{"id":13395960,"url":"https://github.com/artesaos/defender","last_synced_at":"2025-04-15T03:49:51.432Z","repository":{"id":27693266,"uuid":"31179862","full_name":"artesaos/defender","owner":"artesaos","description":"Roles \u0026 Permissions for Laravel","archived":false,"fork":false,"pushed_at":"2024-03-01T17:35:00.000Z","size":540,"stargazers_count":441,"open_issues_count":32,"forks_count":96,"subscribers_count":42,"default_branch":"master","last_synced_at":"2025-04-15T03:49:45.422Z","etag":null,"topics":["acl","acl-library","defender","laravel","middleware","php","rbac"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/artesaos.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-02-22T20:49:54.000Z","updated_at":"2024-11-08T16:04:29.000Z","dependencies_parsed_at":"2024-01-15T04:08:07.890Z","dependency_job_id":"80e704e8-cd96-48f9-9f73-ede51dc94041","html_url":"https://github.com/artesaos/defender","commit_stats":{"total_commits":378,"total_committers":30,"mean_commits":12.6,"dds":0.5952380952380952,"last_synced_commit":"4ede99d33f6cdfb4c63811498fbf1b53fda59568"},"previous_names":[],"tags_count":40,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/artesaos%2Fdefender","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/artesaos%2Fdefender/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/artesaos%2Fdefender/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/artesaos%2Fdefender/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/artesaos","download_url":"https://codeload.github.com/artesaos/defender/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249003943,"owners_count":21196794,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acl","acl-library","defender","laravel","middleware","php","rbac"],"created_at":"2024-07-30T18:00:36.429Z","updated_at":"2025-04-15T03:49:51.417Z","avatar_url":"https://github.com/artesaos.png","language":"PHP","funding_links":[],"categories":["Popular Packages","Laravel","PHP"],"sub_categories":["Laravel"],"readme":"# Defender\n----------\n\nDefender is an Access Control List (ACL) Solution for Laravel 5 / 6 / 7 / 8 / 9 (single auth). **(Not compatible with multi-auth)**  \nWith security and usability in mind, this project aims to provide you a safe way to control your application access without losing the fun of coding.\n\n\u003e Current Build Status\n\n[![Build Status](https://travis-ci.org/artesaos/defender.svg?branch=master)](https://travis-ci.org/artesaos/defender)\n[![Code Climate](https://codeclimate.com/github/artesaos/defender/badges/gpa.svg)](https://codeclimate.com/github/artesaos/defender)\n[![StyleCI](https://styleci.io/repos/31179862/shield)](https://styleci.io/repos/31179862)\n\n\u003e Statistics\n\n[![Latest Stable Version](https://poser.pugx.org/artesaos/defender/v/stable.svg)](https://packagist.org/packages/artesaos/defender)\n[![Latest Unstable Version](https://poser.pugx.org/artesaos/defender/v/unstable.svg)](https://packagist.org/packages/artesaos/defender) [![License](https://poser.pugx.org/artesaos/defender/license.svg)](https://packagist.org/packages/artesaos/defender)\n[![Total Downloads](https://poser.pugx.org/artesaos/defender/downloads.svg)](https://packagist.org/packages/artesaos/defender)\n[![Monthly Downloads](https://poser.pugx.org/artesaos/defender/d/monthly.png)](https://packagist.org/packages/artesaos/defender)\n[![Daily Downloads](https://poser.pugx.org/artesaos/defender/d/daily.png)](https://packagist.org/packages/artesaos/defender)\n\n\n## Contribution welcome\n\nDefender is looking for maintainers and contributors.\n\n## Installation\n\n### 1. Dependency\n\nUsing \u003ca href=\"https://getcomposer.org/\" target=\"_blank\"\u003ecomposer\u003c/a\u003e, execute the following command to automatically update your `composer.json`, using the corresponding package version:\n\n| Version Constraint     | Package Version |\n| ---------------------- | --------------- |\n| \u003e= 5.0.\\* \u0026\u0026 \u003c= 5.3.\\* | 0.6.\\*          |\n| ~5.4, ~5.5             | 0.7.\\*          |\n| \u003e= 5.6.\\*              | 0.8.\\*          |\n| ^6.0                   | 0.9.\\*          |\n| ^7.0                   | 0.10.