goez/acl
Simple role-based access control for Laravel 4
Requires
- php: >=5.3.0
- illuminate/support: >=4.2.0
Requires (Dev)
- phpunit/phpunit: >= 3.7.0
- codeclimate/php-test-reporter: dev-master
This package is auto-updated.
Last update: 2019-11-30 06:48:17 UTC
README
Requirement
PHP 5.4+
Installation
Goez/Acl is an independent library for access control, you can use it in any PHP project with composer:
composer require goez/acl
Laravel 4
Goez/Acl also supports Laravel 4, just follow the steps below:
-
Install from composer.
-
Publish configuration after composer require.
php artisan config:publish goez/acl
-
Register provider in
app/config/app.php
:'providers' => array( // ... 'Goez\Acl\AclServiceProvider', // Add this line ),
-
Edit
app/config/packages/goez/acl/config.php
:<?php return array( 'init' => function ($acl) { // Initialize your permission here. // Example: // // $acl->fullPrivileges('admin'); // $acl->allow('author', 'read', 'article'); // $acl->allow('author', 'write', 'article'); // $acl->allow('guest', 'read', 'article'); // $acl->deny('guest', 'write', 'article'); }, );
-
Use methods of Acl in your code:
// In controller: if ($acl->can('member', 'read', 'article')) { // ... }
In Blade template:
@if (app('acl')->can('member', 'read', 'article`)) <!-- .... --> @endif
More Examples
For the examples below, you need to create an instance of Acl
first:
use Goez\Acl\Acl; $acl = new Acl();
Add Role
$acl->addRole('admin'); $acl->addRole('member'); $acl->addRole('guest'); var_dump($acl->hasRole('admin')); // true var_dump($acl->hasRole('member')); // true var_dump($acl->hasRole('notExists')); // false
Create rules for role
$acl->allow('guest', 'read', 'article'); $acl->deny('guest', 'write', 'article'); var_dump($acl->can('guest', 'read', 'article')); // true var_dump($acl->can('guest', 'write', 'article')); // false
Note 1: Methods allow
and deny
will add role automatically.
Note 2: It's always denied by default unless you allowed it.
Override rule
$acl->allow('author', 'read', 'article'); // rule 1 $acl->allow('author', 'write', 'article'); // rule 2 $acl->deny('author', 'read', 'article'); // rule 3, override rule 1 $acl->deny('author', 'write', 'article'); // rule 4, override rule 2 var_dump($acl->can('author', 'read', 'article')); // false var_dump($acl->can('author', 'write', 'article')); // false
Full privileges
$acl->fullPrivileges('admin'); var_dump($acl->can('admin', 'create', 'page')); // true var_dump($acl->can('admin', 'create', 'site')); // true var_dump($acl->can('admin', 'read', 'article')); // true var_dump($acl->can('admin', 'write', 'article')); // true
Note: Method fullPrivileges
will add role automatically.
Multiple actions or resources
$actions = ['create', 'read', 'write']; $resources = ['page', 'site', 'article']; $acl->allow('guest', 'read', $resources); $acl->allow('author', $actions, 'article'); $acl->allow('admin', $actions, $resources);
Wildcard support for action
$acl->allow('author', '*', 'article'); var_dump($acl->can('author', 'read', 'article')); // true var_dump($acl->can('author', 'write', 'article')); // true var_dump($acl->can('author', 'read', 'news')); // false var_dump($acl->can('author', 'write', 'news')); // false
Wildcard support in can
method.
$acl->allow('guest', 'write', 'article:comment'); var_dump($acl->can('guest', '*', 'article')); // true var_dump($acl->can('guest', '*', 'article:content')); // false var_dump($acl->can('guest', '*', 'news:*')); // false
Sub resource
Use :
to define the sub-resource.
In this example, article
as same as article:*
.
$acl->allow('guest', 'read', 'article'); $acl->allow('guest', 'write', 'article:comment'); $acl->allow('author', '*', 'article:*'); var_dump($acl->can('author', 'read', 'article:title')); // true var_dump($acl->can('author', 'read', 'article:content')); // true var_dump($acl->can('author', 'read', 'article:comment')); // true var_dump($acl->can('author', 'write', 'article:title')); // true var_dump($acl->can('author', 'write', 'article:content')); // true var_dump($acl->can('author', 'write', 'article:comment')); // true var_dump($acl->can('guest', 'read', 'article:title')); // true var_dump($acl->can('guest', 'read', 'article:content')); // true var_dump($acl->can('guest', 'read', 'article:comment')); // true var_dump($acl->can('guest', 'write', 'article:title')); // false var_dump($acl->can('guest', 'write', 'article:content')); // false var_dump($acl->can('guest', 'write', 'article:comment')); // true
License
MIT