| Package Data | |
|---|---|
| Maintainer Username: | uzzal |
| Maintainer Contact: | codehasan@gmail.com (Mahabubul Hasan) |
| Package Create Date: | 2017-02-02 |
| Package Last Update: | 2023-05-18 |
| Language: | PHP |
| License: | MIT |
| Last Refreshed: | 2024-04-11 03:21:35 |
| Package Statistics | |
|---|---|
| Total Downloads: | 1,070 |
| Monthly Downloads: | 0 |
| Daily Downloads: | 0 |
| Total Stars: | 2 |
| Total Watchers: | 2 |
| Total Forks: | 3 |
| Total Open Issues: | 0 |
Dynamically configurable access control for Laravel. One user can have multiple roles.
NOTE: If you are using Bootstrap 3 in your existing project, in that case please
use v1.1.x series of this library
composer require uzzal/acl
In your laravel config/app.php under providers add
Uzzal\Acl\AclServiceProvider::class
artisan vendor:publish
This command will publish view files inside views/vendor/acl,
seed files inside the databases/seed and a config file config/acl.php.
At your DatabaseSeeder.php under database/seeds add the following lines
$this->call(UserTableSeeder::class); //optional
$this->call(RoleTableSeeder::class);
$this->call(ResourceTableSeeder::class);
$this->call(PermissionTableSeeder::class);
$this->call(UserRoleTableSeeder::class);
NOTE: If you see any kind of class not found type error try running composer dump-autoload
This library comes with an artisan command acl:resource to automatically create all the resources (controller@action) available in your project under app/Http/Controllers directory. To activate this command you need to add these following lines to your app/Console/Kernel.php file.
protected $commands = [
Uzzal\Acl\Commands\AclResource::class
];
Acl library now has two annotation support @resource, and @allowRole to be used with controller action
/**
* @resource('able to see home')
* @allowRole('Default, Admin')
*/
public function index()
{
return view('home');
}
NOTE: by default developer role has the highest permission level, and it doesn't need to be mentioned in the
@allowRole annotation. If you remove the @allowRole annotation it won't delete the permissions from the
database, but if you change the role list in the annotation then it will update the databased accordingly.
This ACL library comes with two middleware as shown below. AuthenticateWithAcl is the middleware you need. The other ResourceMaker middle ware is just a helper to create resource dynamically if it doesn't exists in the first place and assign permission for it to the developer role.
In your kernal.php file add this lines
'auth.acl' => \Uzzal\Acl\Middleware\AuthenticateWithAcl::class,
'resource.maker' => \Uzzal\Acl\Middleware\ResourceMaker::class,
In your route/web.php file add this lines
Route::group(['middleware' => ['resource.maker','auth.acl']], function () {
Route::get('/home', 'HomeController@index');
});
IMPORTANT: resource.maker must have to be placed before auth.acl. In production you can remove resource.maker once you have all the resource generated.
To access role visit YOUR-HOST/role url
To access resource UI visit YOUR-HOST/resource url
has_access checks for if a role has access to a specific controller action.
@if(has_access('User\UserController@getIndex'))
OR
@if(has_access('UserController@getIndex'))
has_group_access checks for if a role has access to a specific controller
@if(has_group_access(['User-User','User-Role','User-Resource']))
OR
@if(has_group_access('User-User'))
@nullsafe() checks for whether any of the object property is null or not in a fluent interface ($obj->prop->value), if the chain is broken it will simply return an empty string and prevent showing up call to a member function of a non-object exception.
Blade example:
{{ @nullsafe($obj->prop->value) }}