panoscape / access
Role and Permission control for Laravel
1.0.2
2017-02-14 03:46 UTC
Requires
- illuminate/support: ^5.3
Requires (Dev)
- orchestra/database: ~3.3
- orchestra/testbench: ~3.3
- phpunit/phpunit: ~5.0
This package is not auto-updated.
Last update: 2024-11-10 02:05:14 UTC
README
Access
Role and Permission control for Laravel
Installation
Composer
composer require panoscape/access
Service provider
config/app.php
'providers' => [ ... Panoscape\Access\AccessServiceProvider::class, ];
Facades
config/app.php
'aliases' => [ ... 'Access' => Panoscape\Access\Facades\Access::class, ];
Permission and Role
config/app.php
'aliases' => [ ... 'App\Permission' => Panoscape\Access\Permission::class, 'App\Role' => Panoscape\Access\Role::class, ];
Middleware
app/Http/Kernel.php
protected $routeMiddleware = [ ... 'access' => \Panoscape\Access\Middleware\VerifyAccess::class, ];
Migration
php artisan vendor:publish --provider="Panoscape\Access\AccessServiceProvider" --tag=migrations
Before migrating, you'll need to modify the users
table in the published migration file to the correct user table used in your application
//TODO: user table $table->foreign('user_id')->references('id')->on('users')
Usage
Add HasRoles
trait to user model.
<?php namespace App; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Database\Eloquent\SoftDeletes; use Panoscape\Access\HasRoles; class User extends Authenticatable { use Notifiable, SoftDeletes, HasRoles; }
Get roles and permissions
$user->roles(); $user->permissions(); $role->permissions(); $role->users(); $permission->roles();
You may also use dynamic properties
$user->roles; $user->permissions; $role->permissions; $role->users; $permission->roles;
Check roles and permissions
//return true if the user has this role $user->hasRoles('admin'); //return true if the user has all three roles $user->hasRoles(['admin', 'editor', 'author']); //equivalent to array $user->hasRoles('admin|editor|author'); //return true if the user has any of the three roles $user->hasRoles(['admin', 'editor', 'author'], false); //by default it checks 'name' column; you may specify which column to check $user->hasRoles([1, 3, 12], true, 'id'); //or check permissions $user->hasPermissions('edit_users'); //also available on role $role->hasPermissions('edit_users');
Attach/Detach/Sycn
//by name $user->attachRoles('admin'); //by id $user->attachRoles(1); //by model instance $user->attachRoles($role); //with array $user->attachRoles(['admin', 'editor']); $user->attachRoles([1, 2]); //specify column $user->attachRoles(['1', '2'], 'id'); //detach $user->detachRoles('admin'); //detach all $user->detach([]); //sync $user->syncRoles('admin'); //detach all $user->syncRoles([]); //sync without detaching $user->syncRoles(['admin', 'editor'], false); //same with role and permissions $role->attachPermissions('editor_users'); $role->detachPermissions('editor_users'); $role->syncPermissions('editor_users');
Facades
//check the current authenticated user's roles and permissions Access::hasRoles('admin'); Access::hasPermissions('edit_users'); //check the given user's roles and permissions Access::hasRoles('admin', true, 'name', $user); Access::hasPermissions('edit_users', true, 'name', $user); //attach roles to current authenticated user Access::attachRoles('admin'); Access::attachRoles(['admin', 'editor']); //attach roles to the given user Access::attachRoles('admin', 'name', $user); Access::attachRoles(['admin', 'editor'], 'name', $user);
Middleware
//role Route::get('/dashboard', 'DashboardController@index')->middleware('access:roles,admin'); //permission Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,edit_users'); //multiple Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,edit_users|manage_sites'); //requirement and column Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,1|3,false,id');
Blade
@roles('admin') <div> ... <div> @endroles @permissions('edit_users|Manage_sites') <div> ... <div> @endpermissions @roles('admin|editor|root', false) <div> ... <div> @endroles @permissions('1|2|3', false, 'id') <div> ... <div> @endpermissions
Testing
composer test
or
vendor/bin/phpunit
Change Log
1.0.1 - 2016-11-24
Added
- attach/detach/sync roles and permissions in Facades
- Facades now accept specific user rather than always using
auth()->user()
- detaching roles when deleting users
- detaching permissions when deleting roles
- unit test
Changed
- renamed
access
middleware's first argument to plural format:role
toroles
,permission
topermissions
- multiple arguments in blade directives no longer need to be wrapped in an array
Fixed
roles
andpermissions
blade directives failure issue