$acl->allow('Author', 'Photos', 'upload'); // But sometimes we need to force deny for some resource inherited from parents. $acl->deny('Author', 'Blogs', 'write'); // Allow "Editor" do any actions in "Blogs" and "Photos" except "delete". $acl->allow('Editor', 'Blogs', '*'); $acl->allow('Editor', 'Photos', '*'); // deny some resources. $acl->deny('Editor', 'Blogs', 'delete'); $acl->deny('Editor', 'Photos', 'delete'); // Admin can access anything $acl->allow('Admin', '*', '*'); // Set current auth user to access list Authorized::as_user($user); }, 'database' => function ($user) { // Instance access $acl = Authorized::instance(); // Get all roles with rules $roles = Role::with('rules')->get(); foreach ($roles as $role) { // Add roles to access list $acl->add_role($role->name); foreach ($role->rules as $rule) { // Add rules to access list, then give permisstion to role // $acl->add_rule($rule->group, $rule->action); // $acl->allow($role->name, $rule->group, $rule->action); // This is a short way to do things above $acl->allow($role->name, $rule->group, $rule->action, true); } } // Set current auth user to access list Authorized::as_user($user);