\\*         |\n| ^8.0                   | 0.11.\\*         |\n| ^9.0                   | 0.12.\\*         |\n\n```shell\ncomposer require artesaos/defender\n```\n\nor manually update your `composer.json` file\n\n```json\n{\n    \"require\": {\n        \"artesaos/defender\": \"~0.10.0\"\n    }\n}\n```\n\n### 2. Provider\n\n\u003e If you are using Laravel \u003e= 5.5 skip this section since our package support auto-discovery.\n\nYou need to update your application configuration in order to register the package, so it can be loaded by Laravel. Just update your `config/app.php` file adding the following code at the end of your `'providers'` section:\n\n```php\n// file START ommited\n    'providers' =\u003e [\n        // other providers ommited\n        \\Artesaos\\Defender\\Providers\\DefenderServiceProvider::class,\n    ],\n// file END ommited\n```\n\n### 3. User Class\n\nOn your User class, add the trait `Artesaos\\Defender\\Traits\\HasDefender` to enable the creation of permissions and roles:\n\n```php\n\u003c?php\n\nnamespace App;\n\nuse Illuminate\\Auth\\Authenticatable;\nuse Illuminate\\Database\\Eloquent\\Model;\nuse Artesaos\\Defender\\Traits\\HasDefender;\nuse Illuminate\\Auth\\Passwords\\CanResetPassword;\nuse Illuminate\\Contracts\\Auth\\Authenticatable as AuthenticatableContract;\nuse Illuminate\\Contracts\\Auth\\CanResetPassword as CanResetPasswordContract;\n\nclass User extends Model implements AuthenticatableContract, CanResetPasswordContract\n{\n    use Authenticatable, CanResetPassword, HasDefender;\n...\n```\n\nIf you are using laravel 5.2+, there is a small difference:\n\n```php\n\u003c?php\n\nnamespace App;\n\nuse Artesaos\\Defender\\Traits\\HasDefender;\nuse Illuminate\\Foundation\\Auth\\User as Authenticatable;\n\nclass User extends Authenticatable\n{\n    use HasDefender;\n...\n```\n\n#### 4. Publishing configuration file and migrations\n\nTo publish the default configuration file and database migrations, execute the following command:\n\n```shell\nphp artisan vendor:publish\n```\n\nExecute the migrations, so that the tables on you database are created:\n\n```shell\nphp artisan migrate\n```\n\nYou can also publish only the configuration file or the migrations:\n\n```shell\nphp artisan vendor:publish --tag=config\n```\nOr\n```shell\nphp artisan vendor:publish --tag=migrations\n```\n\nIf you already published defender files, but for some reason you want to override previous published files, add the `--force` flag.\n\n### 5. Facade (optional)\nIn order to use the `Defender` facade, you need to register it on the `config/app.php` file, you can do that the following way:\n\n```php\n// config.php file\n// file START ommited\n    'aliases' =\u003e [\n        // other Facades ommited\n        'Defender' =\u003e \\Artesaos\\Defender\\Facades\\Defender::class,\n    ],\n// file END ommited\n```\n\n### 6. Defender Middlewares (optional)\nIf you have to control the access Defender provides middlewares to protect your routes.\nIf you have to control the access through the Laravel routes, Defender has some built-in middlewares for the trivial tasks. To use them, just put it in your `app/Http/Kernel.php` file.\n\n```php\nprotected $routeMiddleware = [\n    'auth'            =\u003e \\App\\Http\\Middleware\\Authenticate::class,\n    'auth.basic'      =\u003e \\Illuminate\\Auth\\Middleware\\AuthenticateWithBasicAuth::class,\n    'guest'           =\u003e \\App\\Http\\Middleware\\RedirectIfAuthenticated::class,\n\n    // Access control using permissions\n    'needsPermission' =\u003e \\Artesaos\\Defender\\Middlewares\\NeedsPermissionMiddleware::class,\n\n    // Simpler access control, uses only the groups\n    'needsRole' =\u003e \\Artesaos\\Defender\\Middlewares\\NeedsRoleMiddleware::class\n];\n```\n\nYou'll see how to use the middlewares below.\n\n#### 6.1 - Create your own middleware\n\nIf the built-in middlewares doesn't fit your needs, you can make your own by using [Defender's API](#using-the-facade) to control the access.\n\n## Usage\n\nDefender handles only access control. The authentication is still made by Laravel's `Auth`.