thinkingmik / acl-manager-laravel by mandreoli

A Laravel access control list package
15
4
2
access acl laravel resource permission
Github Link
Packagist Link
Package Data
Maintainer Username: mandreoli
Maintainer Contact: michi.andreoli@gmail.com (Michele Andreoli)
Package Create Date: 2015-04-28
Package Last Update: 2015-05-09
Language: PHP
License: MIT
Last Refreshed: 2024-11-19 03:01:08
Package Statistics
Total Downloads: 15
Monthly Downloads: 1
Daily Downloads: 0
Total Stars: 4
Total Watchers: 2
Total Forks: 1
Total Open Issues: 1

PHP ACL Manager for Laravel 5

Latest Version Software License Build Status Code Quality Total Downloads

Versions

Laravel | ACL Manager | PHP :---------|:-------------|:---- 4.2.x | 1.x |>= 5.4 5.0.x | 2.x |>= 5.4

Summary

Introduction

Adds ACL to Laravel 5. This ACL solution for Laravel is useful when you need to store policy rules or users' roles into a database. ACL Manager are composed by three entities:

  1. Roles
  2. Resources
  3. Permissions

Installation

Add the following line to the require section of composer.json:

{
    "require": {
        "thinkingmik/acl-manager-laravel": "2.x"
    }
}

Setup

  1. Add 'ThinKingMik\AclManager\AclManagerServiceProvider', into the service provider list in config/app.php.
  2. Add 'Acl' => 'ThinKingMik\AclManager\Facades\AclManagerFacade', into the list of aliases in config/app.php.
  3. Add 'ThinKingMik\AclManager\Middleware\AclManagerExceptionHandler', into the list of middlewere in app/Http/Kernel.php.

Migrations and configuration file

In order to use the Acl Manager publish its configuration and migrations first

php artisan vendor:publish

Note: migrations are only published, remember to run them when ready.

Migrations

This package comes with all the migrations you need to run a full featured Acl Manager. First of all you need to check the reference to the user table name:

  • Check the users table name of your Laravel installation in config/auth.php at the section:
/*
 |--------------------------------------------------------------------------
 | Authentication Table
 |--------------------------------------------------------------------------
 |
 | When using the "Database" authentication driver, we need to know which
 | table should be used to retrieve your users. We have chosen a basic
 | default value but you may easily change it to any table you like.
 |
 */

'table' => 'system_users',
  • Change the table reference for user_id foreign key in these files database/migrations:
xxx_000006_create_acl_users_roles_table.php
xxx_000005_create_acl_users_policies_table.php
  • Check user_id foreign key in all the above files to be sure that the user table name is the same as 'table' => 'system_users':
$table->foreign('user_id')->references('id')->on('system_users')
  • Now you can run:
php artisan migrate

Configuration

Edit the file config/acl.php to suit your needs.

Usage

Routing

You can use Acl Manager in routes as a filter

Route::get('/private', array('before' => 'auth|acl:admin.*', 'uses' => function() {

}));

All checks are made on user_id attribute retrieved from session. You can define many different acl: filters:

acl:role.resource.permission //check if logged user has role and the permission on resource
acl:*.resource.permission    //check if logged user has permission on resource
acl:role.*                   //check if logged user has role
acl:role.resource.*          //check if logged user has role and any permissions on resource
acl:*.resource.*             //check if logged user has any permissions on resource

You can also combine these filters with ; separator like:

acl:admin.*;guest.*

Facade

The Acl Manager is available through the Facade Acl or through the acl service in the IOC container. The methods available are:

/**
 * Check if user ID has a specified policy/policies
 * @param integer $user User ID
 * @param string $policies The policies used in routing
 * return boolean
 **/
Acl::isRouteAllowed(1, 'admin.*;guest.*');

/**
 * Check if user has permission on resource
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return boolean
 **/
Acl::isAllowed(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Check if role has permission on resource
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return boolean
 **/
Acl::areAnyRolesAllowed(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Check if user has roles
 * @param array $users Array of user objects or array of user IDs
 * @param array $roles Array of role objects or array of role IDs
 * return boolean
 **/
Acl::hasRole(array(1), array('1', '2'));

/**
 * Add permissions on resources for users specified
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * @param date [$expire] Optionally you can specify an expiration date for policies  
 * return boolean
 **/
Acl::allowUsers(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01');

/**
 * Add permissions on resources for roles specified
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * @param date [$expire] Optionally you can specify an expiration date for policies  
 * return boolean
 **/
Acl::allowRoles(array(1), array('post', 'dashboard'), array('edit', 'view'), '2099-11-01');

/**
 * Remove permissions on resources for users specified
 * @param array $users Array of user objects or array of user IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs  
 * return integer The number of deleted policies
 **/
Acl::denyUsers(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Remove permissions on resources for roles specified
 * @param array $roles Array of role objects or array of role IDs
 * @param array $resources Array of resource objects or array of resource IDs
 * @param array $permissions Array of permission objects or array of permission IDs
 * return integer The number of deleted policies
 **/
Acl::denyRoles(array(1), array('post', 'dashboard'), array('edit', 'view'));

/**
 * Add roles to users
 * @param array $users Array of user objects or array of user IDs
 * @param array $roles Array of role objects or array of role IDs
 * @param char [$main] Optionally you can specify the main role  
 * return boolean
 **/
Acl::addUsersRoles(array(1), array('1', '2'), 'Y');

License

This package is released under the MIT License.