpstan-baseline.neon\n\nparameters:\n level: 5\n path"
},
{
"path": "phpunit.xml.dist",
"chars": 734,
"preview": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<phpunit xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n bootstrap"
},
{
"path": "pint.json",
"chars": 90,
"preview": "{\n \"preset\": \"laravel\",\n \"rules\": {\n \"php_unit_method_casing\": false\n }\n}\n"
},
{
"path": "resources/boost/skills/laravel-permission-development/SKILL.md",
"chars": 7488,
"preview": "---\nname: laravel-permission-development\ndescription: Build and work with Spatie Laravel Permission features, including "
},
{
"path": "src/Commands/AssignRoleCommand.php",
"chars": 2072,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Spatie\\Permission\\Contracts\\Role as Ro"
},
{
"path": "src/Commands/CacheResetCommand.php",
"chars": 739,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Spatie\\Permission\\PermissionRegistrar;"
},
{
"path": "src/Commands/CreatePermissionCommand.php",
"chars": 775,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Spatie\\Permission\\Contracts\\Permission"
},
{
"path": "src/Commands/CreateRoleCommand.php",
"chars": 2246,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Illuminate\\Support\\Collection;\nuse Spa"
},
{
"path": "src/Commands/ShowCommand.php",
"chars": 2960,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Illuminate\\Support\\Collection;\nuse Spa"
},
{
"path": "src/Commands/UpgradeForTeamsCommand.php",
"chars": 2866,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Commands;\n\nuse Illuminate\\Console\\Command;\nuse Illuminate\\Support\\Facades\\Config;\n\ncl"
},
{
"path": "src/Contracts/Permission.php",
"chars": 1044,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Contracts;\n\nuse Illuminate\\Database\\Eloquent\\Relations\\BelongsToMany;\n\n/**\n * @proper"
},
{
"path": "src/Contracts/PermissionsTeamResolver.php",
"chars": 263,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Contracts;\n\nuse Illuminate\\Database\\Eloquent\\Model;\n\ninterface PermissionsTeamResolve"
},
{
"path": "src/Contracts/Role.php",
"chars": 1247,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Contracts;\n\nuse BackedEnum;\nuse Illuminate\\Database\\Eloquent\\Relations\\BelongsToMany;"
},
{
"path": "src/Contracts/Wildcard.php",
"chars": 198,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Contracts;\n\ninterface Wildcard\n{\n public function getIndex(): array;\n\n public f"
},
{
"path": "src/DefaultTeamResolver.php",
"chars": 544,
"preview": "<?php\n\nnamespace Spatie\\Permission;\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Spatie\\Permission\\Contracts\\Permissions"
},
{
"path": "src/Events/PermissionAttachedEvent.php",
"chars": 920,
"preview": "<?php\n\ndeclare(strict_types=1);\n\nnamespace Spatie\\Permission\\Events;\n\nuse Illuminate\\Broadcasting\\InteractsWithSockets;\n"
},
{
"path": "src/Events/PermissionDetachedEvent.php",
"chars": 906,
"preview": "<?php\n\ndeclare(strict_types=1);\n\nnamespace Spatie\\Permission\\Events;\n\nuse Illuminate\\Broadcasting\\InteractsWithSockets;\n"
},
{
"path": "src/Events/RoleAttachedEvent.php",
"chars": 857,
"preview": "<?php\n\ndeclare(strict_types=1);\n\nnamespace Spatie\\Permission\\Events;\n\nuse Illuminate\\Broadcasting\\InteractsWithSockets;\n"
},
{
"path": "src/Events/RoleDetachedEvent.php",
"chars": 857,
"preview": "<?php\n\ndeclare(strict_types=1);\n\nnamespace Spatie\\Permission\\Events;\n\nuse Illuminate\\Broadcasting\\InteractsWithSockets;\n"
},
{
"path": "src/Exceptions/GuardDoesNotMatch.php",
"chars": 497,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse Illuminate\\Support\\Collection;\nuse InvalidArgumentException;\n\nclass "
},
{
"path": "src/Exceptions/PermissionAlreadyExists.php",
"chars": 432,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass PermissionAlreadyExists extends Inv"
},
{
