[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-8306":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":16,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":17,"rankGlobal":10,"rankLanguage":10,"license":18,"archived":19,"fork":19,"defaultBranch":20,"hasWiki":21,"hasPages":19,"topics":22,"createdAt":10,"pushedAt":10,"updatedAt":23,"readmeContent":24,"aiSummary":25,"trendingCount":16,"starSnapshotCount":16,"syncStatus":26,"lastSyncTime":27,"discoverSource":28},8306,"entrust","Zizaco\u002Fentrust","Zizaco","Role-based Permissions for Laravel 5","",null,"PHP",6007,1283,251,373,0,65.33,"MIT License",false,"master",true,[],"2026-06-12 04:00:38","# ENTRUST (Laravel 9|10 Package)\n\nForked from [zizaco\u002Fentrust](https:\u002F\u002Fgithub.com\u002FZizaco\u002Fentrust)\n\nEntrust is a succinct and flexible way to add Role-based Permissions to **Laravel 9|10**.\n\nIf you are using an older version of laravel, use version ~3.0\n\n## Contents\n\n- [ENTRUST (Laravel 9|10 Package)](#entrust-laravel-910-package)\n - [Contents](#contents)\n - [Installation](#installation)\n - [Configuration](#configuration)\n - [User relation to roles](#user-relation-to-roles)\n - [Models](#models)\n - [Role](#role)\n - [Permission](#permission)\n - [User](#user)\n - [Soft Deleting](#soft-deleting)\n - [Usage](#usage)\n - [Concepts](#concepts)\n - [Checking for Roles \\& Permissions](#checking-for-roles--permissions)\n - [User ability](#user-ability)\n - [Blade templates](#blade-templates)\n - [Middleware](#middleware)\n - [Short syntax route filter](#short-syntax-route-filter)\n - [Route filter](#route-filter)\n - [Troubleshooting](#troubleshooting)\n - [License](#license)\n - [Contribution guidelines](#contribution-guidelines)\n\n## Installation\n\n1) In order to install Laravel 5 Entrust, just add the following to your composer.json. Then run `composer update`:\n\n```json\n\"zizaco\u002Fentrust\": \"5.2.x-dev\"\n```\n\n2) Open your `config\u002Fapp.php` and add the following to the `providers` array:\n\n```php\nZizaco\\Entrust\\EntrustServiceProvider::class,\n```\n\n3) In the same `config\u002Fapp.php` and add the following to the `aliases ` array:\n\n```php\n'Entrust' => Zizaco\\Entrust\\EntrustFacade::class,\n```\n\n4) Run the command below to publish the package config file `config\u002Fentrust.php`:\n\n```shell\nphp artisan vendor:publish\n```\n\n5) Open your `config\u002Fauth.php` and add the following to it:\n\n```php\n'providers' => [\n 'users' => [\n 'driver' => 'eloquent',\n 'model' => Namespace\\Of\\Your\\User\\Model\\User::class,\n 'table' => 'users',\n ],\n],\n```\n\n6) If you want to use [Middleware](#middleware) (requires Laravel 5.1 or later) you also need to add the following:\n\n```php\n 'role' => \\Zizaco\\Entrust\\Middleware\\EntrustRole::class,\n 'permission' => \\Zizaco\\Entrust\\Middleware\\EntrustPermission::class,\n 'ability' => \\Zizaco\\Entrust\\Middleware\\EntrustAbility::class,\n```\n\nto `routeMiddleware` array in `app\u002FHttp\u002FKernel.php`.\n\n## Configuration\n\nSet the property values in the `config\u002Fauth.php`.\nThese values will be used by entrust to refer to the correct user table and model.\n\nTo further customize table names and model namespaces, edit the `config\u002Fentrust.php`.\n\n### User relation to roles\n\nNow generate the Entrust migration:\n\n```bash\nphp artisan entrust:migration\n```\n\nIt will generate the `\u003Ctimestamp>_entrust_setup_tables.php` migration.\nYou may now run it with the artisan migrate command:\n\n```bash\nphp artisan migrate\n```\n\nAfter the migration, four new tables will be present:\n- `roles` — stores role records\n- `permissions` — stores permission records\n- `role_user` — stores [many-to-many](http:\u002F\u002Flaravel.com\u002Fdocs\u002F4.2\u002Feloquent#many-to-many) relations between roles and users\n- `permission_role` — stores [many-to-many](http:\u002F\u002Flaravel.com\u002Fdocs\u002F4.2\u002Feloquent#many-to-many) relations between roles and permissions\n\n### Models\n\n#### Role\n\nCreate a Role model inside `app\u002Fmodels\u002FRole.php` using the following example:\n\n```php\n\u003C?php namespace App;\n\nuse Zizaco\\Entrust\\EntrustRole;\n\nclass Role extends EntrustRole\n{\n}\n```\n\nThe `Role` model has three main attributes:\n- `name` — Unique name for the Role, used for looking up role information in the application layer. For example: \"admin\", \"owner\", \"employee\".