Release 3.0.4

Added Laravel 13 Support

Full Changelog: 3.0.3...3.0.4

Release 3.0.3

What's Changed

• Relationship for Users by Role by @abishekrsrikaanth in #50

New Contributors

• @abishekrsrikaanth made their first contribution in #50

Full Changelog: 3.0.2...3.0.3

Release 3.0.2

What's Changed

• Add request-level permission decision caching by @HashGateApp in #48

Full Changelog: 3.0.1...3.0.2

Release 3.0.1

What's Changed

• Add support for wildcard team permissions by @HashGateApp in #47

New Contributors

• @HashGateApp made their first contribution in #47

Full Changelog: 3.0...3.0.1

Release 3.0

🚀 3.0 — Release Highlights

Introduces a major refactor of the teams, roles, and permissions system.
This release simplifies the API, unifies permissions management, and makes it easier to build multi-tenant apps with fine-grained access control.

✨ What’s New

• Unified Permissions Model
  Replaced Capabilities with a new Permissions + Abilities system for cleaner, more flexible access rules.
• Improved Groups & Roles
  Roles and groups now share a consistent permission model. Groups can attach/detach users dynamically.
• Entity-Specific Abilities
  Abilities are polymorphic: assign them to users, groups, or roles with full allow/forbid control.
• Invitation System
  Built-in team invitations with configurable routes (/invitation/{id}/accept).
• Cleaner Middleware
  Middleware syntax now supports {team_id}, {entity_id} placeholders and improved OR/AND checks.
• New API Methods
  Helpers like Team::inviteUser(), Team::getRole(), User::hasTeamPermission($scope) simplify common tasks.

⚡ Why Upgrade?

• More powerful and predictable access control logic.
• Cleaner database schema with fewer pivots and clearer naming.
• Easier to extend teams with custom roles, groups, and entity-specific permissions.
• Middleware and API now match modern Laravel conventions.

---

Breaking Changes

• Removed Capability model → replaced with Permission + new polymorphic tables:
  • entity_permission
  • entity_ability
• All role/group capability relations now resolved through permissions.
• Pivot table renamed:
  • group_user (previously user_group)
• Owner moved to:
  • Jurager\Teams\Models\Owner (was Jurager\Teams\Owner)
• hasTeamAbility() fully refactored:
  • introduces priority of sources (role → group → global → user)
  • adds support for forbidden flag
  • adds wildcard permission resolution (a.b.c → a.*, a.b.*)
• Legacy relation methods (users(), roles(), groups()) moved into the HasMembers trait.
• Old Team relation methods (users(), roles(), groups(), abilities()) removed (migrated to HasMembers).
• Support for support_field (is_support) in config removed → replaced by invitations.

Added

• Polymorphic ability system:
  • Ability ↔ entity_ability for users, groups, roles
  • Pivot includes forbidden flag + timestamps
• Permission polymorphic relations:
  • Permission ↔ entity_permission (roles, groups)
• Trait HasMembers:
  • Common team-related helpers: owner, users, abilities
• New team methods:
  • Team::purge() → cleanup helper
  • Team::getPermissionIds() → resolves permission codes to IDs (auto-creates missing)
• Invitations improvements:
  • New config section invitations (enabled, routes.url, routes.middleware)
  • Team::inviteUser($email, $role)
  • Team::inviteAccept($invitationId)

Changed

• Permission model:
  • $fillable = ['name', 'code', 'team_id']
  • timestamps = false
  • roles() / groups() → morphedByMany via entity_permission
• Role:
  • Eager-loads permissions (protected $with = ['permissions'])
  • Detaches permissions & abilities on delete
• Group:
  • Eager-loads permissions
  • Detaches permissions & abilities on delete
  • Uses group_user pivot with timestamps
• Team:
  • Eager-loads roles.permissions + groups.permissions
  • Most relation methods moved into HasMembers
• HasTeams trait:
  • New ownsTeam(), abilities() relations
  • teamPermissions() / hasTeamPermission() accept $scope = 'role'|'group'
  • hasTeamAbility() → reworked with new logic (priority, forbidden, wildcard)
• Membership:
  • Table name resolved from teams.tables.team_user
• Service Provider:
  • Routes registered with configurable teams.routes.prefix|middleware
  • Conditional publishing of invitations migration (teams.invitations.enabled)
• Middleware:
  • Ability middleware now checks via:

    $user->hasTeamAbility($team, $ability, $entity)

  • Updated route parameter style: {team_id}, {article_id}

Database & Migrations

• New / Renamed migrations:
  • abilities
  • entity_ability (was permissions)
  • entity_permission (was role_capability)
  • group_user (was user_group)
  • groups (updated schema)
• Optional migration: invitations (enabled via teams.invitations.enabled)
• Migration publishing now uses fixed filenames

Release 2.4.8

Fix issue with role migration

Release 2.4.7

Fix issue with teams() relation on HasTeams trait

Release 2.4.6

Added support for Laravel 12.x

Release 1.2.3

Added support for Laravel 11.x

Release 2.4.5

Some refactoring and checks across middlewares and team model
Fix custom foreign key