Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Laravel Permission Extended
Assessments

Laravel Permission Extended Laravel Package

nyoncode/laravel-permission-extended

View on GitHub
Deep Wiki
Context7

Getting Started

Minimal Setup

  1. Installation:

    composer require nyoncode/laravel-permission-extended

    Publish the config (optional, but recommended for customization):

    php artisan vendor:publish --provider="NyonCode\LaravelPermissionExtended\PermissionExtendedServiceProvider"

  2. First Use Case:

    • Wildcard Permissions: Check if a user has any permission under a group: 
      $user->hasPermissionTo('admin.*'); // Checks for 'admin.create', 'admin.edit', etc.
    • Super-Admin Gate: Define a super-admin role (e.g., super-admin) and use the @can directive: 
      @can('anything')
    <!-- Super-admin sees this -->
@endcan

  3. Blade Directives:

    • Enable Blade directives in config/permission-extended.php: 
      'blade' => [
    'enable' => true,
],
    • Use @canwildcard for wildcard checks: 
      @canwildcard('admin.*')
    <!-- User has any admin permission -->
@endcanwildcard

Implementation Patterns

Workflows

  1. Role-Permission Hierarchy:

    • Assign wildcard permissions to roles (e.g., admin.* to the admin role) to grant bulk access.
    • Use hasRoleOrPermission for flexible checks: 
      $user->hasRoleOrPermission('editor|admin.*'); // Checks for 'editor' role OR any 'admin.*' permission.

  2. Livewire Integration:

    • Automatically sync permissions to Livewire components via the PermissionExtendedServiceProvider: 
      // In Livewire component
public function mount()
{
    $this->authorizePermission('admin.*'); // Checks wildcard permissions.
}

  3. Middleware Auto-Registration:

    • Define permission-based middleware in config/permission-extended.php: 
      'middleware' => [
    'admin' => ['admin.*'],
    'editor' => ['editor.*'],
],
    • Apply middleware to routes: 
      Route::middleware(['permission:admin'])->group(function () {
    // Admin-only routes
});

  4. Dynamic Permission Checks:

    • Use Permission::wildcard() to manually check wildcards: 
      if (Permission::wildcard()->userHasPermission($user, 'admin.*')) {
    // Grant access
}

Gotchas and Tips

Pitfalls

  1. Wildcard Caching:

    • Wildcard permissions are not cached by default. For large-scale apps, manually cache results: 
      Cache::remember("user_{$user->id}_permissions", now()->addHours(1), function () use ($user) {
    return $user->hasPermissionTo('admin.*');
});

  2. Super-Admin Overrides:

    • Ensure the super-admin role is explicitly assigned to users who should bypass all checks. The package does not auto-detect this role—configure it in your User model or migration: 
      $user->assignRole('super-admin');

  3. Blade Directive Conflicts:

    • If @canwildcard conflicts with other packages, disable the directive in config/permission-extended.php and use manual checks: 
      'blade' => [
    'enable' => false,
],

  4. Livewire Permission Sync:

    • Livewire components must be mounted after the user is authenticated. Avoid checking permissions in created() or boot() if the user isn’t loaded yet.

Debugging

  • Permission Denied Errors:

    • Use dd($user->getAllPermissions()->pluck('name')) to inspect a user’s permissions.
    • For wildcard issues, verify the exact permission names in the database (e.g., admin.create vs. admin.*).

  • Middleware Not Triggering:

    • Ensure middleware is registered in app/Http/Kernel.php: 
      'permission' => \NyonCode\LaravelPermissionExtended\Middleware\PermissionMiddleware::class,

Extension Points

  1. Custom Wildcard Logic:

    • Override the wildcard resolver in app/Providers/PermissionExtendedServiceProvider.php: 
      public function boot()
{
    Permission::wildcard(function ($permission) {
        // Custom logic for wildcard matching
        return str_contains($permission, '*.');
    });
}

  2. Extending Blade Directives:

    • Add custom directives by publishing the Blade views and extending them: 
      php artisan vendor:publish --tag=permission-extended-views
    • Override resources/views/vendor/permission-extended/canwildcard.blade.php.

  3. Role-Based Wildcards:

    • Create a trait for role-based wildcard checks: 
      trait RoleWildcardPermissions
{
    public function hasRoleWildcardPermission(string $wildcard)
    {
        return $this->roles()->whereHas('permissions', function ($query) use ($wildcard) {
            $query->where('name', 'like', $wildcard);
        })->exists();
    }
}
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope