Light-weight role-based permissions for Laravel 5 built in Auth system.

security, auth, acl, laravel, roles, permissions, eloquent, kodeine



Laravel Source Build Status License Total Downloads

Laravel ACL adds role based permissions to built in Auth System of Laravel 5. ACL middleware protects routes and even crud controller methods.

Table of Contents


  • This package requires PHP 5.4+

Getting Started

  1. Require the package in your composer.json and update your dependency with composer update:
"require": {
"kodeine/laravel-acl": "~1.0@dev",
  1. Add the package to your application service providers in config/app.php.
'providers' => [


  1. Publish the package migrations to your application and run these with `php artisan migrate.
$ php artisan vendor:publish --provider="Kodeine\Acl\AclServiceProvider"

Use your own models. Once you publish, it publishes the configuration file where you can define your own models which should extend to Acl models.

  1. Add the middleware to your app/Http/Kernel.php.
protected $routeMiddleware = [

'acl' => 'Kodeine\Acl\Middleware\HasPermission',

  1. Add the HasRole trait to your User model.
use Kodeine\Acl\Traits\HasRole;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract
use Authenticatable, CanResetPassword, HasRole;


Follow along the Wiki to find out more.


Here's the TODO list for the next release (2.0).

  • Refactoring the source code.
  • Correct all issues.
  • Adding cache to final user permissions.
  • Adding tests.

Change Logs

June 14, 2015 (latest)

March 28, 2015

  • Added Role Scope to get all users having a specific role. e.g User::role('admin')->get(); will list all users having admin role.

March 7, 2015

  • is() and can() methods now support comma for AND and pipe as OR operator. Or pass an operator as a second param. more information
  • You can bind multiple permissions together so they inherit ones permission. more information

Contribution Guidelines

Support follows PSR-2 PHP coding standards, and semantic versioning.

Please report any issue you find in the issues page. Pull requests are welcome.