\n- `display_name` — Human readable name for the Role. Not necessarily unique and optional. For example: \"User Administrator\", \"Project Owner\", \"Widget Co. Employee\".\n- `description` — A more detailed explanation of what the Role does. Also optional.\n\nBoth `display_name` and `description` are optional; their fields are nullable in the database.\n\n#### Permission\n\nCreate a Permission model inside `app\u002Fmodels\u002FPermission.php` using the following example:\n\n```php\n\u003C?php namespace App;\n\nuse Zizaco\\Entrust\\EntrustPermission;\n\nclass Permission extends EntrustPermission\n{\n}\n```\n\nThe `Permission` model has the same three attributes as the `Role`:\n- `name` — Unique name for the permission, used for looking up permission information in the application layer. For example: \"create-post\", \"edit-user\", \"post-payment\", \"mailing-list-subscribe\".\n- `display_name` — Human readable name for the permission. Not necessarily unique and optional. For example \"Create Posts\", \"Edit Users\", \"Post Payments\", \"Subscribe to mailing list\".\n- `description` — A more detailed explanation of the Permission.\n\nIn general, it may be helpful to think of the last two attributes in the form of a sentence: \"The permission `display_name` allows a user to `description`.\"\n\n#### User\n\nNext, use the `EntrustUserTrait` trait in your existing `User` model. For example:\n\n```php\n\u003C?php\n\nuse Zizaco\\Entrust\\Traits\\EntrustUserTrait;\n\nclass User extends Eloquent\n{\n use EntrustUserTrait; \u002F\u002F add this trait to your user model\n\n ...\n}\n```\n\nThis will enable the relation with `Role` and add the following methods `roles()`, `hasRole($name)`, `withRole($name)`, `can($permission)`, and `ability($roles, $permissions, $options)` within your `User` model.\n\nDon't forget to dump composer autoload\n\n```bash\ncomposer dump-autoload\n```\n\n**And you are ready to go.**\n\n#### Soft Deleting\n\nThe default migration takes advantage of `onDelete('cascade')` clauses within the pivot tables to remove relations when a parent record is deleted. If for some reason you cannot use cascading deletes in your database, the EntrustRole and EntrustPermission classes, and the HasRole trait include event listeners to manually delete records in relevant pivot tables. In the interest of not accidentally deleting data, the event listeners will **not** delete pivot data if the model uses soft deleting. However, due to limitations in Laravel's event listeners, there is no way to distinguish between a call to `delete()` versus a call to `forceDelete()`. For this reason, **before you force delete a model, you must manually delete any of the relationship data** (unless your pivot tables uses cascading deletes). For example:\n\n```php\n$role = Role::findOrFail(1); \u002F\u002F Pull back a given role\n\n\u002F\u002F Regular Delete\n$role->delete(); \u002F\u002F This will work no matter what\n\n\u002F\u002F Force Delete\n$role->users()->sync([]); \u002F\u002F Delete relationship data\n$role->perms()->sync([]); \u002F\u002F Delete relationship data\n\n$role->forceDelete(); \u002F\u002F Now force delete will work regardless of whether the pivot table has cascading delete\n```\n\n## Usage\n\n### Concepts\nLet's start by creating the following `Role`s and `Permission`s:\n\n```php\n$owner = new Role();\n$owner->name = 'owner';\n$owner->display_name = 'Project Owner'; \u002F\u002F optional\n$owner->description = 'User is the owner of a given project'; \u002F\u002F optional\n$owner->save();\n\n$admin = new Role();\n$admin->name = 'admin';\n$admin->display_name = 'User Administrator'; \u002F\u002F optional\n$admin->description = 'User is allowed to manage and edit other users'; \u002F\u002F optional\n$admin->save();\n```\n\nNext, with both roles created let's assign them to the users.