thinkingmik / acl-manager-laravel
A Laravel access control list package
Requires
- php: >=5.4.0
- laravel/framework: 5.0.*
This package is not auto-updated.
Last update: 2024-12-21 18:45:24 UTC
README
Versions
Summary
Introduction
Adds ACL to Laravel 5. This ACL solution for Laravel is useful when you need to store policy rules or users' roles into a database. ACL Manager are composed by three entities:
- Roles
- Resources
- Permissions
Installation
Add the following line to the require
section of composer.json
:
{ "require": { "thinkingmik/acl-manager-laravel": "2.x" } }
Setup
- Add
'ThinKingMik\AclManager\AclManagerServiceProvider',
into the service provider list inconfig/app.php
. - Add
'Acl' => 'ThinKingMik\AclManager\Facades\AclManagerFacade',
into the list of aliases inconfig/app.php
. - Add
'ThinKingMik\AclManager\Middleware\AclManagerExceptionHandler',
into the list of middlewere inapp/Http/Kernel.php
.
Migrations and configuration file
In order to use the Acl Manager publish its configuration and migrations first
php artisan vendor:publish
Note: migrations are only published, remember to run them when ready.
Migrations
This package comes with all the migrations you need to run a full featured Acl Manager. First of all you need to check the reference to the user table name:
- Check the users table name of your Laravel installation in
config/auth.php
at the section:
/* |-------------------------------------------------------------------------- | Authentication Table |-------------------------------------------------------------------------- | | When using the "Database" authentication driver, we need to know which | table should be used to retrieve your users. We have chosen a basic | default value but you may easily change it to any table you like. | */ 'table' => 'system_users',
- Change the table reference for
user_id
foreign key in these filesdatabase/migrations
:
xxx_000006_create_acl_users_roles_table.php
xxx_000005_create_acl_users_policies_table.php
- Check
user_id
foreign key in all the above files to be sure that the user table name is the same as'table' => 'system_users'
:
$table->foreign('user_id')->references('id')->on('system_users')
- Now you can run:
php artisan migrate
Configuration
Edit the file config/acl.php
to suit your needs.
Usage
Routing
You can use Acl Manager in routes as a filter
Route::get('/private', array('before' => 'auth|acl:admin.*', 'uses' => function() { }));
All checks are made on user_id
attribute retrieved from session.
You can define many different acl:
filters:
acl:role.resource.permission //check if logged user has role and the permission on resource acl:*.resource.permission //check if logged user has permission on resource acl:role.* //check if logged user has role acl:role.resource.* //check if logged user has role and any permissions on resource acl:*.resource.* //check if logged user has any permissions on resource
You can also combine these filters with ;
separator like:
acl:admin.*;guest.*
Facade
The Acl Manager is available through the Facade Acl
or through the acl service in the IOC container.
The methods available are:
/** * Check if user ID has a specified policy/policies * @param integer $user User ID * @param string $policies The policies used in routing * return boolean **/ Acl::isRouteAllowed(1, 'admin.*;guest.*'); /** * Check if user has permission on resource * @param array $users Array of user objects or array of user IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * return boolean **/ Acl::isAllowed(array(1), array('post', 'dashboard'), array('edit', 'view')); /** * Check if role has permission on resource * @param array $roles Array of role objects or array of role IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * return boolean **/ Acl::areAnyRolesAllowed(array(1), array('post', 'dashboard'), array('edit', 'view')); /** * Check if user has roles * @param array $users Array of user objects or array of user IDs * @param array $roles Array of role objects or array of role IDs * return boolean **/ Acl::hasRole(array(1), array('1', '2')); /** * Add permissions on resources for users specified * @param array $users Array of user objects or array of user IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * @param date [$expire] Optionally you can specify an expiration date for policies * return boolean **/ Acl::allowUsers(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01'); /** * Add permissions on resources for roles specified * @param array $roles Array of role objects or array of role IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * @param date [$expire] Optionally you can specify an expiration date for policies * return boolean **/ Acl::allowRoles(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01'); /** * Remove permissions on resources for users specified * @param array $users Array of user objects or array of user IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * return integer The number of deleted policies **/ Acl::denyUsers(array(1), array('post', 'dashboard'), array('edit', 'view')); /** * Remove permissions on resources for roles specified * @param array $roles Array of role objects or array of role IDs * @param array $resources Array of resource objects or array of resource IDs * @param array $permissions Array of permission objects or array of permission IDs * return integer The number of deleted policies **/ Acl::denyRoles(array(1), array('post', 'dashboard'), array('edit', 'view')); /** * Add roles to users * @param array $users Array of user objects or array of user IDs * @param array $roles Array of role objects or array of role IDs * @param char [$main] Optionally you can specify the main role * return boolean **/ Acl::addUsersRoles(array(1), array('1', '2'), 'Y');
License
This package is released under the MIT License.