Make Laravel Permission by yourself

Laravel Guardian



Laravel Guardian makes it easy to perform permission

htps : // 기주 b. 코 m / 쿠온 gn d88 / ぁ 라구아 r ぢ

1-Install cuongnd88/lara-repository using Composer.
$ composer require cuongnd88/lara-guardian

2-Add the following service provider in config/app.php
<?php
// config/app.php
return [
    // ...
    'providers' => [
        // ...
        Cuongnd88\LaraGuardian\LaraGuardianServiceProvider::class,
    ]
    // ...
];

3-Run make:guardian command

php artisan vendor:publish --provider="Cuongnd88\LaraQueryKit\LaraQueryKitServiceProvider"

php artisan make:guardian

App/Traits provides QueryKit trait to empower Laravel models.
App/Guardian/Traits has a trait to support Laravel Guardian.
App/Http/Middlewares/GuardianMiddleware.php is to check user's permissions.
App/Models provides 5 models such as Action, Role, Group, Permission, Role.
database/migrations has 5 tables: actions, roles, groups, permissions, roles.

샘플 사용



Based on route's name, Lara Guardian checks user's permission. You must follow the rule in naming a route: $page.$action
Route::group(['middleware' => ['guardian']], function(){
    Route::get('/user', function(){
        dump("Congratulation. You have the right permission");
    })->name('user.read');
});

You have to assign the guard middleware in your app/Http/Kernel.php file.
    protected $routeMiddleware = [
        . . . .
        'guardian' => \App\Http\Middleware\GuardianMiddleware::class,
    ];


There is the relationship of Guardian's models

MEMO : the alias of actions, pages tables is used to name a route, therefore you need to enter lower-case letters, dash symbol instead of space. Please add App\Guardian\Traits\HasGuardian.php into the model namespace App\Models; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use App\Guardian\Traits\HasGuardian; class User extends Authenticatable { use Notifiable; use HasGuardian; } The HasGuardian trait provides: joinGroup($groupId) : user joins a group. public function joinGroup(Request $request) { $user = \App\Models\User::find(10); $user->joinGroup(2); } joinMultiGroups($groups) : user joins multi groups. public function joinManyGroups(Request $request) { $user = \App\Models\User::find(10); $user->joinMultiGroups([ ['group_id' => 1], ['group_id' => 3], ]); } hasPermissions(array $where = [], string $action = null, array $select = []) : show user's permissions. public function getUserPermissions(Request $request) { $user = \App\Models\User::find(10); $user->hasPermissions()->toArray(); } rightAccess(string $page = null, string $action = null) : check user has the permission to access. public function checkUserAccess(Request $request) { $user = \App\Models\User::find(10); if ($user->rightAccess('product', 'create')) { dump ( 'Right Access'); } else { dump ( 'Forbidden'); } } Import/Export data Currently, Lara Guardian imports array data (read files in config\guardian ) into database, and exports data in DB to file by using simple command php artisan guardian --action[=ACTION] --model[=MODEL] --action= is import or export value. model= is one or three values ​​actions|pages|groups . For example: php artisan guardian --action=import --model=actions App\Traits\QueryKit.php support these useful methods in importing/exporting guardian data: insertDuplicate(array $data, array $insertKeys, array $updateKeys) is insert new rows or update existed rows. The first argument consists of the values ​​to insert or update, while second argument lists the column(s) that uniquely associated table. The third argument is an array of the columns that should be updated if a matching record already exists in the database. $data = [ ['fullname' => 'AAAA', 'email' => '[email protected]', 'age' => 20, 'address' => 'WWW'], ['fullname' => 'BBBBB', 'email' => '[email protected]', 'age' => 25, 'address' => 'QQQQ'], ]; \App\Models\User::insertDuplicate( $data, ['fullname', 'email'], ['age', 'address'] ); except(array $columns) is to retrieve a subset of the output data. $exceptable = ['created_at', 'updated_at', 'deleted_at']; $data = app(User::class)->except($exceptable)->get()->toArray()

좋은 웹페이지 즐겨찾기