\nThanks to the `HasRole` trait this is as easy as:\n\n```php\n$user = User::where('username', '=', 'michele')->first();\n\n\u002F\u002F role attach alias\n$user->attachRole($admin); \u002F\u002F parameter can be an Role object, array, or id\n\n\u002F\u002F or eloquent's original technique\n$user->roles()->attach($admin->id); \u002F\u002F id only\n```\n\nNow we just need to add permissions to those Roles:\n\n```php\n$createPost = new Permission();\n$createPost->name = 'create-post';\n$createPost->display_name = 'Create Posts'; \u002F\u002F optional\n\u002F\u002F Allow a user to...\n$createPost->description = 'create new blog posts'; \u002F\u002F optional\n$createPost->save();\n\n$editUser = new Permission();\n$editUser->name = 'edit-user';\n$editUser->display_name = 'Edit Users'; \u002F\u002F optional\n\u002F\u002F Allow a user to...\n$editUser->description = 'edit existing users'; \u002F\u002F optional\n$editUser->save();\n\n$admin->attachPermission($createPost);\n\u002F\u002F equivalent to $admin->perms()->sync(array($createPost->id));\n\n$owner->attachPermissions(array($createPost, $editUser));\n\u002F\u002F equivalent to $owner->perms()->sync(array($createPost->id, $editUser->id));\n```\n\n#### Checking for Roles & Permissions\n\nNow we can check for roles and permissions simply by doing:\n\n```php\n$user->hasRole('owner'); \u002F\u002F false\n$user->hasRole('admin'); \u002F\u002F true\n$user->can('edit-user'); \u002F\u002F false\n$user->can('create-post'); \u002F\u002F true\n```\n\nBoth `hasRole()` and `can()` can receive an array of roles & permissions to check:\n\n```php\n$user->hasRole(['owner', 'admin']); \u002F\u002F true\n$user->can(['edit-user', 'create-post']); \u002F\u002F true\n```\n\nBy default, if any of the roles or permissions are present for a user then the method will return true.\nPassing `true` as a second parameter instructs the method to require **all** of the items:\n\n```php\n$user->hasRole(['owner', 'admin']); \u002F\u002F true\n$user->hasRole(['owner', 'admin'], true); \u002F\u002F false, user does not have admin role\n$user->can(['edit-user', 'create-post']); \u002F\u002F true\n$user->can(['edit-user', 'create-post'], true); \u002F\u002F false, user does not have edit-user permission\n```\n\nYou can have as many `Role`s as you want for each `User` and vice versa.\n\nThe `Entrust` class has shortcuts to both `can()` and `hasRole()` for the currently logged in user:\n\n```php\nEntrust::hasRole('role-name');\nEntrust::can('permission-name');\n\n\u002F\u002F is identical to\n\nAuth::user()->hasRole('role-name');\nAuth::user()->can('permission-name');\n```\n\nYou can also use placeholders (wildcards) to check any matching permission by doing:\n\n```php\n\u002F\u002F match any admin permission\n$user->can(\"admin.*\"); \u002F\u002F true\n\n\u002F\u002F match any permission about users\n$user->can(\"*_users\"); \u002F\u002F true\n```\n\nTo filter users according a specific role, you may use withRole() scope, for example to retrieve all admins:\n```\n$admins = User::withRole('admin')->get();\n\u002F\u002F or maybe with a relationsship\n$company->users()->withRole('admin')->get();\n```\n\n\n#### User ability\n\nMore advanced checking can be done using the awesome `ability` function.\nIt takes in three parameters (roles, permissions, options):\n- `roles` is a set of roles to check.\n- `permissions` is a set of permissions to check.\n\nEither of the roles or permissions variable can be a comma separated string or array:\n\n```php\n$user->ability(array('admin', 'owner'), array('create-post', 'edit-user'));\n\n\u002F\u002F or\n\n$user->ability('admin,owner', 'create-post,edit-user');\n```\n\nThis will check whether the user has any of the provided roles and permissions.\nIn this case it will return true since the user is an `admin` and has the `create-post` permission.