"path": "src/Exceptions/PermissionDoesNotExist.php",
"chars": 710,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass PermissionDoesNotExist extends Inva"
},
{
"path": "src/Exceptions/RoleAlreadyExists.php",
"chars": 396,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass RoleAlreadyExists extends InvalidAr"
},
{
"path": "src/Exceptions/RoleDoesNotExist.php",
"chars": 653,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass RoleDoesNotExist extends InvalidArg"
},
{
"path": "src/Exceptions/UnauthorizedException.php",
"chars": 2419,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse Illuminate\\Contracts\\Auth\\Access\\Authorizable;\nuse Symfony\\Component"
},
{
"path": "src/Exceptions/WildcardPermissionInvalidArgument.php",
"chars": 319,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass WildcardPermissionInvalidArgument e"
},
{
"path": "src/Exceptions/WildcardPermissionNotImplementsContract.php",
"chars": 342,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass WildcardPermissionNotImplementsCont"
},
{
"path": "src/Exceptions/WildcardPermissionNotProperlyFormatted.php",
"chars": 384,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Exceptions;\n\nuse InvalidArgumentException;\n\nclass WildcardPermissionNotProperlyFormat"
},
{
"path": "src/Guard.php",
"chars": 4205,
"preview": "<?php\n\nnamespace Spatie\\Permission;\n\nuse Illuminate\\Contracts\\Auth\\Access\\Authorizable;\nuse Illuminate\\Database\\Eloquent"
},
{
"path": "src/Middleware/PermissionMiddleware.php",
"chars": 1915,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Middleware;\n\nuse BackedEnum;\nuse Closure;\nuse Illuminate\\Http\\Request;\nuse Illuminate"
},
{
"path": "src/Middleware/RoleMiddleware.php",
"chars": 1769,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Middleware;\n\nuse BackedEnum;\nuse Closure;\nuse Illuminate\\Http\\Request;\nuse Illuminate"
},
{
"path": "src/Middleware/RoleOrPermissionMiddleware.php",
"chars": 2121,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Middleware;\n\nuse BackedEnum;\nuse Closure;\nuse Illuminate\\Http\\Request;\nuse Illuminate"
},
{
"path": "src/Models/Permission.php",
"chars": 5290,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Models;\n\nuse Illuminate\\Database\\Eloquent\\Collection;\nuse Illuminate\\Database\\Eloquen"
},
{
"path": "src/Models/Role.php",
"chars": 6663,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Models;\n\nuse BackedEnum;\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Datab"
},
{
"path": "src/PermissionRegistrar.php",
"chars": 12710,
"preview": "<?php\n\nnamespace Spatie\\Permission;\n\nuse DateInterval;\nuse Illuminate\\Cache\\CacheManager;\nuse Illuminate\\Contracts\\Auth\\"
},
{
"path": "src/PermissionServiceProvider.php",
"chars": 6680,
"preview": "<?php\n\nnamespace Spatie\\Permission;\n\nuse Composer\\InstalledVersions;\nuse Illuminate\\Contracts\\Auth\\Access\\Gate;\nuse Illu"
},
{
"path": "src/Traits/HasPermissions.php",
"chars": 18250,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Traits;\n\nuse BackedEnum;\nuse Illuminate\\Database\\Eloquent\\Builder;\nuse Illuminate\\Dat"
},
{
"path": "src/Traits/HasRoles.php",
"chars": 12792,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Traits;\n\nuse BackedEnum;\nuse Illuminate\\Database\\Eloquent\\Builder;\nuse Illuminate\\Dat"
},
{
"path": "src/Traits/RefreshesPermissionCache.php",
"chars": 436,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Traits;\n\nuse Spatie\\Permission\\PermissionRegistrar;\n\ntrait RefreshesPermissionCache\n{"
},
{
"path": "src/WildcardPermission.php",
"chars": 2969,
"preview": "<?php\n\nnamespace Spatie\\Permission;\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Str;\nuse Spatie\\Perm"
},
{
"path": "src/helpers.php",
"chars": 669,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Spatie\\Permission\\Guard;\nuse Spatie\\Permission\\PermissionRegistrar;\n\n"
},
{
"path": "tests/Commands/CommandTest.php",
"chars": 7949,
"preview": "<?php\n\nuse Composer\\InstalledVersions;\nuse Illuminate\\Foundation\\Console\\AboutCommand;\nuse Illuminate\\Support\\Facades\\Ar"
},
{
"path": "tests/Commands/TeamCommandTest.php",
"chars": 1955,
"preview": "<?php\n\nuse Illuminate\\Support\\Facades\\Artisan;\nuse Spatie\\Permission\\Tests\\TestSupport\\TestModels\\User;\n\nbeforeEach(fn ("
},
{
"path": "tests/Integration/BladeTest.php",
"chars": 12888,
"preview": "<?php\n\nuse Illuminate\\Support\\Facades\\Artisan;\nuse Spatie\\Permission\\Contracts\\Role;\n\nfunction renderView(string $view, "
},
{
"path": "tests/Integration/CacheTest.php",
"chars": 7802,
"preview": "<?php\n\nuse Illuminate\\Cache\\DatabaseStore;\nuse Illuminate\\Support\\Facades\\Artisan;\nuse Illuminate\\Support\\Facades\\DB;\nus"
},
{
"path": "tests/Integration/CustomGateTest.php",
"chars": 767,
"preview": "<?php\n\nuse Illuminate\\Contracts\\Auth\\Access\\Gate;\n\nbeforeEach(function () {\n config()->set('permission.register_permi"
},
{
"path": "tests/Integration/GateTest.php",
"chars": 2986,
"preview": "<?php\n\nuse Illuminate\\Contracts\\Auth\\Access\\Gate;\nuse Spatie\\Permission\\Contracts\\Permission;\n\nit('can determine if a us"
},
{
"path": "tests/Integration/MultipleGuardsTest.php",
"chars": 3871,
"preview": "<?php\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Support\\Facades\\Route;\nuse Spatie\\Permission\\Contracts\\Permission;\nus"
},
{
"path": "tests/Integration/PermissionRegistrarTest.php",
"chars": 4150,
"preview": "<?php\n\nuse Spatie\\Permission\\Contracts\\Permission as PermissionContract;\nuse Spatie\\Permission\\Contracts\\Role as RoleCon"
},
{
"path": "tests/Integration/PolicyTest.php",
"chars": 1098,
"preview": "<?php\n\nuse Illuminate\\Contracts\\Auth\\Access\\Gate;\nuse Spatie\\Permission\\Tests\\TestSupport\\ContentPolicy;\nuse Spatie\\Perm"
},
{
"path": "tests/Integration/RouteTest.php",
"chars": 4498,
"preview": "<?php\n\nuse Spatie\\Permission\\Tests\\TestSupport\\TestModels\\TestRolePermissionsEnum;\n\nit('test role function', function ()"
},
{
"path": "tests/Integration/WildcardRouteTest.php",
"chars": 956,
"preview": "<?php\n\nit('test permission function', function () {\n app('config')->set('permission.enable_wildcard_permission', true"
},
{
"path": "tests/Middleware/PermissionMiddlewareTest.php",
"chars": 11829,
"preview": "<?php\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Http\\Response;\nuse Illuminate\\Support\\Facades\\Auth;\nuse Illuminate\\Su"
},
{
"path": "tests/Middleware/RoleMiddlewareTest.php",
"chars": 8842,
"preview": "<?php\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Http\\Response;\nuse Illuminate\\Support\\Facades\\Auth;\nuse Illuminate\\Su"
},
{
"path": "tests/Middleware/RoleOrPermissionMiddlewareTest.php",
"chars": 7686,
"preview": "<?php\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Http\\Response;\nuse Illuminate\\Support\\Facades\\Auth;\nuse Illuminate\\Su"
},
{
"path": "tests/Middleware/WildcardMiddlewareTest.php",
"chars": 3730,
"preview": "<?php\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Http\\Response;\nuse Illuminate\\Support\\Facades\\Auth;\nuse Spatie\\Permis"
},
{
"path": "tests/Models/PermissionTest.php",
"chars": 2559,
"preview": "<?php\n\nuse Spatie\\Permission\\Contracts\\Permission;\nuse Spatie\\Permission\\Exceptions\\PermissionAlreadyExists;\nuse Spatie\\"
},
{
"path": "tests/Models/RoleTest.php",
"chars": 9069,
"preview": "<?php\n\nuse Spatie\\Permission\\Contracts\\Role;\nuse Spatie\\Permission\\Exceptions\\GuardDoesNotMatch;\nuse Spatie\\Permission\\E"
},
{
"path": "tests/Models/RoleWithNestingTest.php",
"chars": 1817,
"preview": "<?php\n\nuse Spatie\\Permission\\Tests\\TestSupport\\TestModels\\Role;\n\nbeforeEach(function () {\n $this->setUpRoleNesting();"
},
{
"path": "tests/Models/WildcardRoleTest.php",
