enclave-code/static-auth-manager

Static manage roles and permission in Laravel

Maintainers

Details

github.com/EnclaveCode/static-auth-manager

Source

Issues

Installs: 15

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 3

v1.0.1 2020-03-31 03:57 UTC

Requires

  • php: >=7.2

Requires (Dev)

MIT e9cc595d3057843f474cd0abf11f27174c785254

  • Kamil Bartczak <kamil.bartczak06839.woop@gmail.com>

securityacllaravelpermissionrolesenclaveenclaveCodeenclave-code

This package is auto-updated.

Last update: 2024-09-30 01:52:08 UTC

README

Manage user permissions and roles in your Laravel application by domain driven rules.

Example

Add single role

$user->assignRole('admin');

$user->hasRole('admin'); // true

Add many roles

$user->assignRole(['admin','user']);

$user->hasRole('admin'); // true
$user->hasRole('user'); // true

You can define roles and permissions by code at config/permission.php.

'role' => [
  'admin' => [
    'news/*', // Allow all paths beginning with news/
  ],
  'editor' => [
    'news/*',
  ],
  'user' => [
    'news/show', // Explicitly allow news/show
  ],
]

You can check permissions by

$admin->hasPermissionTo('news/delete'); // true
$editor->hasPermissionTo('news/delete'); // false
$user->hasPermissionTo('news/delete'); // false

Installation

# Add library
composer require enclave-code/static-auth-manager

# Public vendors
php artisan vendor:publish

Older than Laravel 5.5 need a service provider registration.

// config/app.php

'providers' => [
  EnclaveCode\StaticAuthManager\Providers\PermissionServiceProvider::class,
];

Usage

Add trait to model

  use HasRoles;

Using roles

You can define the roles in the config/permission.php file.

// config/permission.php

'roles' => [
  'role_name' => [],
  'admin' => [],
],

Assign role/roles

Add a role to a model.

$model->assignRole('admin');

Add a roles to a model.

$model->assignRole(['admin','user']);

Check role/roles

You can check the roles via:

$model->hasRole('admin');

$model->getRoles(); // return collection(['admin'])
$model->hasRole(['admin','user']);


$model->getRoles(); // return collection(['admin','user']);

Detach role/roles

You can detach the roles via:

$model->assignRole(['admin','user']);
$model->detachRole('admin');


$model->getRoles(); // return collection(['user'])

Using permissions

Permissions are based on the MQTT syntax. Permissions are specified as path. Thus, individual security levels can be mapped and generally released via wildcards.

Check permissions

$model->hasPermissionTo('users/show/email');
$model->hasPermissionTo(['users/show', 'users/edit']);
$model->hasAnyPermission('users/show/email');
$model->hasAnyPermission(['users/show', 'users/edit']);

Configuration

  • * Wildcard for everything following

You can define the role permissions in the config/permission.php file.

// config/permission.php

'roles' => [
  'role_name' => [
    'users/*'
  ],
  'admin' => [
    'users/create',
  ],
],

Using Blade directives

You can use Blade directives in your views.

Role

@role('admin')
  Show if user is admin
@endrole
@unlessrole('admin')
  Show if user is not admin
@endunlessrole

Permission

@permission('user/edit')
  Show if user has rights to user/edit
@endpermission

You can use several permissions too.

@permission('user/edit|user/create')
  Show if user has rights to user/edit AND user/create
@endpermission
@anypermission('user/edit|user/create')
 Show if user has rights to user/edit OR user/create
@endanypermission

Middleware

Add the middleware to your src/Http/Kernel.php

class Kernel extends HttpKernel
{
... 
  protected $routeMiddleware = [
    ...
    'permission' => \EnclaveCode\StaticAuthManager\Middleware\HasAnyPermissionMiddleware::class,
    'role' => \EnclaveCode\StaticAuthManager\Middleware\HasRoleMiddleware::class

  ]

}

And use it like

// If user has 'admin' or 'user' role
Route::group(['middleware' => ['role:admin|user']], function () {
    //
})

// If user has 'admin' role
Route::group(['middleware' => ['role:admin']], function () {
    //
})

// If user has 'user/create'
Route::group(['middleware' => ['permission:create/user']], function () {
    //
})

// If user has 'user/create' or 'user/edit'
Route::group(['middleware' => ['permission:create/user|user/edit']], function () {
    //
})

Config

Example Config

<?php
// config/permission.php

return [
    /**
     * DB Column name from model
     */
    'column_name' => env('SAM_ROLE_COLUMN_NAME', 'role'),

    /**
     * Roles with permission as path
     *
     * - `*` Wildcard everything following
     *
     * 'admin' => [
     *      'users/*',
     * ],
     * 'user' => [
     *     'users/create'
     * ]
     *
     */
    'roles' => [],

];

Additional config in .env

# StaticAuthManager - column name in user model
SAM_ROLE_COLUMN_NAME='role'

Testing

composer test
# same to
./vendor/bin/phpunit

Todo

  • Add new migration to user with new column with role
  • Describe how roles and permissions work in readme

Credits

Primarily forked from sourceboat/laravel-static-permission.

License

The MIT License (MIT). Please see License File for more information.