\n\n**Note: If you are using a different model for your users or has changed the namespace, please update the user_model key on your defender config file**\n\n### Creating roles and permissions\n\n#### With commands\n\nYou can use these commands to create the roles and permissions for you application.\n\n```shell\nphp artisan defender:make:role admin  # creates the role admin\nphp artisan defender:make:role admin --user=1 # creates the role admin and attaches this role to the user where id=1\nphp artisan defender:make:permission users.index \"List all the users\" # creates the permission\nphp artisan defender:make:permission users.create \"Create user\" --user=1 # creates the permission and attaches it to user where id=1\nphp artisan defender:make:permission users.destroy \"Delete user\" --role=admin # creates the permission and attaches it to the role admin\n```\n\n#### With the seeder or artisan tinker\n\nYou can also use the Defender's API. You can create a Laravel Seeder or use `php artisan tinker`.\n\n```php\n\nuse App\\User;\n\n$roleAdmin = Defender::createRole('admin');\n\n// The first parameter is the permission name\n// The second is the \"friendly\" version of the name. (usually for you to show it in your application).\n$permission =  Defender::createPermission('user.create', 'Create Users');\n\n// You can assign permission directly to a user.\n$user = User::find(1);\n$user-\u003eattachPermission($permission);\n\n// or you can add the user to a group and that group has the power to rule create users.\n$roleAdmin-\u003eattachPermission($permission);\n\n// Now this user is in the Administrators group.\n$user-\u003eattachRole($roleAdmin);\n```\n\n### Using the middleware\n\nTo protect your routes, you can use the built-in middlewares.\n\n\u003e Defender requires Laravel's Auth, so, use the `auth` middleware before the Defender's middleware that you intend to use.\n\n#### Checking Permissions: needsPermissionMiddleware\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission'], 'shield' =\u003e 'user.create', function()\n{\n    return 'Yes I can!';\n}]);\n```\n\nIf you're using Laravel 5.1+ it's possible to use Middleware Parameters.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission:user.index'], function() {\n    return 'Yes I can!';\n}]);\n```\n\nWith this syntax it's also possible to use the middleware within your controllers.\n\n```php\n$this-\u003emiddleware('needsPermission:user.index');\n```\n\nYou can pass an array of permissions to check on.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission'], 'shield' =\u003e ['user.index', 'user.create'], function()\n{\n    return 'Yes I can!';\n}]);\n```\n\nWhen using middleware parameters, use a `|` to separate multiple permissions.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission:user.index|user.create'], function() {\n    return 'Yes I can!';\n}]);\n```\n\nOr within controllers:\n\n```php\n$this-\u003emiddleware('needsPermission:user.index|user.create');\n```\n\nWhen you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add `'any' =\u003e true`.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission'], 'shield' =\u003e ['user.index', 'user.create'], 'any' =\u003e true, function()\n{\n    return 'Yes I can!';\n}]);\n```\n\nOr, with middleware parameters, pass it as the 2nd parameter\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsPermission:user.index|user.create,true'], function() {\n    return 'Yes I can!';\n}]);\n```\n\nOr within controllers:\n\n```php\n$this-\u003emiddleware('needsPermission:user.index|user.create,true');\n```\n\n----------\n\n#### Checking Roles: needsRoleMiddleware\n\nThis is similar to the previous middleware, but only the roles are checked, it means that it doesn't check the permissions.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole'], 'is' =\u003e 'admin', function()\n{\n    return 'Yes I am!';\n}]);\n```\n\nIf you're using Laravel 5.1 it's possible to use Middleware Parameters.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole:admin'], function() {\n    return 'Yes I am!';\n}]);\n```\n\nWith this syntax it's also possible to use the middleware within your controllers.\n\n```php\n$this-\u003emiddleware('needsRole:admin');\n```\n\nYou can pass an array of permissions to check on.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole'], 'shield' =\u003e ['admin', 'member'], function()\n{\n    return 'Yes I am!';\n}]);\n```\n\nWhen using middleware parameters, use a `|` to separate multiple roles.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole:admin|editor'], function() {\n    return 'Yes I am!';\n}]);\n```\n\nOr within controllers:\n\n```php\n$this-\u003emiddleware('needsRole:admin|editor');\n```\n\nWhen you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add `'any' =\u003e true`.\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole'], 'is' =\u003e ['admin', 'member'], 'any' =\u003e true, function()\n{\n    return 'Yes I am!';\n}]);\n```\n\nOr, with middleware parameters, pass it as the 2nd parameter\n\n```php\nRoute::get('foo', ['middleware' =\u003e ['auth', 'needsRole:admin|editor,true'], function() {\n    return 'Yes I am!';\n}]);\n```\n\nOr within controllers:\n\n```php\n$this-\u003emiddleware('needsRole:admin|editor,true');\n```\n\n----------\n\n### Using in Views\n\nLaravel's Blade extension for using Defender.\n\n#### @shield\n\n```\n@shield('user.index')\n    shows your protected stuff\n@endshield\n```\n\n```\n@shield('user.index')\n    shows your protected stuff\n@else\n    shows the data for those who doesn't have the user.index permission\n@endshield\n```\n\nYou can also use wildcard(*)\n\n```\n@shield('user.*')\n    shows your protected stuff\n@else\n    shows the data for those who doesn't have the any permission with 'user' prefix\n@endshield\n```\n\n#### @is\n\n```\n@is('admin')\n    Shows data for the logged user and that belongs to the admin role\n@endis\n```\n\n```\n@is('admin')\n    Shows data for the logged user and that belongs to the admin role\n@else\n    shows the data for those who doesn't have the admin permission\n@endis\n```\n\n```\n@is(['role1', 'role2'])\n    Shows data for the logged user and that belongs to the admin role\n@else\n    shows the data for those who doesn't have the admin permission\n@endis\n```\n\n#### Using javascript helper\n\nThe stand provides helper for when you need to interact with the user permissions on the front-end.\n\n```php\necho Defender::javascript()-\u003erender();\n// or\necho app('defender')-\u003ejavascript()-\u003erender();\n// or\necho app('defender.javascript')-\u003erender();\n```\n\nThis helper injects a javascript code with all permissions and roles of the current user.\n\n----------\n\n### Using the Facade\n\nWith the Defender's Facade you can access the API and use it at any part of your application.\n\n----------\n\n##### `Defender::hasPermission($permission)`:\n\nCheck if the logged user has the `$permission`.\n\n----------\n\n##### `Defender::canDo($permission)`:\n\nCheck if the logged user has the `$permission`. If the role `superuser` returns true\n\n----------\n\n##### `Defender::roleHasPermission($permission)`:\n\nCheck if the logged user has the `$permission` checking only the role permissions.\n\n----------\n\n##### `Defender::hasRole($roleName)`:\n\nCheck if the logged user belongs to the role `$roleName`.\n\n----------\n\n##### `Defender::roleExists($roleName)`:\n\nCheck if the role `$roleName` exists in the database.\n\n----------\n\n##### `Defender::permissionExists($permissionName)`:\n\nCheck if the permission `$permissionName` exists in the database.\n\n----------\n\n##### `Defender::findRole($roleName)`:\n\nFind the role in the database by the name `$roleName`.\n\n----------\n\n##### `Defender::findRoleById($roleId)`:\n\nFind the role in the database by the role ID `roleId`.\n\n----------\n\n##### `Defender::findPermission($permissionName)`:\n\nFind the permission in the database by the name `$permissionName`.\n\n----------\n\n##### `Defender::findPermissionById($permissionId)`:\n\nFind the permission in the database by the ID `$permissionId`.\n\n----------\n\n##### `Defender::createRole($roleName)`:\n\nCreate a new role in the database.\n\n----------\n\n##### `Defender::createPermission($permissionName)`:\n\nCreate a new permission in the database.\n\n##### `Defender::is($roleName)`:\n\nCheck whether the current user belongs to the role.