// the find
Zizaco/entrust
Role-based Permissions for Laravel 5
Entrust adds RBAC to Laravel via traits and a pivot-table schema (roles, permissions, role_user, permission_role). It predates Laravel's built-in Gates/Policies and was a go-to solution circa Laravel 5. This README is a fork claiming Laravel 9/10 support while the composer.json still shows `5.2.x-dev` in its own installation instructions.
Wildcard permission matching (`admin.*`) is a genuinely useful feature that Laravel's native authorization doesn't give you out of the box. The `ability()` method with `validate_all` and `return_type` options handles complex role+permission intersection checks in a single call. Blade directives (`@role`, `@permission`, `@ability`) are a clean integration point. Middleware pipe syntax (`role:admin|root`) maps naturally to OR semantics without writing custom logic.
The original repo hasn't shipped a meaningful update since 2017; this fork has 6 stars and the README still tells you to require `5.2.x-dev` in composer.json while claiming 9/10 support — that's a red flag for production use. No direct permissions on users: permissions only attach to roles, so if you need a single one-off permission grant you're stuck creating a dedicated role for it. `routeNeedsPermission()` and `routeNeedsRole()` use Laravel 4-era route filters, which are long gone; those sections of the docs are dead weight that will confuse anyone on a modern Laravel. Soft-delete handling requires manual pivot cleanup before `forceDelete()` — easy to miss and silent data integrity issue if you forget.