Permission Manager

Codacy Badge StyleCI License Total Downloads Latest Stable Version

Permission Manager dependency for Laravel Enso



  • permissions are managed based on the user role
  • allows creating, updating and deleting of permissions for each route
  • has the access-route policy which can be used to check if the a user is authorized on a given route
  • comes with the VerifyRouteAccess middleware that checks against unauthorized access

Under the Hood

  • inside web.php there is a route for each action within the application, and each route has the name attribute defined
  • for each route where we need to have authorization checks, we must define a permission, permission which needs to have the same name as the route
  • routes:
    • are nested, the resulting name looking something like group1.group2...route
    • when creating new routes, be sure to follow the Enso convention and use camelCase (myGroup.myRoute) instead of snake_case(my_group.my_route) or mix-n-matching. This will make for a more consistent feel and also ensure the Enso logic will work as designed.
  • for each request we check the existence of the link between the user's role and the permission for the request's route
  • permissions' attributes:
    • name: see above
    • description - is human readable and is used when displaying a user's action history (on his profile page)
    • type - may be read or write and is an informative flag
    • is_default - flag which lets us know if a permission needs to be automatically allotted to any new role we create
  • for routes where we don't need to have authorization checks, permissions are not mandatory, BUT
  • if we want to log and display the users' actions, permissions become necessary, as they're used when displaying statistics
  • permissions are automatically grouped together, based on their segments, in the UI, for presentation and functional purposes, so administrators can easily configure roles


The Laravel Enso Core package comes with this package included.

Depends on: