bican/roles
最新稳定版本:2.1.7
Composer 安装命令:
composer require bican/roles
包简介
Powerful package for handling roles and permissions in Laravel 5.
README 文档
README
Powerful package for handling roles and permissions in Laravel 5 (5.1 and also 5.0).
Installation
This package is very easy to set up. There are only couple of steps.
Composer
Pull this package in through Composer (file composer.json).
{ "require": { "php": ">=5.5.9", "laravel/framework": "5.1.*", "bican/roles": "2.1.*" } }
If you are still using Laravel 5.0, you must pull in version
1.7.*.
Run this command inside your terminal.
composer update Service Provider
Add the package to your application service providers in config/app.php file.
'providers' => [ /* * Laravel Framework Service Providers... */ Illuminate\Foundation\Providers\ArtisanServiceProvider::class, Illuminate\Auth\AuthServiceProvider::class, ... /** * Third Party Service Providers... */ Bican\Roles\RolesServiceProvider::class, ],
Config File And Migrations
Publish the package config file and migrations to your application. Run these commands inside your terminal.
php artisan vendor:publish --provider="Bican\Roles\RolesServiceProvider" --tag=config php artisan vendor:publish --provider="Bican\Roles\RolesServiceProvider" --tag=migrations And also run migrations.
php artisan migrate This uses the default users table which is in Laravel. You should already have the migration file for the users table available and migrated.
HasRoleAndPermission Trait And Contract
Include HasRoleAndPermission trait and also implement HasRoleAndPermission contract inside your User model.
use Bican\Roles\Traits\HasRoleAndPermission; use Bican\Roles\Contracts\HasRoleAndPermission as HasRoleAndPermissionContract; class User extends Model implements AuthenticatableContract, CanResetPasswordContract, HasRoleAndPermissionContract { use Authenticatable, CanResetPassword, HasRoleAndPermission;
And that's it!
Usage
Creating Roles
use Bican\Roles\Models\Role; $adminRole = Role::create([ 'name' => 'Admin', 'slug' => 'admin', 'description' => '', // optional 'level' => 1, // optional, set to 1 by default ]); $moderatorRole = Role::create([ 'name' => 'Forum Moderator', 'slug' => 'forum.moderator', ]);
Because of
Slugabletrait, if you make a mistake and for example leave a space in slug parameter, it'll be replaced with a dot automatically, because ofstr_slugfunction.
Attaching And Detaching Roles
It's really simple. You fetch a user from database and call attachRole method. There is BelongsToMany relationship between User and Role model.
use App\User; $user = User::find($id); $user->attachRole($adminRole); // you can pass whole object, or just an id
$user->detachRole($adminRole); // in case you want to detach role $user->detachAllRoles(); // in case you want to detach all roles
Checking For Roles
You can now check if the user has required role.
if ($user->is('admin')) { // you can pass an id or slug // or alternatively $user->hasRole('admin') }
You can also do this:
if ($user->isAdmin()) { // }
And of course, there is a way to check for multiple roles:
if ($user->is('admin|moderator')) { /* | Or alternatively: | $user->is('admin, moderator'), $user->is(['admin', 'moderator']), | $user->isOne('admin|moderator'), $user->isOne('admin, moderator'), $user->isOne(['admin', 'moderator']) */ // if user has at least one role } if ($user->is('admin|moderator', true)) { /* | Or alternatively: | $user->is('admin, moderator', true), $user->is(['admin', 'moderator'], true), | $user->isAll('admin|moderator'), $user->isAll('admin, moderator'), $user->isAll(['admin', 'moderator']) */ // if user has all roles }
Levels
When you are creating roles, there is optional parameter level. It is set to 1 by default, but you can overwrite it and then you can do something like this:
if ($user->level() > 4) { // }
If user has multiple roles, method
levelreturns the highest one.
Level has also big effect on inheriting permissions. About it later.
Creating Permissions
It's very simple thanks to Permission model.
use Bican\Roles\Models\Permission; $createUsersPermission = Permission::create([ 'name' => 'Create users', 'slug' => 'create.users', 'description' => '', // optional ]); $deleteUsersPermission = Permission::create([ 'name' => 'Delete users', 'slug' => 'delete.users', ]);
Attaching And Detaching Permissions
You can attach permissions to a role or directly to a specific user (and of course detach them as well).
use App\User; use Bican\Roles\Models\Role; $role = Role::find($roleId); $role->attachPermission($createUsersPermission); // permission attached to a role $user = User::find($userId); $user->attachPermission($deleteUsersPermission); // permission attached to a user
$role->detachPermission($createUsersPermission); // in case you want to detach permission $role->detachAllPermissions(); // in case you want to detach all permissions $user->detachPermission($deleteUsersPermission); $user->detachAllPermissions();
Checking For Permissions
if ($user->can('create.users') { // you can pass an id or slug // } if ($user->canDeleteUsers()) { // }
You can check for multiple permissions the same way as roles. You can make use of additional methods like canOne, canAll or hasPermission.
Permissions Inheriting
Role with higher level is inheriting permission from roles with lower level.
There is an example of this magic:
You have three roles: user, moderator and admin. User has a permission to read articles, moderator can manage comments and admin can create articles. User has a level 1, moderator level 2 and admin level 3. It means, moderator and administrator has also permission to read articles, but administrator can manage comments as well.
If you don't want permissions inheriting feature in you application, simply ignore
levelparameter when you're creating roles.
Entity Check
Let's say you have an article and you want to edit it. This article belongs to a user (there is a column user_id in articles table).
use App\Article; use Bican\Roles\Models\Permission; $editArticlesPermission = Permission::create([ 'name' => 'Edit articles', 'slug' => 'edit.articles', 'model' => 'App\Article', ]); $user->attachPermission($editArticlesPermission); $article = Article::find(1); if ($user->allowed('edit.articles', $article)) { // $user->allowedEditArticles($article) // }
This condition checks if the current user is the owner of article. If not, it will be looking inside user permissions for a row we created before.
if ($user->allowed('edit.articles', $article, false)) { // now owner check is disabled // }
Blade Extensions
There are four Blade extensions. Basically, it is replacement for classic if statements.
@role('admin') // @if(Auth::check() && Auth::user()->is('admin')) // user is admin @endrole @permission('edit.articles') // @if(Auth::check() && Auth::user()->can('edit.articles')) // user can edit articles @endpermission @level(2) // @if(Auth::check() && Auth::user()->level() >= 2) // user has level 2 or higher @endlevel @allowed('edit', $article) // @if(Auth::check() && Auth::user()->allowed('edit', $article)) // show edit button @endallowed @role('admin|moderator', 'all') // @if(Auth::check() && Auth::user()->is('admin|moderator', 'all')) // user is admin and also moderator @else // something else @endrole
Middleware
This package comes with VerifyRole, VerifyPermission and VerifyLevel middleware. You must add them inside your app/Http/Kernel.php file.
/** * The application's route middleware. * * @var array */ protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'role' => \Bican\Roles\Middleware\VerifyRole::class, 'permission' => \Bican\Roles\Middleware\VerifyPermission::class, 'level' => \Bican\Roles\Middleware\VerifyLevel::class, ];
Now you can easily protect your routes.
$router->get('/example', [ 'as' => 'example', 'middleware' => 'role:admin', 'uses' => 'ExampleController@index', ]); $router->post('/example', [ 'as' => 'example', 'middleware' => 'permission:edit.articles', 'uses' => 'ExampleController@index', ]); $router->get('/example', [ 'as' => 'example', 'middleware' => 'level:2', // level >= 2 'uses' => 'ExampleController@index', ]);
It throws \Bican\Roles\Exceptions\RoleDeniedException, \Bican\Roles\Exceptions\PermissionDeniedException or \Bican\Roles\Exceptions\LevelDeniedException exceptions if it goes wrong.
You can catch these exceptions inside app/Exceptions/Handler.php file and do whatever you want.
/** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { if ($e instanceof \Bican\Roles\Exceptions\RoleDeniedException) { // you can for example flash message, redirect... return redirect()->back(); } return parent::render($request, $e); }
Config File
You can change connection for models, slug separator, models path and there is also a handy pretend feature. Have a look at config file for more information.
More Information
For more information, please have a look at HasRoleAndPermission contract.
License
This package is free software distributed under the terms of the MIT license.
bican/roles 适用场景与选型建议
bican/roles 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 239.4k 次下载、GitHub Stars 达 1.16k, 最近一次更新时间为 2026 年 01 月 04 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「auth」 「acl」 「laravel」 「roles」 「permissions」 「illuminate」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 bican/roles 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 bican/roles 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 bican/roles 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Laravel Multiauth package
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
This package provides a flexible way to add Role-based Permissions to Laravel 6.x
Email Toolkit Plugin for CakePHP
This package provides a flexible way to add Role-based Permissions to Laravel
AclManager plugin for CakePHP 3.x
统计信息
- 总下载量: 239.4k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1185
- 点击次数: 23
- 依赖项目数: 8
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-01-04