explaingit

spatie/laravel-permission

12,884PHPAudience · developerComplexity · 2/5LicenseSetup · easy

TLDR

A Laravel package that adds database-backed user roles and permissions to your web app, letting you control who can do what with simple, expressive code compatible with Laravel's built-in authorization.

Mindmap

mindmap
  root((Laravel Permission))
    Core Concepts
      Roles
      Permissions
      Users
    Features
      Direct permissions
      Role assignment
      DB-backed storage
    Setup
      Composer install
      Run migrations
      Laravel integration
    Alternatives
      Bouncer
      Laratrust
      Entrust
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Add role-based access control to a Laravel app, such as separating admin, editor, and viewer users.

USE CASE 2

Grant a specific permission directly to one user without creating a full role for them.

USE CASE 3

Check user permissions inside Laravel controllers or Blade templates using standard built-in authorization methods.

Tech stack

PHPLaravelComposer

Getting it running

Difficulty · easy Time to first run · 30min
Free to use in any project including commercial use, just keep the license notice.

In plain English

This package adds a user permission and role system to Laravel, a popular PHP web framework. It lets you store permissions and roles in a database and attach them to users, making it straightforward to control who can do what inside a web application. The core idea is simple: you can grant a permission directly to a user (for example, "edit articles"), or you can create a role like "writer" and attach the permission to the role, then assign the role to users. Either way, Laravel's standard authorization tools recognize the permission and let you check it with the same built-in methods you would use normally. Installation follows the standard Laravel package process via Composer, and full documentation covering setup, configuration, and upgrade notes is hosted on the Spatie website. The package has been downloaded millions of times and is widely used in production Laravel applications. This is an open-source project published by Spatie, a software company based in Antwerp, Belgium. It is free to use under the MIT license. Spatie asks that users who run it in production send a postcard from their hometown as a small token of appreciation, though this is entirely optional. A handful of alternative packages exist for similar use cases in Laravel, including Bouncer, Laratrust, and Entrust, each taking slightly different approaches to teams, wildcard matching, or structure.

Copy-paste prompts

Prompt 1
Using spatie/laravel-permission, show me how to create an 'editor' role with 'edit articles' and 'publish articles' permissions and assign it to a user.
Prompt 2
How do I check in a Laravel controller whether the current user has the 'delete posts' permission using spatie/laravel-permission?
Prompt 3
Write the Composer install command and migration steps needed to add spatie/laravel-permission to an existing Laravel 11 project.
Prompt 4
How does spatie/laravel-permission differ from Bouncer for managing Laravel user permissions? Which should I choose?
Prompt 5
Show me how to assign multiple roles to a user at once and then revoke one of them using this package.
Open on GitHub → Explain another repo

← spatie on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.