\n\nThe third parameter is an options array:\n\n```php\n$options = array(\n 'validate_all' => true | false (Default: false),\n 'return_type' => boolean | array | both (Default: boolean)\n);\n```\n\n- `validate_all` is a boolean flag to set whether to check all the values for true, or to return true if at least one role or permission is matched.\n- `return_type` specifies whether to return a boolean, array of checked values, or both in an array.\n\nHere is an example output:\n\n```php\n$options = array(\n 'validate_all' => true,\n 'return_type' => 'both'\n);\n\nlist($validate, $allValidations) = $user->ability(\n array('admin', 'owner'),\n array('create-post', 'edit-user'),\n $options\n);\n\nvar_dump($validate);\n\u002F\u002F bool(false)\n\nvar_dump($allValidations);\n\u002F\u002F array(4) {\n\u002F\u002F ['role'] => bool(true)\n\u002F\u002F ['role_2'] => bool(false)\n\u002F\u002F ['create-post'] => bool(true)\n\u002F\u002F ['edit-user'] => bool(false)\n\u002F\u002F }\n\n```\nThe `Entrust` class has a shortcut to `ability()` for the currently logged in user:\n\n```php\nEntrust::ability('admin,owner', 'create-post,edit-user');\n\n\u002F\u002F is identical to\n\nAuth::user()->ability('admin,owner', 'create-post,edit-user');\n```\n\n### Blade templates\n\nThree directives are available for use within your Blade templates. What you give as the directive arguments will be directly passed to the corresponding `Entrust` function.\n\n```php\n@role('admin')\n \u003Cp>This is visible to users with the admin role. Gets translated to\n \\Entrust::role('admin')\u003C\u002Fp>\n@endrole\n\n@permission('manage-admins')\n \u003Cp>This is visible to users with the given permissions. Gets translated to\n \\Entrust::can('manage-admins'). The @can directive is already taken by core\n laravel authorization package, hence the @permission directive instead.\u003C\u002Fp>\n@endpermission\n\n@ability('admin,owner', 'create-post,edit-user')\n \u003Cp>This is visible to users with the given abilities. Gets translated to\n \\Entrust::ability('admin,owner', 'create-post,edit-user')\u003C\u002Fp>\n@endability\n```\n\n### Middleware\n\nYou can use a middleware to filter routes and route groups by permission or role\n```php\nRoute::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function() {\n Route::get('\u002F', 'AdminController@welcome');\n Route::get('\u002Fmanage', ['middleware' => ['permission:manage-admins'], 'uses' => 'AdminController@manageAdmins']);\n});\n```\n\nIt is possible to use pipe symbol as *OR* operator:\n```php\n'middleware' => ['role:admin|root']\n```\n\nTo emulate *AND* functionality just use multiple instances of middleware\n```php\n'middleware' => ['role:owner', 'role:writer']\n```\n\nFor more complex situations use `ability` middleware which accepts 3 parameters: roles, permissions, validate_all\n```php\n'middleware' => ['ability:admin|owner,create-post|edit-user,true']\n```\n\n### Short syntax route filter\n\nTo filter a route by permission or role you can call the following in your `app\u002FHttp\u002Froutes.php`:\n\n```php\n\u002F\u002F only users with roles that have the 'manage_posts' permission will be able to access any route within admin\u002Fpost\nEntrust::routeNeedsPermission('admin\u002Fpost*', 'create-post');\n\n\u002F\u002F only owners will have access to routes within admin\u002Fadvanced\nEntrust::routeNeedsRole('admin\u002Fadvanced*', 'owner');\n\n\u002F\u002F optionally the second parameter can be an array of permissions or roles\n\u002F\u002F user would need to match all roles or permissions for that route\nEntrust::routeNeedsPermission('admin\u002Fpost*', array('create-post', 'edit-comment'));\nEntrust::routeNeedsRole('admin\u002Fadvanced*', array('owner','writer'));\n```\n\nBoth of these methods accept a third parameter.\nIf the third parameter is null then the return of a prohibited access will be `App::abort(403)`, otherwise the third parameter will be returned.\nSo you can use it like:\n\n```php\nEntrust::routeNeedsRole('admin\u002Fadvanced*', 'owner', Redirect::to('\u002Fhome'));\n```\n\nFurthermore both of these methods accept a fourth parameter.\nIt defaults to true and checks all roles\u002Fpermissions given.\nIf you set it to false, the function will only fail if all roles\u002Fpermissions fail for that user.\nUseful for admin applications where you want to allow access for multiple groups.\n\n```php\n\u002F\u002F if a user has 'create-post', 'edit-comment', or both they will have access\nEntrust::routeNeedsPermission('admin\u002Fpost*', array('create-post', 'edit-comment'), null, false);\n\n\u002F\u002F if a user is a member of 'owner', 'writer', or both they will have access\nEntrust::routeNeedsRole('admin\u002Fadvanced*', array('owner','writer'), null, false);\n\n\u002F\u002F if a user is a member of 'owner', 'writer', or both, or user has 'create-post', 'edit-comment' they will have access\n\u002F\u002F if the 4th parameter is true then the user must be a member of Role and must have Permission\nEntrust::routeNeedsRoleOrPermission(\n 'admin\u002Fadvanced*',\n array('owner', 'writer'),\n array('create-post', 'edit-comment'),\n null,\n false\n);\n```\n\n### Route filter\n\nEntrust roles\u002Fpermissions can be used in filters by simply using the `can` and `hasRole` methods from within the Facade:\n\n```php\nRoute::filter('manage_posts', function()\n{\n \u002F\u002F check the current user\n if (!Entrust::can('create-post')) {\n return Redirect::to('admin');\n }\n});\n\n\u002F\u002F only users with roles that have the 'manage_posts' permission will be able to access any admin\u002Fpost route\nRoute::when('admin\u002Fpost*', 'manage_posts');\n```\n\nUsing a filter to check for a role:\n\n```php\nRoute::filter('owner_role', function()\n{\n \u002F\u002F check the current user\n if (!Entrust::hasRole('Owner')) {\n App::abort(403);\n }\n});\n\n\u002F\u002F only owners will have access to routes within admin\u002Fadvanced\nRoute::when('admin\u002Fadvanced*', 'owner_role');\n```\n\nAs you can see `Entrust::hasRole()` and `Entrust::can()` checks if the user is logged in, and then if he or she has the role or permission.\nIf the user is not logged the return will also be `false`.\n\n## Troubleshooting\n\nIf you encounter an error when doing the migration that looks like:\n\n```\nSQLSTATE[HY000]: General error: 1005 Can't create table 'laravelbootstrapstarter.#sql-42c_f8' (errno: 150)\n (SQL: alter table `role_user` add constraint role_user_user_id_foreign foreign key (`user_id`)\n references `users` (`id`)) (Bindings: array ())\n```\n\nThen it's likely that the `id` column in your user table does not match the `user_id` column in `role_user`.\nMake sure both are `INT(10)`.\n\nWhen trying to use the EntrustUserTrait methods, you encounter the error which looks like\n\n Class name must be a valid object or a string\n\nthen probably you don't have published Entrust assets or something went wrong when you did it.\nFirst of all check that you have the `entrust.php` file in your `config` directory.\nIf you don't, then try `php artisan vendor:publish` and, if it does not appear, manually copy the `\u002Fvendor\u002Fzizaco\u002Fentrust\u002Fsrc\u002Fconfig\u002Fconfig.php` file in your config directory and rename it `entrust.php`.\n\nIf your app uses a custom namespace then you'll need to tell entrust where your `permission` and `role` models are, you can do this by editing the config file in `config\u002Fentrust.php`\n\n```\n'role' => 'Custom\\Namespace\\Role'\n```\n```\n'permission' => 'Custom\\Namespace\\permission'\n```\n## License\n\nEntrust is free software distributed under the terms of the MIT license.\n\n## Contribution guidelines\n\nSupport follows PSR-1 and PSR-4 PHP coding standards, and semantic versioning.\n\nPlease report any issue you find in the issues page.\nPull requests are welcome.\n","Entrust 是一个为 Laravel 9 和 10 提供基于角色权限管理的 PHP 包。其核心功能包括用户与角色、权限之间的关联,支持通过中间件和 Blade 模板进行权限检查。项目采用简洁灵活的设计,允许开发者自定义模型和表名,以适应不同应用需求,并且支持软删除特性来管理数据。适用于需要实现细粒度访问控制的各种 Laravel 应用场景,如后台管理系统、多用户平台等。",2,"2026-06-11 03:17:16","top_language"]