{"id":13669264,"url":"https://github.com/rappasoft/vault","last_synced_at":"2026-01-10T18:51:51.467Z","repository":{"id":26767295,"uuid":"30225286","full_name":"rappasoft/vault","owner":"rappasoft","description":"Roles \u0026 Permissions for the Laravel 5 Framework","archived":true,"fork":false,"pushed_at":"2016-08-20T10:43:12.000Z","size":346,"stargazers_count":103,"open_issues_count":6,"forks_count":10,"subscribers_count":15,"default_branch":"master","last_synced_at":"2024-11-11T05:39:49.318Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rappasoft.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-02-03T04:45:31.000Z","updated_at":"2024-04-20T16:13:38.000Z","dependencies_parsed_at":"2022-07-08T10:31:27.869Z","dependency_job_id":null,"html_url":"https://github.com/rappasoft/vault","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rappasoft%2Fvault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rappasoft%2Fvault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rappasoft%2Fvault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rappasoft%2Fvault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rappasoft","download_url":"https://codeload.github.com/rappasoft/vault/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251077102,"owners_count":21532607,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T08:01:08.000Z","updated_at":"2026-01-10T18:51:51.436Z","avatar_url":"https://github.com/rappasoft.png","language":"PHP","funding_links":[],"categories":["PHP"],"sub_categories":[],"readme":"##This package is no longer maintained. Please use the [full boilerplate](http://www.laravel-boilerplate.com) instead.\n\n# Vault (Laravel 5 Package)\n\n[![Project Status](http://stillmaintained.com/rappasoft/vault.png)](http://stillmaintained.com/rappasoft/vault)\n[![Build Status](https://scrutinizer-ci.com/g/rappasoft/vault/badges/build.png?b=master)](https://scrutinizer-ci.com/g/rappasoft/vault/build-status/master)\n[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/rappasoft/vault/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/rappasoft/vault/?branch=master)\n[![Total Downloads](https://poser.pugx.org/rappasoft/vault/downloads.svg)](https://packagist.org/packages/rappasoft/vault)\n[![License](https://poser.pugx.org/rappasoft/vault/license.svg)](https://packagist.org/packages/rappasoft/vault)\n\nVault is a simple yet powerful access control system for the new Laravel 5 Framework. It comes with a backend user interface to manage users, roles, and permissions as well as the relationships between them.\n\n**Be advised while this package works fully, it is still in development and the code base changes often. A 1.0 tag will be created when the package is stable for release.**\n\n**Examples:**\n[Vault User Index](http://i.imgur.com/yZ80ySY.png)\n[Vault Create Role](http://i.imgur.com/R4yE7nF.png)\n[Vault Edit User](http://i.imgur.com/5ZIRcGV.png)\n[Vault Role Index](http://i.imgur.com/zmfGeEr.png)\n\n## Documentation\n\n* [Setup](#setup)\n    * [Publishing Assets](#publish)\n    * [UserHasRole trait](#userhasrole)\n    * [Dummy Data](#seeding)\n    * [Route Middleware](#middleware)\n* [Configuration] (#configuration)\n    * [Config File](#config_file)\n    * [Vault Views](#vault_views)\n    * [Vault Routes](#vault_routes)\n    * [Status Property](#status_property)\n    * [Route Middleware](#route_middleware)\n        * [Parameters](#route_middleware_params)\n        * [Creating Middleware](#creating_middleware)\n        * [VaultRoute trait](#vault_route_trait)\n    * [Blade Extensions](#blade_extensions)\n* [License] (#license)\n* [Issues] (#issues)\n\n## Prerequisites\n\n- This package assumes you have an installation of Laravel 5 using the pre-packaged authentication library and functionality. For a brand new project, I recommend using my [Laravel 5 Boilerplate Package](https://github.com/rappasoft/laravel-5-boilerplate) and requiring this library.