DEV Community

Er Amit Gupta
Er Amit Gupta

Posted on

🌟 Choosing the Right Role-Permission Package for Laravel: erag/laravel-role-permission vs. spatie/laravel-permission 🌟

If you’re building a Laravel app with user roles and permissions, the right package can make all the difference. Spatie/laravel-permission is a trusted name in the Laravel ecosystem, while erag/laravel-role-permission adds innovative features for projects with more complex requirements. Here’s an in-depth look to help you decide which is the better fit for your project needs.


🔹 1. Core Features and Philosophy

Spatie/laravel-permission offers a well-structured approach to handling roles and permissions, covering essential use cases with ease. It’s ideal if you need:

  • Role and Permission Models: Built-in models for managing roles and permissions.
  • Flexible Permission Checks: Easy integration with middleware and Blade directives for quick access control.
  • Custom Guards: Support for multiple guards, making it adaptable across different authentication setups.

Erag/laravel-role-permission goes beyond the basics, focusing on advanced customization and extended functionality. Built with flexibility in mind, it suits projects where access management needs to be more dynamic and context-specific. Highlights include:

  • Time-Bound Permissions: Assign temporary permissions that expire automatically.
  • Seamless Setup Commands: Publish migration files, models, and seeders with a single command.
  • Enhanced Middleware Options: Provides role-permission-based middleware that integrates well with Laravel’s routing.

🔹 2. Installation and Setup

Spatie/laravel-permission:

A familiar setup for most Laravel developers, Spatie’s package requires configuring middleware, publishing migrations, and modifying models. You can get it running quickly with commands like:

composer require spatie/laravel-permission
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
php artisan migrate
Enter fullscreen mode Exit fullscreen mode

Erag/laravel-role-permission:

A simpler setup with consolidated commands. The erag:publish-permission command covers everything—publishing files, running migrations, and seeding data in one go, allowing you to avoid repetitive steps:

composer require erag/laravel-role-permission
php artisan erag:publish-permission --migrate --seed
Enter fullscreen mode Exit fullscreen mode

This makes it easier for developers, especially when working on time-sensitive projects or frequent package updates.


🔹 3. Permission Expiration (Unique to erag/laravel-role-permission)

One of the standout features of erag/laravel-role-permission is permission expiration, ideal for:

  • Temporary roles or permissions (like trial or limited access).
  • Event-based access that automatically expires after a defined period.

Example: Assigning Expiring Permissions

// Assign permissions with different expiration dates
$user->givePermissionsTo(['post-create', 'post-edit'], [
    Carbon::now()->addDays(10), // Expires in 10 days
    Carbon::now()->addHours(6)  // Expires in 6 hours
]);
Enter fullscreen mode Exit fullscreen mode

Spatie/laravel-permission does not include this feature, so if your project needs timed permissions, erag/laravel-role-permission is the way to go.


🔹 4. Middleware Customization

Both packages offer middleware for protecting routes, but erag/laravel-role-permission enhances the ability to fine-tune middleware for specific role-permission combinations. This feature is helpful in complex applications where each route may have distinct access needs.

Example Usage

Route::group(['middleware' => ['role:admin,post-create']], function () {
    // Admin with post-create permission can access
});
Enter fullscreen mode Exit fullscreen mode

This approach allows for streamlined, scalable access management directly within route files.


🔹 5. Helper Methods and Blade Directives

Both packages offer useful helper functions and Blade directives for checking permissions and roles, but erag/laravel-role-permission provides extra flexibility:

erag/laravel-role-permission

  • Multiple syntax options, allowing permissions checks with | or , separators for easy multi-permission checks.
  • Directives for conditional display based on permissions and roles, which work well for dynamic interfaces.
@hasPermissions('post-create|post-edit')
    {{ __('You can create or edit posts') }}
@endhasPermissions
Enter fullscreen mode Exit fullscreen mode

Spatie/laravel-permission offers standard methods, but erag’s additional syntax flexibility can be more convenient in larger applications.


🔹 6. Publishing Commands and Automation

In erag/laravel-role-permission, the erag:publish-permission command covers publishing files, running migrations, and seeding data. This integrated command approach saves time during setup and future upgrades.

Additionally, erag/laravel-role-permission offers an upgrade command:

php artisan erag:upgrade-version
Enter fullscreen mode Exit fullscreen mode

This command can be integrated into the installation process, making it easy to keep the package up-to-date with the latest features.


🔹 7. Contribution and Community Support

Both packages are open source, but spatie/laravel-permission has a larger user base and an established community due to its long-standing presence in the Laravel ecosystem. erag/laravel-role-permission is newer but actively developed, offering unique functionalities that are drawing interest among Laravel developers.


In Summary

Feature Spatie/laravel-permission Erag/laravel-role-permission
Basic Role-Permission Setup
Permission Expiration
Single-Command Setup
Flexible Middleware Options ✅ (Enhanced)
Multiple Permission Check Syntax
Built-In Upgrade Command
Community Support ✅ (Larger) ✅ (Active)

Which to Choose?

  • Choose spatie/laravel-permission if you need a reliable, straightforward package that’s been tested and used widely.
  • Opt for erag/laravel-role-permission if your project requires permission expiration, quick setup, or more customization options for roles and permissions.

🚀 Discover the potential of erag/laravel-role-permission for advanced projects on GitHub and let’s make access control management simpler and more flexible!

Top comments (0)