\n\n##### `Defender::javascript()-\u003erender()`:\n\nReturns a javascript script with a list of all roles and permissions of the current user.\nThe variable name can be modified.\n\n----------\n\n### Using the trait\n\nTo add the Defender's features, you need to add the trait `HasDefender` in you User model (usually `App\\User`).\n\n```php\n\u003c?php namespace App;\n\n// Declaration of other omitted namespaces\nuse Artesaos\\Defender\\Traits\\HasDefender;\n\nclass User extends Model implements AuthenticatableContract, CanResetPasswordContract {\n\n    use Authenticatable, CanResetPassword, HasDefender;\n\n    // Rest of the class\n}\n```\n\nThis trait, beyond configuring the relationships, will add the following methods to your object `App\\User`:\n\n##### `public function hasPermission($permission)`:\n\nThis method checks if the logged user has the permission `$permission`\n\nIn Defender, there are 2 kind of permissions: `User permissions` and `Role permissions`. By default, the permissions that the user inherits, are permissions of the roles that it belongs to. However, always that a user pemission is set, it will take precedence of role permission.\n\n```php\npublic function foo(Authenticable $user)\n{\n    if ($user-\u003ehasPermission('user.create'));\n}\n```\n\n----------\n\n##### `public function roleHasPermission($permission)`:\n\nThis method works the same way the previous one, the only diference is that the user permissions are not considered, however, only the role's permissions that the user belongs are used to check the access.\n\n```php\npublic function foo(Authenticable $user)\n{\n    if ($user-\u003eroleHasPermission('user.create');\n}\n```\n\n----------\n\n##### `public function attachRole($role)`:\n\nAttach the user to the role `$role`. The `$role` variable might be an object of the type `Artesaos\\Defender\\Role` or an array containing the `ids` of the roles.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $role = Defender::findRole('admin'); // Returns an Artesao\\Defender\\Role\n    $user-\u003eattachRole($role);\n\n    // or\n\n    $roles = [1, 2, 3]; // Using an array of ids\n    $user-\u003eattachRole($roles);\n}\n```\n\n----------\n\n\n##### `public function detachRole($role)`:\n\nDetach the role `$role` from the user (inverse to `attachRole()`).\n\n```php\npublic function foo(Authenticable $user)\n{\n    $role = Defender::findRole('admin'); // Returns an Artesao\\Defender\\Role\n    $user-\u003edetachRole($role);\n\n    // ou\n\n    $roles = [1, 2, 3]; // Using an array of ids\n    $user-\u003edetachRole($roles);\n}\n```\n\n----------\n\n##### `public function syncRoles(array $roles = array())`:\n\nThis is like the `attachRole()` method, but only the roles in the array `$roles` will be on the relationship after the method runs. `$roles` is an array of `ids` for the needed roles.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $roles = [1, 2, 3]; // Using an array of ids\n\n    $user-\u003esyncRoles($roles);\n}\n```\n\n----------\n\n##### `public function attachPermission($permission, array $options = array())`:\n\nAttach the user to the permission `$permission`. The `$permission` variable is an instance of the `Artesaos\\Defender\\Permission` class.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $permission = Defender::findPermission('user.create');\n\n    $user-\u003eattachPermission($permission, [\n        'value' =\u003e true // true = has the permission, false = doesn't have the permission,\n    ]);\n}\n```\n\n----------\n\n##### `public function detachPermission($permission)`:\n\nRemove the permission `$permission` from the user. The `$permission` variable might be an instance of the `Artesaos\\Defender\\Permission` class or an array of `ids` with the ids of the permissions to be removed.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $permission = Defender::findPermission('user.create');\n    $user-\u003edetachPermission($permission);\n\n    // or\n\n    $permissions = [1, 3];\n    $user-\u003edetachPermission($permissions);\n}\n```\n\n----------\n\n##### `public function syncPermissions(array $permissions)`:\n\nThis is like the method `syncRoles`, but only the roles in the array `$permissions` be on the relationship after the method runs.