\n- User model must have soft deletes enabled.\n\n\u003ca name=\"setup\"/\u003e\n## Setup\n\nIn the `require` key of `composer.json` file add the following\n\n    \"rappasoft/vault\": \"dev-master\"\n\nRun the Composer update command\n\n    $ composer update\n\nIn your `config/app.php` add the following to your `$providers` and `$aliases` array\n\n```php\n'providers' =\u003e [\n\n    App\\Providers\\EventServiceProvider::class,\n    App\\Providers\\RouteServiceProvider::class,\n    ...\n    Rappasoft\\Vault\\VaultServiceProvider::class,\n    Illuminate\\Html\\HtmlServiceProvider::class,\n\n],\n```\n\n```php\n'aliases' =\u003e [\n\n    'App'       =\u003e Illuminate\\Support\\Facades\\App::class,\n    ...\n    'Form'\t\t=\u003e Illuminate\\Html\\FormFacade::class,\n    'HTML'\t\t=\u003e Illuminate\\Html\\HtmlFacade::class\n\n],\n```\n\n**The Vault Facade is loaded by the service provider by default.**\n\n\u003ca name=\"publish\"/\u003e\nRun the `vendor:publish` command\n\n    $ php artisan vendor:publish --provider=\"Rappasoft\\Vault\\VaultServiceProvider\"\n\nThis will publish the following files to your application:\n\n- app/config/vault.php config file\n- Vault Migration File\n- Vault Seed File (Will add the seed call to the end of your DatabaseSeeder.php class)\n- public/js/vault/*\n- public/css/vault/*\n\nYou can also publish individual assets by tag if need be:\n\n    $ php artisan vendor:publish --provider=\"Rappasoft\\Vault\\VaultServiceProvider\" --tag=\"config\"\n    $ php artisan vendor:publish --provider=\"Rappasoft\\Vault\\VaultServiceProvider\" --tag=\"migration\"\n    $ php artisan vendor:publish --provider=\"Rappasoft\\Vault\\VaultServiceProvider\" --tag=\"seeder\"\n    $ php artisan vendor:publish --provider=\"Rappasoft\\Vault\\VaultServiceProvider\" --tag=\"assets\"\n\n**You can also publish views, see configuration below.**\n\nRun the `dumpautoload` command\n\n    $ composer dumpautoload -o\n\nRun the `migration` command\n\n    $ php artisan migrate\n\n\u003ca name=\"userhasrole\"/\u003e\nAdd the `UserHasRole` trait to your User model:\n\n```php\n\u003c?php namespace App;\n\n...\nuse Illuminate\\Database\\Eloquent\\SoftDeletes;\nuse Rappasoft\\Vault\\Traits\\UserHasRole;\n\nclass User extends Model implements AuthenticatableContract, CanResetPasswordContract {\n\n\tuse Authenticatable, CanResetPassword, SoftDeletes, UserHasRole;\n}\n```\n\n\u003ca name=\"seeding\"/\u003e\nRun the `seed` command\n\n    $ php artisan db:seed --class=\"VaultTableSeeder\"\n\n\u003ca name=\"middleware\"/\u003e\nAdd the `route middleware` to your app/Http/Kernel.php file:\n\n```php\nprotected $routeMiddleware = [\n    'auth' =\u003e App\\Http\\Middleware\\Authenticate::class,\n    'auth.basic' =\u003e Illuminate\\Auth\\Middleware\\AuthenticateWithBasicAuth::class,\n    'guest' =\u003e App\\Http\\Middleware\\RedirectIfAuthenticated::class,\n    ...\n    'vault.routeNeedsRole' =\u003e \\Rappasoft\\Vault\\Http\\Middleware\\RouteNeedsRole::class,\n    'vault.routeNeedsPermission' =\u003e \\Rappasoft\\Vault\\Http\\Middleware\\RouteNeedsPermission::class,\n    'vault.routeNeedsRoleOrPermission' =\u003e \\Rappasoft\\Vault\\Http\\Middleware\\RouteNeedsRoleOrPermission::class,\n];\n```\n\n###That's it! You should now be able to navigate to http://localhost/access/users to see the users index.\n\n\u003ca name=\"configuration\"/\u003e\n## Configuration\n\n\u003ca name=\"config_file\"/\u003e\n###Configuration File\n\n```php\n/*\n* The company name used in the footer of the vault views.\n*/\nvault.general.company_name\n/*\n* Whether or not to load the vault views when the application loads.