{"id":13563453,"url":"https://github.com/pktharindu/nova-permissions","last_synced_at":"2025-05-15T18:00:23.733Z","repository":{"id":34314094,"uuid":"177280247","full_name":"pktharindu/nova-permissions","owner":"pktharindu","description":"Add Permissions based authorization for your Nova installation via User-based Roles and Permissions. Roles are defined in the database whereas Permissions are defined in the code base.","archived":false,"fork":false,"pushed_at":"2025-05-02T15:27:52.000Z","size":4532,"stargazers_count":136,"open_issues_count":1,"forks_count":20,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-05-02T16:31:42.521Z","etag":null,"topics":["access-control","acl","authentication","authorization","gates","hacktoberfest","laravel","nova","permissions","policies","roles","tool"],"latest_commit_sha":null,"homepage":"https://www.pktharindu.com/projects/nova-permissions","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pktharindu.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"pktharindu"}},"created_at":"2019-03-23T11:25:33.000Z","updated_at":"2025-05-02T15:27:55.000Z","dependencies_parsed_at":"2023-01-15T06:30:38.146Z","dependency_job_id":"098ce113-83ce-41a2-b235-c0bcc0839539","html_url":"https://github.com/pktharindu/nova-permissions","commit_stats":{"total_commits":52,"total_committers":7,"mean_commits":7.428571428571429,"dds":"0.32692307692307687","last_synced_commit":"ad630450795f992281a2b4166fc6cb9bc6c9070f"},"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pktharindu%2Fnova-permissions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pktharindu%2Fnova-permissions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pktharindu%2Fnova-permissions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pktharindu%2Fnova-permissions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pktharindu","download_url":"https://codeload.github.com/pktharindu/nova-permissions/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254394718,"owners_count":22063984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","acl","authentication","authorization","gates","hacktoberfest","laravel","nova","permissions","policies","roles","tool"],"created_at":"2024-08-01T13:01:19.437Z","updated_at":"2025-05-15T18:00:23.698Z","avatar_url":"https://github.com/pktharindu.png","language":"PHP","funding_links":["https://github.com/sponsors/pktharindu"],"categories":["PHP"],"sub_categories":[],"readme":"# Laravel Nova Grouped Permissions (RBAC)\n\n\u003cimg align=\"center\" src=\"https://raw.githubusercontent.com/pktharindu/nova-permissions/master/docs/social-preview.png\" alt=\"banner that says Nova Permissions\"\u003e\n\n![GitHub](https://img.shields.io/github/license/pktharindu/nova-permissions.svg?style=for-the-badge) ![Packagist](https://img.shields.io/packagist/dt/pktharindu/nova-permissions.svg?style=for-the-badge) ![Packagist](https://img.shields.io/packagist/v/pktharindu/nova-permissions.svg?style=for-the-badge)\n\nAdd Permissions based authorization for your Nova installation via Role-Based Access Control (RBAC). Roles are defined in the database whereas Permissions are defined in the code base. It allows you to group your Permissions into Groups and attach it to Users.\n\n| \u003e= Nova 4 | v3.x |\n|-----------|------|\n| \u003c= Nova 3 | v2.x |\n\nIf you like this package, show some love by starring the repo. 🙏\n\nThis package is inspired by [Silvanite\\Brandenburg](https://github.com/Silvanite/brandenburg) as it has clear separation of concerns.\n\n\u003e _Roles_ are defined in the _Database_\n\nand\n\n\u003e _Permissions_ are defined in the _Codebase_\n\nAs a result, you won't see any _Permissions_ resource. The _Roles_ resource will get the permissions from the Gates defined in your code.\n\n- [Laravel Nova Grouped Permissions (RBAC)](#laravel-nova-grouped-permissions-rbac)\n  - [Installation](#installation)\n  - [Permissions with Groups](#permissions-with-groups)\n    - [Index View](#index-view)\n    - [Detail View](#detail-view)\n    - [Edit View](#edit-view)\n  - [Usage](#usage)\n    - [Create a Model Policy](#create-a-model-policy)\n  - [Customization](#customization)\n    - [Use your own Resources](#use-your-own-resources)\n  - [Support](#support)\n  - [Credits](#credits)\n  - [License](#license)\n\n![Tool Demo](https://raw.githubusercontent.com/pktharindu/nova-permissions/master/docs/preview-demo.gif)\n\n## Installation\n\nYou can install the package in to a Laravel app that uses [Nova](https://nova.laravel.com) via composer:\n\n```bash\ncomposer require pktharindu/nova-permissions\n```\n\nPublish the Configuration with the following command:\n\n```bash\nphp artisan vendor:publish --provider=\"Pktharindu\\NovaPermissions\\ToolServiceProvider\" --tag=\"config\"\n```\n\nConfiguration file includes some dummy permissions for your refference. Feel free to remove them and add your own permissions.