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $permissions = [\n        1 =\u003e ['value' =\u003e false],\n        2 =\u003e ['value' =\u003e true,\n        3 =\u003e ['value' =\u003e true]\n    ];\n\n    $user-\u003esyncPermissions($permissions);\n}\n```\n\n----------\n\n##### `public function revokePermissions()`:\n\nRemove all the user permissions.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $user-\u003erevokePermissions();\n}\n```\n\n----------\n\n##### `public function revokeExpiredPermissions()`:\n\nRemove all the temporary expired pemissions from the user. More about temporary permissions below.\n\n```php\npublic function foo(Authenticable $user)\n{\n    $user-\u003erevokeExpiredPermissions();\n}\n```\n\n----------\n\n### Temporary permissions\n\nOne of Defender's coolest features is to add temporary permissions to a group or an user.\n\n#### For example\n\n\u003e *The user John belongs to the role 'admins', however I want to temporaly remove the John's permission to create new users*\n\nIn this case we need to attach an permission with the value equal to `false`, explicitly prohibiting the user to perform that action. You must add this permission, with the `false` value, since by default, the user permissions are inherited of the permissions of their roles. When you assign a user permission, this will always take precedence.\n\nFor instance. Below we revoke the permission `user.create` for the user during 7 days.\n\n```php\npublic function foo()\n{\n    $userX = App\\User::find(3);\n    $permission = Defender::findPermission('user.create');\n\n\n    $userX-\u003eattachPermission($permission, [\n        'value' =\u003e false, // false means that he will not have the permission,\n        'expires' =\u003e \\Carbon\\Carbon::now()-\u003eaddDays(7) // Set the permission's expiration date\n    ]);\n\n}\n```\n\nAfter 7 days, the user will take the permission again.\n\n----------\n\n\u003e *Allow that a user can perform some action by a period of time.*\n\nTo allow that a user have temporary access to perform a given action, just set the `expires` key. The `value` key will be `true` by default.\n\n```php\npublic function foo()\n{\n    $user = App\\User::find(1);\n    $permission = Defender::findPermission('user.create');\n\n    $user-\u003eattachPermission($permission, [\n        'expires' =\u003e \\Carbon\\Carbon::now()-\u003eaddDays(7)\n    ];\n}\n```\n\nIt's also possible to extend an existing temporary:\nJust use the `$user-\u003eextendPermission($permissionName, array $options)` method.\n\n## Using custom Role and Permission models\n\nTo use your own classes for Role and Permission models, first set the `role_model` and `permission_model` keys at `defender.php` config.\n\nFollowing are two examples of how Role and Permission models must be implemented for MongoDB using [jenssegers/laravel-mongodb](https://github.com/jenssegers/laravel-mongodb) driver:\n\n```php\n    \u003c?php\n    \n    // Role model\n    \n    namespace App;\n    \n    use Jenssegers\\Mongodb\\Eloquent\\Model;\n    use Artesaos\\Defender\\Traits\\Models\\Role;\n    use Artesaos\\Defender\\Contracts\\Role as RoleInterface;\n    \n    /**\n     * Class Role.\n     */\n    class Role extends Model implements RoleInterface {\n        use Role;\n    }\n```\n\n```php\n    \u003c?php\n    \n    // Permission model\n    \n    namespace App;\n    \n    use Jenssegers\\Mongodb\\Eloquent\\Model;\n    use Artesaos\\Defender\\Traits\\Models\\Permission;\n    use Artesaos\\Defender\\Contracts\\Permission as PermissionInterface;\n    \n    /**\n     * Class Permission.\n     */\n    class Permission extends Model implements PermissionInterface\n    {\n        use Permission;    \n    }\n```\n\nYou must use the correct traits and each class has to implemet the corresponding interface contract.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fartesaos%2Fdefender","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fartesaos%2Fdefender","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fartesaos%2Fdefender/lists"}