laravel-enso/permissionmanager

Permission Manager dependency for Laravel Enso


README

Codacy Badge StyleCI License Total Downloads Latest Stable Version

Permission Manager dependency for Laravel Enso

Screenshot

Features

  • permissions are managed based on the user role
  • allows creating, updating and deleting of permissions for each route
  • permits the one step creation of permissions for a resource type of route
  • has the access-route policy which can be used to check if the a user is authorized on a given route
  • comes with the VerifyRouteAccess middleware that checks against unauthorized access

Under the Hood

  • inside web.php there is a route for each action within the application, and each route has the name attribute defined
  • for each route where we need to have authorization checks, we must define a permission, permission which needs to have the same name as the route
  • routes and groups are nested, the resulting name looking something like group1.group2...route
  • for each request we check the existence of the link between the user's role and the permission for the request's route
  • permissions' attributes:
    • name: see above
    • description - is human readable and is used when displaying a user's action history (on his profile page)
    • type - may be read or write and is an informative flag
    • default - flag which lets us know if a permission needs to be automatically allotted to any new role we create
  • for routes where we don't need to have authorization checks, permissions are not mandatory, BUT
  • if we want to log and display the users' actions, permissions become necessary, as they're used when displaying statistics
  • permissions are grouped together in groups, which have mainly a descriptive purpose
  • when naming them, the same name convention is used as in the case of permissions e.g. group1.group2
  • permission groups are not linked directly to any other entity - with the obvious exception of permissions - nor are they used directly

Notes

The Laravel Enso Core package comes with this package included.

Depends on:

Contributions

are welcome. Pull requests are great, but issues are good too.

License

This package is released under the MIT license.