\n\n```php\n// in config/nova-permissions.php\n\n\u003c?php\n\nreturn [\n    /*\n    |--------------------------------------------------------------------------\n    | User model class\n    |--------------------------------------------------------------------------\n    */\n\n    'user_model' =\u003e 'App\\User',\n\n    /*\n    |--------------------------------------------------------------------------\n    | Nova User resource tool class\n    |--------------------------------------------------------------------------\n    */\n\n    'user_resource' =\u003e 'App\\Nova\\User',\n\n    /*\n    |--------------------------------------------------------------------------\n    | The group associated with the resource\n    |--------------------------------------------------------------------------\n    */\n\n    'role_resource_group' =\u003e 'Other',\n\n    /*\n    |--------------------------------------------------------------------------\n    | Database table names\n    |--------------------------------------------------------------------------\n    | When using the \"HasRoles\" trait from this package, we need to know which\n    | table should be used to retrieve your roles. We have chosen a basic\n    | default value but you may easily change it to any table you like.\n    */\n\n    'table_names' =\u003e [\n        'roles' =\u003e 'roles',\n\n        'role_permission' =\u003e 'role_permission',\n\n        'role_user' =\u003e 'role_user',\n        \n        'users' =\u003e 'users',\n    ],\n\n    /*\n    |--------------------------------------------------------------------------\n    | Application Permissions\n    |--------------------------------------------------------------------------\n    */\n\n    'permissions' =\u003e [\n        'view users' =\u003e [\n            'display_name' =\u003e 'View users',\n            'description'  =\u003e 'Can view users',\n            'group'        =\u003e 'User',\n        ],\n\n        'create users' =\u003e [\n            'display_name' =\u003e 'Create users',\n            'description'  =\u003e 'Can create users',\n            'group'        =\u003e 'User',\n        ],\n\n        // ...\n    ],\n];\n\n```\n\nPublish the Migration with the following command:\n\n```bash\nphp artisan vendor:publish --provider=\"Pktharindu\\NovaPermissions\\ToolServiceProvider\" --tag=\"migrations\"\n```\n\nMigrate the Database:\n\n```bash\nphp artisan migrate\n```\n\nNext up, you must register the tool with Nova. This is typically done in the `tools` method of the `NovaServiceProvider`.\n\n```php\n// in app/Providers/NovaServiceProvider.php\n\npublic function tools()\n{\n    return [\n        // ...\n        new \\Pktharindu\\NovaPermissions\\NovaPermissions(),\n    ];\n}\n```\n\nCreate a new policy:\n\n```bash\nphp artisan make:policy RolePolicy --model=\\Pktharindu\\NovaPermissions\\Role\n```\n\nAfter that, register the `RolePolicy` along with any other policies you may have and define the gates in the `boot` method of the `AuthServiceProvider` like below.\n\n```php\n// in app/Providers/AuthServiceProvider.php\n\nuse Illuminate\\Support\\Facades\\Gate;\nuse Pktharindu\\NovaPermissions\\Traits\\ValidatesPermissions;\nuse Illuminate\\Foundation\\Support\\Providers\\AuthServiceProvider as ServiceProvider;\n\nclass AuthServiceProvider extends ServiceProvider\n{\n    use ValidatesPermissions;\n\n    protected $policies = [\n        \\Pktharindu\\NovaPermissions\\Role::class =\u003e \\App\\Policies\\RolePolicy::class,\n    ];\n\n    public function boot()\n    {\n        $this-\u003eregisterPolicies();\n\n        foreach (config('nova-permissions.permissions') as $key =\u003e $permissions) {\n            Gate::define($key, function (User $user) use ($key) {\n                if ($this-\u003enobodyHasAccess($key)) {\n                    return true;\n                }\n\n                return $user-\u003ehasPermissionTo($key);\n            });\n        }\n    }\n}\n```\n\nThen, use `HasRoles` Traits in your `User` model.\n\n```php\n// in app/User.php\n\nuse Illuminate\\Notifications\\Notifiable;\nuse Pktharindu\\NovaPermissions\\Traits\\HasRoles;\nuse Illuminate\\Foundation\\Auth\\User as Authenticatable;\n\nclass User extends Authenticatable\n{\n    use HasRoles,\n        Notifiable;\n\n    // ...\n}\n```\n\nFinally, add `BelongsToMany` fields to you `app/Nova/User` resource:\n\n```php\nuse Laravel\\Nova\\Fields\\BelongsToMany;\n\npublic function fields(Request $request)\n{\n    return [\n        // ...\n        BelongsToMany::make('Roles', 'roles', \\Pktharindu\\NovaPermissions\\Nova\\Role::class),\n    ];\n}\n```\n\nA new resource called **Roles** will appear in your Nova app after installing this package.