\n* Useful if you want to copy the vault routes into your own routes file to modify.\n*/\nvault.general.use_vault_routes\n\n/*\n* The namespaced route to the vault role\n*/\nvault.role\n/*\n* The namespaced route to the vault permission\n*/\nvault.permission\n\n/*\n* Used by Vault to save roles to the database.\n*/\nvault.roles_table\n/*\n* Used by Vault to save permissions to the database.\n*/\nvault.permissions_table\n/*\n* Used by Vault to save relationship between permissions and roles to the database.\n*/\nvault.permission_role_table\n/*\n * Used by Vault to save relationship between permissions and users to the database.\n * This table is only for permissions that belong directly to a specific user and not a role\n */\nvault.permission_user_table\n/*\n* Used by Vault to save assigned roles to the database.\n*/\nvault.assigned_roles_table\n\n/*\n* Amount of users to show per page for pagination on users.index\n*/\nvault.users.default_per_page\n/*\n* The rules to validate the users password by when creating a new user\n*/\nvault.users.password_validation\n\n/*\n* Whether a role must contain a permission or can be used standalone (perhaps as a label)\n*/\nvault.roles.role_must_contain_permission\n/*\n * Whether or not the administrator role must possess every permission\n * Works in unison with permissions.permission_must_contain_role\n */\nvault.roles.administrator_forced\n\n/*\n * Whether a permission must contain a role or can be used standalone\n * Works in unison with roles.administrator_forced\n * If a permission doesn't contain a role it can be assigned directly to a user\n */\nvault.permissions.permission_must_contain_role\n\n/*\n * Validation overwrites, at time of validation uses these rules\n * Each must return an array even if a single rule\n*/\nvault.validation.users.create\nvault.validation.users.update\n```\n\n\u003ca name=\"vault_views\"/\u003e\n### Vault Views\n\nBy default the package works without publishing its views. But if you wanted to publish the vault views to your application to take full control, run the vault:views command:\n\n    $ php artisan vault:views\n\n\u003ca name=\"vault_routes\"/\u003e\n### Vault Routes\n\nIf you do not want vault to use its default routes file you can duplicate it and set the `vault.general.use_vault_routes` configuration to false and it will not load by default.\n\n\u003ca name=\"status_property\"/\u003e\n### Utilizing the `status` property\n\nIf would would like to enable enabled/disabled users you can simply do a check wherever you are logging in your user:\n\n```php\nif ($user-\u003estatus == 0)\n    return Redirect::back()-\u003ewithMessage(\"Your account is currently disabled\");\n```\n\n\u003ca name=\"route_middleware\"/\u003e\n## Applying the Route Middleware\n\nLaravel 5 is trying to steer away from the filters.php file and more towards using middleware. Here is an example right from the vault routes file of a group of routes that requires the Administrator role:\n\n```php\nRoute::group([\n\t'middleware' =\u003e 'vault.routeNeedsRole',\n\t'role' =\u003e ['Administrator'],\n\t'redirect' =\u003e '/',\n\t'with' =\u003e ['error', 'You do not have access to do that.']\n], function()\n{\n    Route::group(['prefix' =\u003e 'access'], function ()\n    \t{\n    \t\t/*User Management*/\n    \t\tRoute::resource('users', '\\Rappasoft\\Vault\\Http\\Controllers\\UserController', ['except' =\u003e ['show']]);\n    \t});\n});\n```\n\nThe above code checks to see if the currently authenticated user has the role `Administrator`, if not redirects to `/` with a session variable that has a key of `message` and value of `You do not have access to do that.