dangkien/roleper

This package provides a flexible way to add Role-based Permissions to Laravel

2.3.1 2019-11-17 09:45 UTC

This package is auto-updated.

Last update: 2024-03-17 19:02:07 UTC


README

Role-Permission Laravel Packget

Installation

1)Just add the following to your composer.json. Then run composer update:

composer require dangkien/roleper --no-scripts
  1. Open your config/app.php and add the following to the providers array:
DangKien\RolePer\RolePerServiceProvider::class,
  1. In the same config/app.php and add the following to the aliases array:
'RolePer'   => DangKien\RolePer\RolePerFacade::class,
  1. Run the command below to publish the package config file config/roleper.php:
php artisan vendor:publish
  1. If you want to use Middleware (requires Laravel 5.1 or later) you also need to add the following:
    'role' => \DangKien\RolePer\Middleware\RolePerRole::class,
    'permission' => \DangKien\RolePer\Middleware\RolePerPermission::class,
    'ability' => \DangKien\RolePer\Middleware\RolePerAbility::class,

to routeMiddleware array in app/Http/Kernel.php.

copy to User.php

    use \DangKien\RolePer\Traits\RolePerUserTrait;

Checking for Roles & Permissions

Now we can check for roles and permissions simply by doing:

$user->hasRole('owner');   // false
$user->hasRole('admin');   // true
$user->can('edit-user');   // false
$user->can('create-post'); // true

Both hasRole() and can() can receive an array of roles & permissions to check:

$user->hasRole(['owner', 'admin']);       // true
$user->can(['edit-user', 'create-post']); // true

By default, if any of the roles or permissions are present for a user then the method will return true. Passing true as a second parameter instructs the method to require all of the items:

$user->hasRole(['owner', 'admin']);             // true
$user->hasRole(['owner', 'admin'], true);       // false, user does not have admin role
$user->can(['edit-user', 'create-post']);       // true
$user->can(['edit-user', 'create-post'], true); // false, user does not have edit-user permission

You can have as many Roles as you want for each User and vice versa.

Route

/// ROLE PERMISSION ROUTE
    Route::group(['prefix' => 'admin/users'], function() {
    Route::get('user-permission/{id}', '\DangKien\RolePer\Controllers\UserRoleController@index')->name('user-permission.index');
    Route::post('user-permission/{id}', '\DangKien\RolePer\Controllers\UserRoleController@store')->name('user-permission.store');
    Route::get('role-permission/{id}', '\DangKien\RolePer\Controllers\RolePermissionController@index')->name('roles-permission.index');
    Route::post('role-permission/{id}', '\DangKien\RolePer\Controllers\RolePermissionController@store')->name('roles-permission.store');
});

Route::resource('admin/roles', '\DangKien\RolePer\Controllers\RoleController');
Route::group(['prefix' => '', 'middleware' => 'role:superadmin'], function() {
    Route::resource('admin/permissions', '\DangKien\RolePer\Controllers\PermissionController');
    Route::resource('admin/permissions-group', '\DangKien\RolePer\Controllers\PermissionGroupController');
});

User

Next, use the RolePerUserTrait trait in your existing User model. For example:

<?php

use DangKien\RolePer\Traits\RolePerUserTrait;

class User extends Eloquent
{
    use RolePerUserTrait; // add this trait to your user model

    ...
}

### Middleware

You can use a middleware to filter routes and route groups by permission or role
```php
Route::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function() {
    Route::get('/', 'AdminController@welcome');
    Route::get('/manage', ['middleware' => ['permission:manage-admins'], 'uses' => 'AdminController@manageAdmins']);
});

It is possible to use pipe symbol as OR operator:

'middleware' => ['role:admin|root']

To emulate AND functionality just use multiple instances of middleware

'middleware' => ['role:owner', 'role:writer']

For more complex situations use ability middleware which accepts 3 parameters: roles, permissions, validate_all

'middleware' => ['ability:admin|owner,create-post|edit-user,true']