Implementing RBAC function in laravel by using enter extension package


To use enter in laravel, you first need toComposerTo install its dependent packages:

composer require zizaco/entrust 5.2.x-de

After installation, you need toconfig/app.phpTo register a service provider in the providers array:


At the same time, register the corresponding facade to the aliases array in the configuration file

‘Entrust’ => Zizaco\Entrust\EntrustFacade::class,

If you want to use middleware (requires laravel 5.1 or higher), you also need to add the following code toapp/Http/ Kernel.php RoutemiddlewareArray:

'role' => \Zizaco\Entrust\Middleware\EntrustRole::class,
'permission' => \Zizaco\Entrust\Middleware\EntrustPermission::class,
'ability' => \Zizaco\Entrust\Middleware\EntrustAbility::class,

② Configuration

In the configuration fileconfig/auth.phpEnter will use these configuration values to select the corresponding user table and model class

'providers' => [
 'users' => [
 'driver' => 'eloquent',
 'model' => App\User::class,
 'table' => 'users',

You can also publish the configuration of the extension package to customize the related table name and the model class namespace

php artisan vendor:publish

This command will create a entrust.php Documents.

3. User role permission table

Next, we use the migration command provided by enter to generate the migration file

php artisan entrust:migration

If you execute the above command, the following error occurs:


Processing method: vendor > zizaco > Enter > SRC > commands – > MigrationCommand.php And change the “fire” method to “handle”, and then generate the corresponding data table through the following command:

php artisan migrate

Finally, four new tables will be generated:

  • Roles — storage roles
  • Permissions — storage permissions
  • role_ User — the many to many relationship between storage roles and users
  • permission_ Role — the many to many relationship between storage roles and permissions

4. Model class

We need to create the role model class app/ Role.php The contents are as follows:

<?php namespace App;
use Zizaco\Entrust\EntrustRole;
class Role extends EntrustRole

The role model has three main attributes:

  • Name — the unique name of the role, such as “admin”, “owner”, “employee”, etc
  • display_ Name — human readable role name, such as “backstage administrator”, “author”, “employer”, etc
  • Description — detailed description of the role
  • display_ The name and description attributes are optional, and the corresponding fields in the database are empty by default.


Next, create the permission model app/ Permission.php The contents are as follows:

<?php namespace App;
use Zizaco\Entrust\EntrustPermission;
class Permission extends EntrustPermission

The permission model also has three main attributes:

  • Name — the unique name of the permission, such as “create post”, “Edit post”, etc
  • display_ Name — human readable permission name, such as “publish article”, “Edit article”, etc
  • Description — detailed description of the permission


Next, we use entrustusertrait in the user model


namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Zizaco\Entrust\Traits\EntrustUserTrait;

class User extends Authenticatable
 use Notifiable;
 use EntrustUserTrait;

 * The attributes that are mass assignable.
 * @var array
 protected $fillable = [
 'name', 'email', 'password',

 * The attributes that should be hidden for arrays.
 * @var array
 protected $hidden = [
 'password', 'remember_token',

This will establish the relationship between “user” and “role”: add “role” in the user modelroles()  hasRole($name)  can($permission)Andability($roles,$permissions,$options) method.

Soft delete

It is used by default in the association table generated by the migration command provided by enteronDelete('cascade') So that the parent record can be deleted and its corresponding association relationship can be removed. If you can’t use cascading deletion in the database for some reason, you can manually delete the records in the association table in the event listener provided by entrustrole, entrustpermission class and hasrole trait. If soft deletion is used in the model, the event listener will not delete the associated table data when the data is accidentally deleted. However, due to the limitations of the laravel event listener, it is temporarily impossible to distinguish whether to call delete() or notforceDelete()For this reason, before you delete a model, you must manually delete all associated data (unless your data table uses cascading deletion)

$role = Role:: findorfail (1); // get the given permission

//Normal deletion
//Force delete
$role - > users() - > sync ([]); // delete associated data
$role - > perms() - > sync ([]); // delete associated data

$role - > forcedelete(); // the PivotTable will take effect regardless of whether there is cascading deletion


So far, this article about the implementation of RBAC in laravel by using the enter extension package is introduced. For more information about the implementation of RBAC by using the enter extension package, please search the previous articles of developer or continue to browse the following articles. I hope you can support developer more in the future!

Recommended Today

Third party calls wechat payment interface

Step one: preparation 1. Wechat payment interface can only be called if the developer qualification has been authenticated on wechat open platform, so the first thing is to authenticate. It’s very simple, but wechat will charge 300 yuan for audit 2. Set payment directory Login wechat payment merchant platform( pay.weixin.qq . com) — > Product […]