Laravel Permission Policy

A simple and flexible way to define and apply CRUD policies in Laravel using traits. Designed to work seamlessly with laravel-permission-maker 🎯

✨ Features

• ✅ Out-of-the-box CRUD permission checks
• 🔒 Support for private resource visibility
• 👤 Ownership-based access control
• 🧩 Easy integration using traits
• ⚙️ Configurable behavior via simple settings

📦 Installation

Install the package via Composer:

composer require curly-deni/laravel-permission-policy

⚙️ Configuration

After publishing the config file with:

php artisan vendor:publish --tag="permission-policy-config"

You’ll get the following settings in config/permission-policy.php:

return [

    'register_gate' => true, // Automatically register default gate with policy bindings

    // Toggle specific permission checks:
    'read_check' => false,   // Use 'read' instead of 'view'
    'view_check' => true,    // Check for 'view' permission
    'create_check' => true,  // Check for 'create' permission
    'update_check' => true,  // Check for 'update' permission
    'delete_check' => true,  // Check for 'delete' permission
];

🛠️ Note: If you disable the automatic gate registration ('register_gate' => false), make sure your custom gate implementation supports passing policy arguments via query parameters. You can use the included helper functions to handle this:

• encodeClassWithParams(string $class, array $params): string > Encodes a class name and arguments into a query-safe string.

• decodeClassWithParams(string $encoded): array > Decodes the encoded string back into the original class name and parameters.

🚀 Usage

This package is intended to be used with laravel-permission-maker.

Choose the trait that suits your needs:

🤝 Contributing

See CONTRIBUTING.md for contribution guidelines.

🙌 Credits

• Danila Mikhalev
• All Contributors

📄 License

This package is open-sourced software licensed under the MIT license.