thinkingmik/acl-manager-laravel

A Laravel access control list package

Maintainers

Details

github.com/thinkingmik/acl-manager-laravel

Source

Issues

Installs: 14

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 2

Forks: 1

Open Issues: 1

2.0.0 2015-05-03 10:50 UTC

Requires

MIT b59c5a1ab72429a418140af394215937d7c20750

  • Michele Andreoli <michi.andreoli.woop@gmail.com>

accessacllaravelresourcepermission

This package is not auto-updated.

Last update: 2024-04-13 15:22:58 UTC

README

Latest Version Software License Build Status Code Quality Total Downloads

Versions

Laravel ACL Manager PHP
4.2.x 1.x >= 5.4
5.0.x 2.x >= 5.4

Summary

Introduction

Adds ACL to Laravel 5. This ACL solution for Laravel is useful when you need to store policy rules or users' roles into a database. ACL Manager are composed by three entities:

  1. Roles
  2. Resources
  3. Permissions

Installation

Add the following line to the require section of composer.json:

{
    "require": {
        "thinkingmik/acl-manager-laravel": "2.x"
    }
}

Setup

  1. Add 'ThinKingMik\AclManager\AclManagerServiceProvider', into the service provider list in config/app.php.
  2. Add 'Acl' => 'ThinKingMik\AclManager\Facades\AclManagerFacade', into the list of aliases in config/app.php.
  3. Add 'ThinKingMik\AclManager\Middleware\AclManagerExceptionHandler', into the list of middlewere in app/Http/Kernel.php.

Migrations and configuration file

In order to use the Acl Manager publish its configuration and migrations first

php artisan vendor:publish

Note: migrations are only published, remember to run them when ready.

Migrations

This package comes with all the migrations you need to run a full featured Acl Manager. First of all you need to check the reference to the user table name:

  • Check the users table name of your Laravel installation in config/auth.php at the section:
/*
 |--------------------------------------------------------------------------
 | Authentication Table
 |--------------------------------------------------------------------------
 |
 | When using the "Database" authentication driver, we need to know which
 | table should be used to retrieve your users. We have chosen a basic
 | default value but you may easily change it to any table you like.
 |
 */

'table' => 'system_users',
  • Change the table reference for user_id foreign key in these files database/migrations:
xxx_000006_create_acl_users_roles_table.php
xxx_000005_create_acl_users_policies_table.php
  • Check user_id foreign key in all the above files to be sure that the user table name is the same as 'table' => 'system_users':
$table->foreign('user_id')->references('id')->on('system_users')
  • Now you can run:
php artisan migrate

Configuration

Edit the file config/acl.php to suit your needs.

Usage

Routing

You can use Acl Manager in routes as a filter

Route::get('/private', array('before' => 'auth|acl:admin.*', 'uses' => function() {

}));

All checks are made on user_id attribute retrieved from session. You can define many different acl: filters:

acl:role.resource.permission //check if logged user has role and the permission on resource
acl:*.resource.permission    //check if logged user has permission on resource
acl:role.*                   //check if logged user has role
acl:role.resource.*          //check if logged user has role and any permissions on resource
acl:*.resource.*             //check if logged user has any permissions on resource

You can also combine these filters with ; separator like:

acl:admin.*;guest.*

Facade

The Acl Manager is available through the Facade Acl or through the acl service in the IOC container. The methods available are:

/**
 * Check if user ID has a specified policy/policies
 * @param integer $user User ID
 * @param string $policies The policies used in routing
 * return boolean
 **/
Acl::isRouteAllowed(1, 'admin.*;guest.*');

/**
 * Check if user has permission on resource
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return boolean
 **/
Acl::isAllowed(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Check if role has permission on resource
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return boolean
 **/
Acl::areAnyRolesAllowed(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Check if user has roles
 * @param array $users Array of user objects or array of user IDs
 * @param array $roles Array of role objects or array of role IDs
 * return boolean
 **/
Acl::hasRole(array(1), array('1', '2'));

/**
 * Add permissions on resources for users specified
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * @param date [$expire] Optionally you can specify an expiration date for policies  
 * return boolean
 **/
Acl::allowUsers(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01');

/**
 * Add permissions on resources for roles specified
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * @param date [$expire] Optionally you can specify an expiration date for policies  
 * return boolean
 **/
Acl::allowRoles(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01');

/**
 * Remove permissions on resources for users specified
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs  
 * return integer The number of deleted policies
 **/
Acl::denyUsers(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Remove permissions on resources for roles specified
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return integer The number of deleted policies
 **/
Acl::denyRoles(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Add roles to users
 * @param array $users Array of user objects or array of user IDs
 * @param array $roles Array of role objects or array of role IDs
 * @param char [$main] Optionally you can specify the main role  
 * return boolean
 **/
Acl::addUsersRoles(array(1), array('1', '2'), 'Y');

License

This package is released under the MIT License.