\n\n## Permissions with Groups\n\n### Index View\n\n![Detail View](https://raw.githubusercontent.com/pktharindu/nova-permissions/master/docs/index-view.png)\n\n### Detail View\n\n![Detail View](https://raw.githubusercontent.com/pktharindu/nova-permissions/master/docs/detail-view.png)\n\n### Edit View\n\n![Edit View](https://raw.githubusercontent.com/pktharindu/nova-permissions/master/docs/edit-view.png)\n\n## Usage\n\n### Create a Model Policy\n\nTo check permissions, you can create `Model Policies` that works with Laravel Nova.\n\n\u003e **Note**: This package doesn't come with any `Model Policies` built-in. The dummy permissions defined in the config are for your reference only. For each `Nova Resource` including the `Role` and `User` resources, that you want to authorize user actions against, you need to create a Model Policy. Please refer to the [Laravel Docs](https://laravel.com/docs/7.x/authorization#creating-policies) and [Laravel Nova Docs](https://nova.laravel.com/docs/3.0/resources/authorization.html#policies) for additional information.\n\nFor Example: Create a new Post Policy with `php artisan make:policy PostPolicy` with the following code:\n\n```php\n\u003c?php\n\nnamespace App\\Policies;\n\nuse App\\Post;\nuse App\\User;\nuse Illuminate\\Auth\\Access\\HandlesAuthorization;\n\nclass PostPolicy\n{\n    use HandlesAuthorization;\n\n    public function view(User $user, Post $post)\n    {\n        if ($user-\u003ehasPermissionTo('view own posts')) {\n            return $user-\u003eid === $post-\u003euser_id;\n        }\n\n        return $user-\u003ehasPermissionTo('view posts');\n    }\n\n    public function create(User $user)\n    {\n        return $user-\u003ehasAnyPermission(['manage posts', 'manage own posts']);\n    }\n\n    public function update(User $user, Post $post)\n    {\n        if ($user-\u003ehasPermissionTo('manage own posts')) {\n            return $user-\u003eid == $post-\u003euser_id;\n        }\n        return $user-\u003ehasPermissionTo('manage posts');\n    }\n\n    public function delete(User $user, Post $post)\n    {\n        if ($user-\u003ehasPermissionTo('manage own posts')) {\n            return $user-\u003eid === $post-\u003euser_id;\n        }\n\n        return $user-\u003ehasPermissionTo('manage posts');\n    }\n}\n```\n\nIt should now work as exptected. Just create a Role, modify its Permissions and the Policy should take care of the rest.\n\n\u003e **Note**: Don't forget to add your Policy to your `$policies` in `App\\Providers\\AuthServiceProvider` and define the permissions in `config\\nova-permissions.php`.\n\n\u003e `hasPermissionTo()` method determine if any of the assigned roles to this user have a specific permission.\n\n\u003e `hasAnyPermission()` method determine if the model has any of the given permissions.\n\n\u003e `hasAllPermissions()` method determine if the model has all of the given permissions.\n\n\u003e `view own posts` is superior to `view posts` and allows the User to only view his own posts.\n\n\u003e `manage own posts` is superior to `manage posts` and allows the User to only manage his own posts.\n\n## Customization\n\n### Use your own Resources\n\nIf you want to use your own role resource, you can define it when you register the tool:\n\n```php\n// in app/Providers/NovaServiceProvider.php\n\n// ...\n\nuse App\\Nova\\Role;\n\npublic function tools()\n{\n    return [\n        // ...\n        \\Pktharindu\\NovaPermissions\\NovaPermissions::make()\n            -\u003eroleResource(Role::class),\n    ];\n}\n```\n\nThen extend the `Pktharindu\\NovaPermissions\\Nova\\Role` in your role resource:\n\n```php\n// in app/Nova/Role.php\n\nuse Pktharindu\\NovaPermissions\\Nova\\Role as RoleResource;\n\nclass Role extends RoleResource\n{\n    // ...\n}\n```\n\n## Support\n\nIf you require any support please contact me on [Twitter](https://twitter.com/CallMeTharindu) or open an issue on this repository.\n\n## Credits\n\nThis Package is inspired by [eminiarts/nova-permissions](https://novapackages.com/packages/eminiarts/nova-permissions) and [silvanite/novatoolpermissions](https://novapackages.com/packages/silvanite/novatoolpermissions). I wanted to have a combination of both. Thanks to both authors.\n\n## License\n\nCopyright © 2018-2020 P. K. Tharindu and contributors\n\nLicensed under the MIT license, see [LICENSE](https://github.com/pktharindu/nova-permissions/blob/master/LICENSE.md) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpktharindu%2Fnova-permissions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpktharindu%2Fnova-permissions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpktharindu%2Fnova-permissions/lists"}