• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字

jeremykenedy/laravel-roles: A Powerful package for handling roles and permission ...

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

jeremykenedy/laravel-roles

开源软件地址(OpenSource Url):

https://github.com/jeremykenedy/laravel-roles

开源编程语言(OpenSource Language):

PHP 54.5%

开源软件介绍(OpenSource Introduction):

Laravel Roles

Laravel Roles

A Powerful package for handling roles and permissions in Laravel. Supports Laravel 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 6.0, 7.0, and 8.0+.

Total Downloads Latest Stable Version Travis-CI Build Status Scrutinizer-CI Build Status StyleCI Scrutinizer Code Quality Code Intelligence Status License: MIT MadeWithLaravel.com shield

Table of contents

Features

Laravel Roles Features
Built in migrations with ability to publish and modify your own.
Built in seed with ability to publish and modify your own.
Roles with levels and relationships to users, permissions
Permissions with relationships to users and levels
Soft deletes with full restore and destroy
Optional CRUD of Roles and Permissions
Lots of configuration options
All Extendable from .env

Installation

This package is very easy to set up. There are only couple of steps.

Composer

From your projects root folder in terminal run:

Laravel 5.8 and up use:

    composer require jeremykenedy/laravel-roles

Laravel 5.7 and below use:

    composer require jeremykenedy/laravel-roles:1.4.0
  • Note: The major difference is that Laravel's users table migration out the box changed from $table->increments('id'); to $table->bigIncrements('id'); in Laravel 5.8.

Service Provider

  • Laravel 5.5 and up Uses package auto discovery feature, no need to edit the config/app.php file.

  • Laravel 5.4 and below Add the package to your application service providers in config/app.php file.

'providers' => [

    ...

    /**
     * Third Party Service Providers...
     */
    jeremykenedy\LaravelRoles\RolesServiceProvider::class,

],

Publish All Assets

    php artisan vendor:publish --tag=laravelroles

Publish Specific Assets

    php artisan vendor:publish --tag=laravelroles-config
    php artisan vendor:publish --tag=laravelroles-migrations
    php artisan vendor:publish --tag=laravelroles-seeds
    php artisan vendor:publish --tag=laravelroles-views
    php artisan vendor:publish --tag=laravelroles-lang

HasRoleAndPermission Trait And Contract

  1. Include HasRoleAndPermission trait and also implement HasRoleAndPermission contract inside your User model. See example below.

  2. Include use jeremykenedy\LaravelRoles\Traits\HasRoleAndPermission; in the top of your User model below the namespace and implement the HasRoleAndPermission trait. See example below.

Example User model Trait And Contract:

<?php

namespace App;

use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use jeremykenedy\LaravelRoles\Traits\HasRoleAndPermission;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;
    use HasRoleAndPermission;

    // rest of your model ...
}

Migrations and seeds

This uses the default users table which is in Laravel. You should already have the migration file for the users table available and migrated.

  1. Setup the needed tables:

    php artisan migrate

  2. Update database\seeds\DatabaseSeeder.php to include the seeds. See example below.

<?php

use Illuminate\Database\Seeder;
use Illuminate\Database\Eloquent\Model;
use Database\Seeders\PermissionsTableSeeder;
use Database\Seeders\RolesTableSeeder;
use Database\Seeders\ConnectRelationshipsSeeder;

class DatabaseSeeder extends Seeder
{
    /**
     * Run the database seeds.
     *
     * @return void
     */
    public function run()
    {
        Model::unguard();

            $this->call(PermissionsTableSeeder::class);
            $this->call(RolesTableSeeder::class);
            $this->call(ConnectRelationshipsSeeder::class);
            //$this->call('UsersTableSeeder');

        Model::reguard();
    }
}
  1. Seed an initial set of Permissions, Roles, and Users with roles.
composer dump-autoload
php artisan db:seed

Roles Seeded

Property Value
Name Admin
Slug admin
Description Admin Role
Level 5
Property Value
Name User
Slug user
Description User Role
Level 1
Property Value
Name Unverified
Slug unverified
Description Unverified Role
Level 0

Permissions Seeded:

Property Value
name Can View Users
slug view.users
description Can view users
model Permission
Property Value
name Can Create Users
slug create.users
description Can create new users
model Permission
Property Value
name Can Edit Users
slug edit.users
description Can edit users
model Permission
Property Value
name Can Delete Users
slug delete.users
description Can delete users
model Permission

And that's it!

Migrate from bican roles

If you migrate from bican/roles to jeremykenedy/LaravelRoles you will need to update a few things.

  • Change all calls to can, canOne and canAll to hasPermission, hasOnePermission, hasAllPermissions.
  • Change all calls to is, isOne and isAll to hasRole, hasOneRole, hasAllRoles.

Usage

Creating Roles

$adminRole = config('roles.models.role')::create([
    'name' => 'Admin',
    'slug' => 'admin',
    'description' => '',
    'level' => 5,
]);

$moderatorRole = config('roles.models.role')::create([
    'name' => 'Forum Moderator',
    'slug' => 'forum.moderator',
]);

Because of Slugable trait, if you make a mistake and for example leave a space in slug parameter, it'll be replaced with a dot automatically, because of str_slug function.

Attaching, Detaching and Syncing Roles

It's really simple. You fetch a user from database and call attachRole method. There is BelongsToMany relationship between User and Role model.

$user = config('roles.models.defaultUser')::find($id);

$user->attachRole($adminRole); // you can pass whole object, or just an id
$user->detachRole($adminRole); // in case you want to detach role
$user->detachAllRoles(); // in case you want to detach all roles
$user->syncRoles($roles); // you can pass Eloquent collection, or just an array of ids

Assign a user role to new registered users

You can assign the user a role upon the users registration by updating the file app\Http\Controllers\Auth\RegisterController.php. You can assign a role to a user upon registration by including the needed models and modifying the create() method to attach a user role. See example below:

  • Updated create() method of app\Http\Controllers\Auth\RegisterController.php:
    protected function create(array $data)
    {
        $user = config('roles.models.defaultUser')::create([
            'name' => $data['name'],
            'email' => $data['email'],
            'password' => bcrypt($data['password']),
        ]);

        $role = config('roles.models.role')::where('name', '=', 'User')->first();  //choose the default role upon user creation.
        $user->attachRole($role);

        return $user;

    }

Checking For Roles

You can now check if the user has required role.

if ($user->hasRole('admin')) { // you can pass an id or slug
    //
}

You can also do this:

if ($user->isAdmin()) {
    //
}

And of course, there is a way to check for multiple roles:

if ($user->hasRole(['admin', 'moderator'])) {
    /*
    | Or alternatively:
    | $user->hasRole('admin, moderator'), $user->hasRole('admin|moderator'),
    | $user->hasOneRole('admin, moderator'), $user->hasOneRole(['admin', 'moderator']), $user->hasOneRole('admin|moderator')
    */

    // The user has at least one of the roles
}

if ($user->hasRole(['admin', 'moderator'], true)) {
    /*
    | Or alternatively:
    | $user->hasRole('admin, moderator', true), $user->hasRole('admin|moderator', true),
    | $user->hasAllRoles('admin, moderator'), $user->hasAllRoles(['admin', 'moderator']), $user->hasAllRoles('admin|moderator')
    */

    // The user has all roles
}

Levels

When you are creating roles, there is optional parameter level. It is set to 1 by default, but you can overwrite it and then you can do something like this:

if ($user->level() > 4) {
    //
}

If user has multiple roles, method level returns the highest one.

Level has also big effect on inheriting permissions. About it later.

Creating Permissions

It's very simple thanks to Permission model called from config('roles.models.permission').

$createUsersPermission = config('roles.models.permission')::create([
    'name' => 'Create users',
    'slug' => 'create.users',
    'description' => '', // optional
]);

$deleteUsersPermission = config('roles.models.permission')::create([
    'name' => 'Delete users',
    'slug' => 'delete.users',
]);

Attaching, Detaching and Syncing Permissions

You can attach permissions to a role or directly to a specific user (and of course detach them as well).

$role = config('roles.models.role')::find($roleId);
$role->attachPermission($createUsersPermission); // permission attached to a role

$user = config('roles.models.defaultUser')::find($userId);
$user->attachPermission($deleteUsersPermission); // permission attached to a user
$role->detachPermission($createUsersPermission); // in case you want to detach permission
$role->detachAllPermissions(); // in case you want to detach all permissions
$role->syncPermissions($permissions); // you can pass Eloquent collection, or just an array of ids

$user->detachPermission($deleteUsersPermission);
$user->detachAllPermissions();
$user->syncPermissions($permissions); // you can pass Eloquent collection, or just an array of ids

Checking For Permissions

if ($user->hasPermission('create.users')) { // you can pass an id or slug
    //
}

if ($user->canDeleteUsers()) {
    //
}

You can check for multiple permissions the same way as roles. You can make use of additional methods like hasOnePermission or hasAllPermissions.

Permissions Inheritance

By default, roles with higher level inherit all permissions from roles with lower level.

For example:

You have three roles: user, moderator and admin. User has a permission to read articles, moderator can manage comments and admin can create articles. User has a level 1, moderator level 2 and admin level 3. With inheritance enabled, moderator and administrator also have the permission to read articles, and administrator can manage comments as well.

If you don't want the permissions inheritance feature enabled in you application, set the config value roles.inheritance (or its corresponding .env parameter, ROLES_INHERITANCE) to false. Alternatively, simply ignore the level parameter when you're creating roles.

Entity Check

Let's say you have an article and you want to edit it. This article belongs to a user (there is a column user_id in articles table).

use App\Article;

$editArticlesPermission = config('roles.models.permission')::create([
    'name' => 'Edit articles',
    'slug' => 'edit.articles',
    'model' => 'App\Article',
]);

$user->attachPermission($editArticlesPermission);

$article = Article::find(1);

if ($user->allowed('edit.articles', $article)) { // $user->allowedEditArticles($article)
    //
}

This condition checks if the current user is the owner of article. If not, it will be looking inside user permissions for a row we created before.

if ($user->allowed('edit.articles', $article, false)) { // now owner check is disabled
    //
}

Blade Extensions

There are four Blade extensions. Basically, it is replacement for classic if statements.

@role('admin') // @if(Auth::check() && Auth::user()->hasRole('admin'))
    // user has admin role
@endrole

@permission('edit.articles') // @if(Auth::check() && Auth::user()->hasPermission('edit.articles'))
    // user has edit articles permissison
@endpermission

@level(2) // @if(Auth::check() && Auth::user()->level() >= 2)
    // user has level 2 or higher
@endlevel

@allowed('edit', $article) // @if(Auth::check() && Auth::user()->allowed('edit', $article))
    // show edit button
@endallowed

@role('admin|moderator', true) // @if(Auth::check() && Auth::user()->hasRole('admin|moderator', true))
    // user has admin and moderator role
@else
    // something else
@endrole

Middleware

This package comes with VerifyRole, VerifyPermission and VerifyLevel middleware. The middleware aliases are already registered in \jeremykenedy\LaravelRoles\RolesServiceProvider as of 1.7. You can optionally add them inside your app/Http/Kernel.php file with your own aliases like outlined below:

/**
 * The application's route middleware.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
    'role' => \jeremykenedy\LaravelRoles\App\Http\Middleware\VerifyRole::class,
    'permission' => \jeremykenedy\LaravelRoles\App\Http\Middleware\VerifyPermission::class,
    'level' => \jeremykenedy\LaravelRoles\App\Http\Middleware\VerifyLevel::class,
];

Now you can easily protect your routes.

Route::get('/', function () {
    //
})->middleware('role:admin');

Route::get('/', function () {
    //
})->middleware('permission:edit.articles');

Route::get('/', function () {
    //
})->middleware('level:2'); // level >= 2

Route::get('/', function () {
    //
})->middleware('role:admin', 'level:2'); // level >= 2 and Admin

Route::group(['middleware'

鲜花
握手
雷人
路过
鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
More+
上一篇:
bavix/laravel-wallet: Easy work with virtual wallet发布时间:2022-07-07
下一篇:
sleeping-owl/admin: Administrative interface builder for Laravel发布时间:2022-07-09
热门推荐
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap