Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- Simple, fast routing engine.
- Powerful dependency injection container.
- Multiple back-ends for session and cache storage.
- Expressive, intuitive database ORM.
- Database agnostic schema migrations.
- Robust background job processing.
- Real-time event broadcasting.
Laravel is accessible, powerful, and provides tools required for large, robust applications.
Laravel has the most extensive and thorough documentation and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.
You may also try the Laravel Bootcamp, where you will be guided through building a modern Laravel application from scratch.
If you don't feel like reading, Laracasts can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the Laravel Partners program.
- Vehikl
- Tighten Co.
- WebReinvent
- Kirschbaum Development Group
- 64 Robots
- Curotec
- Cyber-Duck
- DevSquad
- Jump24
- Redberry
- Active Logic
- byte5
- OP.GG
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the Laravel documentation.
In order to ensure that the Laravel community is welcoming to all, please review and abide by the Code of Conduct.
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via taylor@laravel.com. All security vulnerabilities will be promptly addressed.
The Laravel framework is open-sourced software licensed under the MIT license.
Quaeris Fila3 Mono is a comprehensive Laravel-based modular application built on the Laraxot framework. This project implements a complete authorization system with policies for all models across all modules.
- Modular Architecture: Built using Laravel Modules for clean separation of concerns
- Comprehensive Authorization: Complete policy system for all models
- Automatic Policy Registration: Policies are automatically discovered and registered
- Multi-Tenant Support: Full multi-tenancy with tenant-aware policies
- Filament Integration: Modern admin panel with policy-aware interfaces
- Type Safety: PHPStan Level 10 compliance for maximum code quality
The project consists of the following modules:
- User: User management, authentication, and authorization
- Xot: Base framework functionality and shared components
- UI: User interface components and themes
- Cms: Content management system with pages, menus, and sections
- Media: File and media management
- FormBuilder: Dynamic form creation and management
- Geo: Geographic data management (countries, regions, cities, addresses)
- Tenant: Multi-tenant architecture support
- Quaeris: Survey management and analytics
- Limesurvey: Integration with LimeSurvey platform
- Chart: Data visualization and charting
- Job: Background job management and scheduling
- Activity: Activity logging and tracking
- Notify: Notification system
- CloudStorage: Cloud storage integration
- DbForge: Database schema management
- Gdpr: GDPR compliance tools
- Lang: Internationalization and translation management
- Setting: Application configuration management
All policies are automatically discovered and registered through the XotBaseServiceProvider. Each module scans its models and registers corresponding policies.
Each module has its own base policy class:
abstract class ModuleNameBasePolicy
{
use HandlesAuthorization;
public function before(UserContract $user, string $ability): ?bool
{
if ($user->hasRole('super-admin')) {
return true;
}
return null;
}
}Consistent permission naming across all modules:
model_name.viewAny- View any recordsmodel_name.view- View specific recordmodel_name.create- Create new recordsmodel_name.update- Update recordsmodel_name.delete- Delete recordsmodel_name.restore- Restore soft-deleted recordsmodel_name.forceDelete- Permanently delete records
- Clone the repository
- Install dependencies:
composer install - Configure environment variables
- Run migrations:
php artisan migrate - Seed permissions and roles:
php artisan db:seed
public function show(Model $model)
{
$this->authorize('view', $model);
return view('model.show', compact('model'));
}@can('update', $model)
<a href="{{ route('model.edit', $model) }}">Edit</a>
@endcanTables\Actions\EditAction::make()
->visible(fn ($record) => auth()->user()->can('update', $record))- PHPStan Level 10 compliance required
- Strict type declarations in all files
- Comprehensive PHPDoc for all methods
- Follow PSR-12 coding standards
- Extend appropriate base policy class
- Implement all standard CRUD methods
- Use permission-based authorization
- Consider model ownership and relationships
- Include comprehensive tests
- Follow Laraxot module structure
- Implement policies for all models
- Use proper namespace conventions
- Maintain comprehensive documentation
- All access controlled through policies
- Permission-based system with role hierarchy
- Super admin override for all policies
- Default deny approach for security
- Tenant-aware policies
- Data isolation between tenants
- Tenant-specific permissions
- Policy Implementation Guide
- User Module Documentation
- [Module-specific documentation in each module's docs folder]
- Follow the established coding standards
- Implement policies for all new models
- Add comprehensive tests
- Update documentation
- Ensure PHPStan Level 10 compliance
This project is proprietary software. All rights reserved.
For support and questions, please refer to the project documentation or contact the development team.
Last updated: January 2025