"chars": 2791,
"preview": "<?php\n\nuse Spatie\\Permission\\Models\\Permission;\n\nbeforeEach(function () {\n app('config')->set('permission.enable_wild"
},
{
"path": "tests/Pest.php",
"chars": 94,
"preview": "<?php\n\nuse Spatie\\Permission\\Tests\\TestSupport\\TestCase;\n\nuses(TestCase::class)->in(__DIR__);\n"
},
{
"path": "tests/TestSupport/ContentPolicy.php",
"chars": 532,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport;\n\nuse Illuminate\\Contracts\\Auth\\Access\\Authorizable;\n\nclass Content"
},
{
"path": "tests/TestSupport/TestCase.php",
"chars": 12759,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport;\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Database\\S"
},
{
"path": "tests/TestSupport/TestHelper.php",
"chars": 643,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport;\n\nuse Illuminate\\Http\\Request;\nuse Illuminate\\Http\\Response;\nuse Sy"
},
{
"path": "tests/TestSupport/TestModels/Admin.php",
"chars": 180,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nclass Admin extends User\n{\n protected $table = 'adm"
},
{
"path": "tests/TestSupport/TestModels/Client.php",
"chars": 512,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Contracts\\Auth\\Access\\Authorizable as A"
},
{
"path": "tests/TestSupport/TestModels/Content.php",
"chars": 203,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Database\\Eloquent\\Model;\n\nclass Content"
},
{
"path": "tests/TestSupport/TestModels/Manager.php",
"chars": 439,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nclass Manager extends User\n{\n // this function is a"
},
{
"path": "tests/TestSupport/TestModels/Permission.php",
"chars": 801,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Database\\Eloquent\\SoftDeletes;\nuse Illu"
},
{
"path": "tests/TestSupport/TestModels/Role.php",
"chars": 1558,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Database\\Eloquent\\Relations\\BelongsToMa"
},
{
"path": "tests/TestSupport/TestModels/RuntimeRole.php",
"chars": 191,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nclass RuntimeRole extends \\Spatie\\Permission\\Models\\Ro"
},
{
"path": "tests/TestSupport/TestModels/SoftDeletingUser.php",
"chars": 217,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Database\\Eloquent\\SoftDeletes;\n\nclass S"
},
{
"path": "tests/TestSupport/TestModels/TestRolePermissionsEnum.php",
"chars": 1335,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Support\\Str;\n\nenum TestRolePermissionsE"
},
{
"path": "tests/TestSupport/TestModels/User.php",
"chars": 167,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Spatie\\Permission\\Traits\\HasRoles;\n\nclass User ext"
},
{
"path": "tests/TestSupport/TestModels/UserWithoutHasRoles.php",
"chars": 597,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Illuminate\\Auth\\Authenticatable;\nuse Illuminate\\Co"
},
{
"path": "tests/TestSupport/TestModels/WildcardPermission.php",
"chars": 406,
"preview": "<?php\n\nnamespace Spatie\\Permission\\Tests\\TestSupport\\TestModels;\n\nuse Spatie\\Permission\\WildcardPermission as BaseWildca"
},
{
"path": "tests/TestSupport/resources/views/can.blade.php",
"chars": 88,
"preview": "@can($permission, $guard ?? null)\nhas permission\n@else\ndoes not have permission\n@endcan\n"
},
{
"path": "tests/TestSupport/resources/views/guardHasAllRoles.blade.php",
"chars": 121,
"preview": "@hasallroles($roles, $guard)\ndoes have all of the given roles\n@else\ndoes not have all of the given roles\n@endhasallroles"
},
{
"path": "tests/TestSupport/resources/views/guardHasAllRolesArray.blade.php",
"chars": 143,
"preview": "@hasallroles(['super-admin', 'moderator'], $guard)\ndoes have all of the given roles\n@else\ndoes not have all of the given"
},
{
"path": "tests/TestSupport/resources/views/guardHasAllRolesPipe.blade.php",
"chars": 138,
