A simple, robust, and easy-to-manage Laravel role-permission system (one role per user) — no external dependencies like Spatie.
Built and maintained by Jaber Masud
composer require njbm/role-permissioncomposer update njbm/role-permissioncomposer require njbm/role-permission:^1.0.1
composer remove njbm/role-permission
// config/app.php
'providers' => [
RolePermission\RolePermissionServiceProvider::class,
],
'aliases' => [
'AccessControl' => RolePermission\Facades\AccessControl::class,
],
php artisan vendor:publish --provider="RolePermission\RolePermissionServiceProvider" --tag=config
php artisan migrate
php artisan db:seed --class="RolePermission\Seeders\RolePermissionSeeder"
🔐 Seeder uses config('role-permission.default_roles') to assign permissions to each role.
Add trait to your Admin or User model (must have role_id column):
use RolePermission\Traits\HasPermissions;
class Admin extends Authenticatable
{
use HasPermissions;
}
Use the AccessControl facade anywhere to check permissions or roles:
use AccessControl;
if (AccessControl::can('edit address')) {
// Authorized
}
if (AccessControl::role('admin')) {
// Admin only
}Add middleware to app/Http/Kernel.php:
'check.permission' => \RolePermission\Middleware\CheckPermission::class,
Use middleware on routes:
'check.permission' => \RolePermission\Middleware\CheckPermission::class,
Register in AppServiceProvider:
Blade::if('canDo', function ($permission) {
return \AccessControl::can($permission);
});
Use in Blade templates:
@canDo('delete address')
<button>Delete</button>
@endcanDo
return [
'default_roles' => [
'admin' => [
'edit address',
'delete address',
'view dashboard',
],
'editor' => [
'edit address',
],
],
];Install package via composer
Publish config and migrate database tables
Seed default roles and permissions
Add trait to your User/Admin model
Use AccessControl facade for permission checks
Protect routes with middleware
Use optional Blade directive for cleaner views
MIT License — created by Jaber Masud
jaber.netlify.app