ktourvas/rolesandperms

Laravel package

Maintainers

Details

github.com/ktourvas/rolesandperms

Source

Issues

Installs: 707

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.3.3 2022-11-09 11:03 UTC

Requires (Dev)

MIT 5ec7411375b325f8a0189326cb12fe3bbba8a929

  • Kostas Tourvas <k.tourvas.woop@gmail.com>

This package is not auto-updated.

Last update: 2024-09-25 20:02:33 UTC

README

A simple laravel package to help you manage user roles and authorisation within a Laravel based application.

installation

Using composer:

$ composer require ktourvas/rolesandperms

after installation run

$ php artisan migrate

four tables are going to be created

  • rap_roles
  • rap_user_roles
  • rap_model_permissions
  • rap_record_permissions

Update App\User model with the HasPermissions and/or HasRoles traits depending on individual needs.

use ktourvas\rolesandperms\Entities\HasPermissions;

class User extends Authenticatable
{
    use  HasRoles, HasPersmissions, Notifiable;

HasRoles trait

Provides the user model with a roles() ManyToMany relationship to the Role model

$user->roles()->sync([
   Role::where('name', 'admin')->first()->id
]);

and a check method, returning true or false on the specified role.

$user->userIs('admin'); 
// boolean

HasPermissions trait

the trait provides the user model with a permissions onetoMany relation and extra wrapper methods for viewAny, view, create, update, delete, restore and forceDelete permission defaults. All of the above permission methods will result the equivalent table entries for the current user. The trait methods can then be used within any policy class in an application.

<?php

use App\User;
use some\model\path\SomeModel;

class SomeModelPolicy
{
    public function viewAny(User $user) {
        return $user->canViewAny(SomeModel::class);
    }

    public function view(User $user, SomeModel $someModel) {
        return $user->canView( $someModel );
    }

    public function create(User $user) {
        return $user->canDelete( SomeModel::class );
    }

    public function update(User $user, SomeModel $someModel) {
        return $user->canUpdate( $someModel );
    }

    public function delete(User $user, SomeModel $someModel) {
        return $user->canDelete( $someModel );
    }

    public function restore(User $user, SomeModel $someModel) {
        return $user->canRestore( $someModel );
    }

    public function forceDelete(User $user, SomeModel $someModel) {
        return $user->canForceDelete( $someModel );
    }
}

add/update/remove permissions

just like you would use any other eloquent model relationship

$user->permissions()->create([
    'policy' => SomeModel::class, 
    'viewany' => 1, 
    'create' => 1,
    'update' => 1,
    'delete'  => 1,
    'restore'  => 1,
    'forcedelete' => 1,
]);
 
$user->permissions()->where('policy', SomeModel::class)->update([ 
    'viewany' => 0, 
    'create' => 1,
    'update' => 1,
    'delete'  => 0,
    'restore'  => 1,
    'forcedelete' => 0,
]);

$user->permissions()->where('policy', SomeModel::class)->delete();

Specific record permissions can be set by the use of the records onetoMany relation on a ModelPermissionSet. Each RecordPermissionSet is a child of a model policy entry and defines the equivalent permissions on the level of the actual data records when needed.

$policy = $user->permissions()->create([
    'policy' => SomeModel::class, 
    'viewany' => 0, 
    'create' => 0,
    'update' => 0,
    'delete'  => 0,
    'restore'  => 0,
    'forcedelete' => 0,
]);

$policy->records()->create([
'record_id'=>1,
'view'=>1, 
]);

according to the above the user will be allowed to view only record with id = 1 of SomeModel.