"preview": "@hasallroles(\"super-admin|moderator\", $guard)\ndoes have all of the given roles\n@else\ndoes not have all of the given role"
},
{
"path": "tests/TestSupport/resources/views/guardHasAnyRole.blade.php",
"chars": 114,
"preview": "@hasanyrole($roles, $guard)\ndoes have some of the roles\n@else\ndoes not have any of the given roles\n@endhasanyrole\n"
},
{
"path": "tests/TestSupport/resources/views/guardHasAnyRolePipe.blade.php",
"chars": 131,
"preview": "@hasanyrole(\"super-admin|moderator\", $guard)\ndoes have some of the roles\n@else\ndoes not have any of the given roles\n@end"
},
{
"path": "tests/TestSupport/resources/views/guardHasRole.blade.php",
"chars": 70,
"preview": "@hasrole($role, $guard)\nhas role\n@else\ndoes not have role\n@endhasrole\n"
},
{
"path": "tests/TestSupport/resources/views/guardRole.blade.php",
"chars": 84,
"preview": "@role($role, $guard)\nhas role for guard\n@else\ndoes not have role for guard\n@endrole\n"
},
{
"path": "tests/TestSupport/resources/views/guardunlessrole.blade.php",
"chars": 76,
"preview": "@unlessrole($role, $guard)\ndoes not have role\n@else\nhas role\n@endunlessrole\n"
},
{
"path": "tests/TestSupport/resources/views/hasAllRoles.blade.php",
"chars": 113,
"preview": "@hasallroles($roles)\ndoes have all of the given roles\n@else\ndoes not have all of the given roles\n@endhasallroles\n"
},
{
"path": "tests/TestSupport/resources/views/hasAnyRole.blade.php",
"chars": 106,
"preview": "@hasanyrole($roles)\ndoes have some of the roles\n@else\ndoes not have any of the given roles\n@endhasanyrole\n"
},
{
"path": "tests/TestSupport/resources/views/hasRole.blade.php",
"chars": 62,
"preview": "@hasrole($role)\nhas role\n@else\ndoes not have role\n@endhasrole\n"
},
{
"path": "tests/TestSupport/resources/views/haspermission.blade.php",
"chars": 180,
"preview": "@haspermission($permission, $guard ?? null)\nhas permission\n@elsehaspermission($elsepermission, $guard ?? null)\nhas else "
},
{
"path": "tests/TestSupport/resources/views/role.blade.php",
"chars": 91,
"preview": "@role($role)\nhas role\n@elserole($elserole)\nhas else role\n@else\ndoes not have role\n@endrole\n"
},
{
"path": "tests/TestSupport/resources/views/unlessrole.blade.php",
"chars": 68,
"preview": "@unlessrole($role)\ndoes not have role\n@else\nhas role\n@endunlessrole\n"
},
{
"path": "tests/Traits/HasPermissionsTest.php",
"chars": 28048,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Facades\\Event;\nuse Spatie\\Permission\\Contracts\\Per"
},
{
"path": "tests/Traits/HasPermissionsWithCustomModelsTest.php",
"chars": 32278,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Carbon;\nuse Illuminate\\Support\\Facades\\DB;\nuse Ill"
},
{
"path": "tests/Traits/HasRolesTest.php",
"chars": 33263,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Facades\\DB;\nuse Illuminate\\Support\\Facades\\Event;\n"
},
{
"path": "tests/Traits/HasRolesWithCustomModelsTest.php",
"chars": 36724,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Carbon;\nuse Illuminate\\Support\\Facades\\DB;\nuse Ill"
},
{
"path": "tests/Traits/TeamHasPermissionsTest.php",
"chars": 31911,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Facades\\Event;\nuse Spatie\\Permission\\Contracts\\Per"
},
{
"path": "tests/Traits/TeamHasRolesTest.php",
"chars": 39025,
"preview": "<?php\n\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Illuminate\\Support\\Facades\\DB;\nuse Illuminate\\Support\\Facades\\Event;\n"
},
{
"path": "tests/Traits/WildcardHasPermissionsTest.php",
"chars": 14147,
"preview": "<?php\n\nuse Spatie\\Permission\\Exceptions\\PermissionDoesNotExist;\nuse Spatie\\Permission\\Exceptions\\WildcardPermissionInval"
}
]
About this extraction
This page contains the full source code of the spatie/laravel-permission GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 161 files (651.4 KB), approximately 170.9k tokens, and a symbol index with 259 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.