Is this the maintained entrust?

[jrm2k6]

A lot of issues are piling up for the repo Zicaco/entrust, is this the repo we should use or are you still merging back to the original one from time to time?

[bbatsche]

Well...I'm afraid I can't give you a terribly clear answer. Currently, my goal for this repo is to finish writing unit tests and documentation for the major features I've completed. At that point, barring any major bugs, I doubt I will be doing much more with this particular repository. Long term my plan would be to start a new package with a clean slate that would borrow much of the API, but targeting Laravel 5 (I have no plans to upgrade this particular library).

I'd be happy to have my code pulled back into the Zizaco repo, but given that their focus seemed to be on upgrading to L5 while mine was on sweeping API changes I'm not certain how popular or likely that would be. To be frank, this is really the first time I've worked on a package like this, so I'm not entirely clear was best practices here are.

Finally, this is all further complicated by the fact that I'm solo guy working on this in my spare time. The rash of commits in the last week or so were mostly inspired by the fact that my students were using this repo in their final projects, and I realized the would probably appreciate having a stable version to work with. :-P

[jrm2k6]

Are the major features you implemented updating/removing roles on the fly? :D

[bbatsche]

Negatory. A before filter for controllers allowing simple declaration for role or permission requirements. Like the following:

protected $entrustPerms = array(
    'index'  => 'post-show',
    'create' => 'post-create',
    'store'  => 'post-create',
    // ...
);

See: ControllerTrait.php for current lightly tested, completely undocumented info.

What are you thinking in terms of updating roles on the fly? I'm certainly not opposed to new issues being created, but like I said. Solo dude working in my spare time 😅

[jrm2k6]

It seems like with entrust, there is no built-in way of updating the role of a user. You can check if you have or not a specific role or if you can or not doing some specific things using permissions. We would need to be able to remove a role/update a role for a specific user.

I would be willing to implement those features, but just want to know if it is worth submitting a pull request for this package, or the repo originally maintained by Zicaco. What do you think?

[bbatsche]

Well, roles for a given user are just wrappers for the builtin Laravel relationships. Using something along the lines of:

Entrust::user()->attachRole($roleId);
// or even
Auth::user()->detachRole($roleId);

should accomplish more or less the same thing as what you're thinking. If I understand you correctly though, you're looking for something along the lines of:

Entrust::attachRole($roleId);

yeah?

Who should you send a pull request to? Eehhh. I guess my thought at this point would be to see what the Zizaco folks say to your question there. Looking at the logs, seems there was a flurry of activity back in March, but I haven't seen much since then.

[jrm2k6]

attach and detach should pretty much be it yes. I didn't think of it that way. I was thinking more of: Auth::user()->updateRole('role-name')

Yes, the other repo seems to be dead basically. https://github.com/Zizaco/entrust/issues/286