Laravel · PHP 8.2+

A permission system that fits in one integer.

Roles, per-route permissions, menus and an optional admin UI — every authorization check is a bitwise AND, not a database query.

Latest Version MIT license Laravel 11 12 13
ACCESS REGISTER — user.role int(13)
1view
2export
4create
8update
16delete
view + create + update = 13
Why bitwise

One number instead of a join table.

Most permission packages store one database row per role × permission × resource. That scales into a maintenance problem. A bitwise permission collapses any combination of capabilities into a single integer, checked with CPU-level math.

role_has_permissionsN queries
// one row per capability, per role, per resource
DB::table('role_has_permissions')
    ->where('role_id', $role->id)
    ->where('resource', 'leads')
    ->whereIn('permission', ['view','create','update'])
    ->count() === 3;
bitwise-permission0 queries
// one integer, resolved once per request
$access = $user->getAccess(); // 13

$access & $bits['create'] === $bits['create']; // true
Features

A complete authorization layer, not just a bitmask.

The bitwise core is the foundation. On top of it: route protection, role cloning, self-managing menus, and an optional UI to run the whole thing without touching a migration.

01

Bitwise core

Combine and compare permissions with plain integer math — combine(), decode(), has().

02

Route-based permissions

Protect named routes with a wildcard convention: leads.*, deals.*.

03

Self-managing menus

A navigation tree with role visibility and automatic parent/child propagation.

04

Super admin bypass

The configured super admin role gets full access without ever touching the database.

05

Per-user roles

RoleCloneService clones a base role per user, so individual permissions diverge safely.

06

Optional Livewire UI

Manage roles, permissions, routes, accesses and menus from /bwp/* out of the box.

07

Artisan tooling

bwp:install and bwp:sync-routes get a project wired up in minutes.

08

Config-first

Bits, base permissions, roles, routes and menus all live in one published config file.

Quick look

From install to a protected route in four steps.

$composer require henry-ht/laravel-bitwise-permission && php artisan bwp:install Copy
use HenryHt\BitwisePermission\Traits\HasPermissionsTrait;

class User extends Authenticatable
{
    use HasPermissionsTrait;
}
Route::middleware('bwp.permission:create')->group(function () {
    Route::post('/leads', [LeadController::class, 'store'])->name('leads.store');
});
@if(auth()->user()->canCreate())
    <a href="{{ route('leads.create') }}">New lead</a>
@endif
Documentation

Everything you need to run it in production.

GuideCovers
InstallationRequirements, install command, manual setup, wiring the User model
ConfigurationBits, base permissions, super admin, table prefix, menus
MiddlewareProtecting routes and the view prerequisite rule
RolesBase roles, per-user roles, RoleCloneService
PermissionsChecking, setting and combining permissions at runtime
MenusBuilding navigation trees with role-based visibility
ExamplesEnd-to-end flows: user creation, custom bits, Livewire
UpgradingVersion-to-version upgrade notes