`\n\nThe following middleware ships with the vault package:\n\n- vault.routeNeedsRole\n- vault.routeNeedsPermission\n- vault.routeNeedsRoleOrPermission\n\n\u003ca name=\"route_middleware_params\"/\u003e\n## Route Parameters\n\n- `middleware` =\u003e The middleware name, you can change them in your app/Http/Kernel.php file.\n- `role` =\u003e A string of one role or an array of roles by name.\n- `permission` =\u003e A string of one permission or an array of permissions by name.\n- `needsAll` =\u003e A boolean, false by default, that states whether or not all of the specified roles/permissions are required to authenticate.\n- `with` =\u003e Sends a session flash on failure. Array with 2 items, first is session key, second is value.\n- `redirect` =\u003e Redirect to a url if authentication fails.\n- `redirectRoute` =\u003e Redirect to a route if authentication fails.\n- `redirectAction` =\u003e Redirect to an action if authentication fails.\n\n**If no redirect is specified a `response('Unauthorized', 401);` will be thrown.**\n\n\u003ca name=\"creating_middleware\"/\u003e\n## Create Your Own Middleware\n\nIf you would like to create your own middleware, the following methods are available.\n\n```php\n/**\n\t * Checks if the user has a Role by its name.\n\t * @param string $name\n\t * @return bool\n*/\nVault::hasRole($role);\n\n/**\n\t * Checks to see if the user has an array of roles, and whether or not all must return true to authenticate\n\t * @param array $roles\n\t * @param boolean $needsAll\n\t * @return bool\n*/\nVault::hasRoles($roles, $needsAll);\n\n/**\n\t * Check if user has a permission by its name.\n\t * @param string $permission.\n\t * @return bool\n*/\nVault::can($permission);\n\n/**\n\t * Check an array of permissions and whether or not all are required to continue\n\t * @param array $permissions\n\t * @param boolean $needsAll\n\t * @return bool\n*/\nVault::canMultiple($permissions, $needsAll);\n```\n**Vault::** by default uses the currently authenticated user. You can also do:\n\n```php\n$user-\u003ehasRole($role);\n$user-\u003ehasRoles($roles, $needsAll);\n$user-\u003ecan($permission);\n$user-\u003ecanMultiple($permissions, $needsAll);\n```\n\n\u003ca name=\"vault_route_trait\"/\u003e\n### VaultRoute trait\n\nIf you would like to take advantage of the methods used by Vault's route handler, you can `use` it:\n\n    use Rappasoft\\Vault\\Traits\\VaultRoute\n\nWhich will give you methods in your middleware to grab route assets. You can then add methods to your middleware to grab assets that vault doesn't grab by default and take advantage of them.\n\n\u003ca name=\"blade_extensions\"/\u003e\n## Blade Extensions\n\nVault comes with @blade extensions to help you show and hide data by role or permission without clogging up your code with unwanted if statements:\n\n```php\n@role('User')\n    This content will only show if the authenticated user has the `User` role.\n@endrole\n\n@permission('can_view_this_content')\n    This content will only show if the authenticated user is somehow associated with the `can_view_this_content` permission.\n@endpermission\n```\n\n**Currently each call only supports one role or permission, however they can be nested.**\n\nIf you want to show or hide a specific section you can do so in your layout files the same way:\n\n```php\n@role('User')\n    @section('special_content')\n@endrole\n\n@permission('can_view_this_content')\n    @section('special_content')\n@endpermission\n```\n\n\u003ca name=\"license\" /\u003e\n## License\n\nVault is free software distributed under the terms of the MIT license.\n\n\u003ca name=\"issues\" /\u003e\n## Additional information\n\nAny issues, please [report here](https://github.com/rappasoft/vault/issues).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frappasoft%2Fvault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frappasoft%2Fvault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frappasoft%2Fvault/lists"}