sourceboat / laravel-static-permission
Define laravel permissions and roles by code
Installs: 14 993
Dependents: 0
Suggesters: 0
Security: 0
Stars: 10
Watchers: 6
Forks: 2
Open Issues: 1
Requires
- php: >=7.3
- illuminate/http: ^6.0|^7.0|^8.0|^9.0
- illuminate/support: ^6.0|^7.0|^8.0|^9.0
- illuminate/view: ^6.0|^7.0|^8.0|^9.0
Requires (Dev)
- orchestra/testbench: ^5.0|^6.0|^7.0
- phpmd/phpmd: ^2.6
- phpunit/phpunit: ^9.3
- slevomat/coding-standard: ^7.0
- squizlabs/php_codesniffer: ^3.3
- dev-develop
- 2.3.0
- 2.2.0
- 2.1.6
- 2.1.5
- 2.1.4
- 2.1.3
- 2.1.2
- 2.1.1
- 2.1.0
- 2.0.0
- 1.1.1
- 1.1.0
- 1.0.1
- 1.0.0
- dev-dependabot/composer/slevomat/coding-standard-tw-8.8
- dev-master
- dev-feature/laravel9_support
- dev-update_dependabot_assignee
- dev-feature/dependabot
- dev-feature/improve_readme
- dev-feature/update-readme
- dev-feature/laravel-8-support
This package is auto-updated.
Last update: 2024-04-10 05:54:15 UTC
README
Manage user permissions and roles in your Laravel application by domain driven rules.
Example
$user->assignRole('admin'); $user->hasRole('admin'); // true
Define roles and permissions in config/permission.php.
'role' => [ 'admin' => [ 'news/#', // Allow all paths beginning with news/ ], 'editor' => [ 'news/#', '!news/delete', // Explicitly forbid news/delete ], 'user' => [ 'news/show', // Explicitly allow news/show ], ]
Check permissions by
$admin->hasPermission('news/delete'); // true $editor->hasPermission('news/delete'); // false $user->hasPermission('news/delete'); // false
Installation
composer require sourceboat/laravel-static-permission
Usage
Add trait to model
use HasRoles;
Using roles
Define roles in config/permission.php.
// config/permission.php 'roles' => [ 'role_name' => [], 'admin' => [], ],
Assign role
Add a role to a model.
$model->assignRole('admin');
Check role
Check role via:
$model->hasRole('admin'); $model->getRoleName(); // return admin
Using permissions
Permissions are based on the MQTT syntax and specified as path. Thus, individual security levels can be mapped and generally released via wildcards.
Check permissions
$model->hasPermission('users/show/email');
$model->hasPermission(['users/show', 'users/edit']);
$model->hasAnyPermission('users/show/email');
$model->hasAnyPermission(['users/show', 'users/edit']);
Configuration
+Wildcard for one level#Wildcard for everything following!Before the permission - prohibits permission
Define roles and permissions in config/permission.php.
// config/permission.php 'roles' => [ 'role_name' => [ 'users/+/foo' ], 'admin' => [ 'users/#', '!users/create', ], ],
Using Blade directives
Use Blade directives in your views.
Role
@role('admin') Show if user is admin @endrole
@unlessrole('admin') Show if user is not admin @endunlessrole
Permission
@permission('user/edit') Show if user has rights to user/edit @endpermission
Use several permissions.
@permission('user/edit|user/create') Show if user has rights to user/edit AND user/create @endpermission
@anypermission('user/edit|user/create') Show if user has rights to user/edit OR user/create @endanypermission
Middleware
Add the middleware to your src/Http/Kernel.php
use Sourceboat\Permission\Middlewares\RoleMiddleware; class Kernel extends HttpKernel { ... protected $routeMiddleware = [ ... 'role' => RoleMiddleware::class ] }
And use it like
Route::group(['middleware' => ['role:admin']], function () { // })
Config
Example Config
<?php // config/permission.php return [ /** * Column name of the model */ 'column_name' => 'role', /** * Roles with permissions * * - `+` Wildcard one level * - `#` Wildcard everything following * - `!` Before the permission - prohibits permission * * 'admin' => [ * 'users/#', * 'users/+/field', * '!users/create' * ] */ 'roles' => [], ];
Testing
composer test
Changelog
See releases for details.
Contributing
composer lint:phpcs composer lint:phpmd
Credits
This package is heavily inspired by Spatie / laravel-permission.
License
The MIT License (MIT). Please see License File for more information.