Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Acl Manager
Assessments

Acl Manager Laravel Package

dizatech/acl-manager

Laravel ACL Manager adds an access control list and user management UI powered by Laratrust. Install via Composer, set your User model in laratrust config, publish the package blade views, and drop into your sidebar to render the admin menu.

View on GitHub
Deep Wiki
Context7

Getting Started

Minimal Setup

  1. Installation

    composer require dizatech/acl-manager

    Publish the package config and migrations:

    php artisan vendor:publish --provider="Dizatech\AclManager\AclManagerServiceProvider" --tag="migrations"
php artisan vendor:publish --provider="Dizatech\AclManager\AclManagerServiceProvider" --tag="config"

    Run migrations:

    php artisan migrate

  2. Basic Configuration Update config/acl-manager.php to define your roles, permissions, and default settings. Example:

    'roles' => [
    'admin' => ['name' => 'Administrator', 'permissions' => ['*']],
    'editor' => ['name' => 'Editor', 'permissions' => ['create', 'edit']],
],

  3. First Use Case: Check User Permissions In a controller or middleware, verify if a user has a permission:

    use Dizatech\AclManager\Facades\AclManager;

if (AclManager::checkPermission('create')) {
    // Allow action
}

Implementation Patterns

Role-Based Workflows

  1. Assign Roles to Users

    $user = User::find(1);
AclManager::assignRole($user, 'editor');

  2. Check Role Membership

    if (AclManager::userHasRole($user, 'admin')) {
    // Admin-specific logic
}

  3. Dynamic Permission Checks Use wildcards (*) for broad permissions or combine checks:

    if (AclManager::checkPermission('post.*') || AclManager::checkPermission('edit')) {
    // Allow if user can edit posts or has edit permission
}

Middleware Integration

Create a middleware to enforce ACL rules globally:

namespace App\Http\Middleware;

use Closure;
use Dizatech\AclManager\Facades\AclManager;

class AclMiddleware
{
    public function handle($request, Closure $next, $permission)
    {
        if (!AclManager::checkPermission($permission)) {
            abort(403);
        }
        return $next($request);
    }
}

Register in app/Http/Kernel.php:

protected $routeMiddleware = [
    'acl' => \App\Http\Middleware\AclMiddleware::class,
];

Use in routes:

Route::get('/admin/dashboard', function () {
    // ...
})->middleware('acl:admin');

Policy Integration (Laravel 5.5+)

Extend Laravel’s built-in policies with ACL checks:

namespace App\Policies;

use App\Models\User;
use App\Models\Post;
use Dizatech\AclManager\Facades\AclManager;

class PostPolicy
{
    public function update(User $user, Post $post)
    {
        return AclManager::checkPermission('edit') || $user->id === $post->user_id;
    }
}

Gotchas and Tips

Pitfalls

  1. Wildcard Overuse Avoid granting * permissions unless absolutely necessary. Wildcards bypass granular checks and can lead to security holes. Fix: Use explicit permissions (e.g., post.create, post.edit) instead of *.

  2. Migration Conflicts If you modify the acl_roles or acl_permissions tables manually, run php artisan migrate:fresh to avoid schema conflicts.

  3. Caching Issues ACL checks are not cached by default. For high-traffic apps, cache role-permission mappings:

    Cache::remember('user-permissions-' . $user->id, now()->addHours(1), function () use ($user) {
    return AclManager::getUserPermissions($user);
});

Debugging

  1. Log Permission Checks Enable debug mode in config/acl-manager.php:

    'debug' => env('APP_DEBUG', false),

    Logs will appear in storage/logs/laravel.log.

  2. Verify Role-Permission Bindings Check the acl_role_permissions pivot table if permissions aren’t applying:

    php artisan tinker
>>> \DB::table('acl_role_permissions')->where('role_id', 1)->get();

Extension Points

  1. Custom Permission Logic Override the Permission model to add logic (e.g., time-based permissions):

    namespace App\Models;

use Dizatech\AclManager\Models\Permission as BasePermission;

class Permission extends BasePermission
{
    public function isValidForUser($user)
    {
        if (!$this->active) return false;
        // Add custom logic (e.g., check user's subscription)
        return parent::isValidForUser($user);
    }
}

  2. Dynamic Role Assignment Use observers or events to auto-assign roles (e.g., on user registration):

    use Dizatech\AclManager\Facades\AclManager;

User::created(function ($user) {
    if ($user->isPremium()) {
        AclManager::assignRole($user, 'premium');
    }
});

  3. API Rate Limiting by Role Combine with Laravel’s rate limiting:

    Route::middleware(['throttle:60,1', 'acl:admin'])->group(function () {
    // Admin-only routes with rate limiting
});
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
sayedenam/sayed-dashboard
milito/query-filter
apiboxsym/user-bundle
apiboxsym/health-check-bundle
jayeshmepani/jpl-moshier-ephemeris-php
elnasnato/laraliveui
labrodev/rest-sdk
sampaui/sampaui
babelqueue/php-sdk
facebook/capi-param-builder-php
babelqueue/symfony
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed