Git Product home page Git Product logo

laravel-acl's Introduction

Laravel ACL

ACL component for Laravel 4.

Build Status

Installation

First you need to install this package through Composer. Edit your project's composer.json file to require vivify-ideas/acl.

  "require": {
    "vivify-ideas/acl": "dev-master"
  },
  "minimum-stability" : "dev"

Next, update Composer from the Terminal:

  composer update

Once this operation completes, you will need to add the service provider into your app. Open app/config/app.php, and add a new item to the providers array.

  'VivifyIdeas\Acl\AclServiceProvider

And also add new alias into aliases array.

  'Acl' => 'VivifyIdeas\Acl\Facades\Acl',

Last step is to create main structure for keeping ACL. You can easy done this by running artisan command:

php artisan acl:install

This will use current permission provider (Eloquent) and create DB structure for saving permissions. It will create 2 additional tables acl_permissions and acl_user_permissions.

That's it! You're all set to go.

Configuration

After runing artisan acl:install command, you will get a new config file in app/config/packages/vivify-ideas/acl/config.php.

There you will notice 5 sections.

Provider

'provider' => 'eloquent'

Main feature of this ACL component is PermissionsProvider. Permission provider represent class that handle permissions. Currently there is only one permission provider Eloquent (you can assume that permissions will be stored in DB that you specified on your project).

SuperUsers

'superusers' => array()

Here you can define user IDs that will have superuser rights. This users will be able allowed all permissions.

GuestUser

'guestuser' => 0

Put here ID that will used for setting permissions to guest users.

Permissions

'permissions' => array()

Here you need to put all permissions that exist in your system. Permissions need to be in next format

array(
  array(
    'id' => 'PERMISSION_ID',
    'allowed' => true|false,
    'route' => array('GET:/resource/(\d+)/edit', 'PUT:/resource/(\d+)'),
    'resource_id_required' => true|false,
    'name' => 'Permission name',
    'group_id' => 'GROUP_ID_1', // optional
  ), array(
    'id' => 'PERMISSION_ID_2',
    'allowed' => true|false,
    'route' => 'GET:/resource/(\d+)',
    'resource_id_required' => true|false,
    'name' => 'Permission 2 name'
    'group_id' => 'GROUP_ID_2', // optional
  )
 )

Groups

'groups' => array()

Every permission can belong to some group. You can have groups that belongs to other group. Every group can have a route. Use next format:

array(
  array(
    'id' => 'ADMIN_PRIVILEGES',
    'name' => 'Administrator Privileges',
    'route' => 'GET:/admin/(\d+)',

    'children' => array(
      array(
        'id' => 'MANAGE_STUFF',
        'name' => 'Manage Stuff',
        'route' => 'GET:/resource/(\d+)'
      ),
      array(
        'id' => 'MANAGE_PRODUCTS',
        'name' => 'Manage Products',
        'route' => 'GET:/resource/(\d+)'
      ),
      array(
        'id' => 'MANAGE_USERS',
        'name' => 'Manage Users',
        'route' => 'GET:/resource/(\d+)',

        'children' => array(
          array(
            'id' => 'MANAGE_SPEC_USER',
            'name' => 'Manage spec user',
            'route' => 'GET:/resource/(\d+)'
          )
        )
      )
    )
  ),
  array(
    'id' => 'STUFF_PRIVILEGES',
    'name' => 'Stuff Privileges',
  )
)

Usage

When you are satisfy how your configuration file look like, run next artisan command:

php artisan acl:update

This command you need to run every time when you update config file with new permissions.

If you want to delete all permissions (including user permissions), and again reload permissions from config file you can use this command:

php artisan acl:reset

Available Artisan commands

Here is the list of all artisan commands:

  • acl:install Create basic ACL table structure.
  • acl:install clean Delete all acl tables, reset config file to default version and again create basic ACL table structure.
  • acl:update Update all ACL permissions from config file.
  • acl:reset Reset all ACL permissions. This will delete both user and system permissions and install permissions from config file

Add Acl Filter To Your Application

Now we need to add appropriate filter to application and to set usage in routes.php file.

You can add this filter to your filters.php file and adjust it by your own needs:

Route::filter('acl', function($route, $request)
{
    // we need this because laravel delete form sends POST request with {_method: 'DELETE'} as parameter
    $method = $request->has('_method') ? $request->input('_method') : $request->server('REQUEST_METHOD');
    
    if (!Acl::checkRoute($method, $request->server('REQUEST_URI'))) {
         App::abort(403);
    }
});

And then in routes.php use this filter according to your needs

Route::group(array('before' => 'acl', 'prefix' => '/admin'), function()
{
...
});

Checking permissions

Here are few ways how to check user permissions:

// Whether a user with ID 2 can see a list of all products
Acl::user(2)->permission('LIST_PRODUCTS')->check();

// Whether a user with ID 1 can edit product with ID 2
Acl::user(1)->permission('EDIT_PRODUCT', 2)->check();

// Can currently authenticated user edit product with ID 2
Acl::permission('EDIT_PRODUCT', 2)->check();

// Whether a user with ID 1 can edit and delete product with ID 2
Acl::user(1)->permission('EDIT_PRODUCT', 2)
            ->permission('DELETE_PRODUCT', 2)
            ->check();

// Can user with ID 1 access /products URL
Acl::user(1)->checkRoute('GET', '/products')

// Can currently authenticated user access /products URL
Acl::checkRoute('GET', '/products');

// Get me array of product IDs that user with ID 1 can edit
Acl::user(1)->permission('EDIT_PRODUCT')->getResourceIds();

// Get me array of product IDs that user with ID 1 can not edit
Acl::user(1)->permission('EDIT_PRODUCT')->getResourceIds(false);

laravel-acl's People

Contributors

goranprijic avatar milosh012 avatar vivifyideas avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.