A simple Laravel 5 package for Role-based permissions.
In the require
key of composer.json
file add the following:
"ricardoriogo/permiso": "dev-master"
Run composer update command.
$ composer update
In config/app.php
add Riogo\Permiso\PermisoServiceProvider
to the end of $providers
array.
'providers' => array(
'App\Providers\EventServiceProvider',
'App\Providers\RouteServiceProvider',
...
'Riogo\Permiso\PermisoServiceProvider',
),
In config/auth.php
change the driver
configuration to permiso
.
Permiso will use App\User
model by default. You will need to change model
configuration on config/auth.php
if you're using another model for authentication.
In your auth model add the UserRoleTrait trait. By default App\User is the model used for authentication.
class User extends Model implements AuthenticatableContract, CanResetPasswordContract {
use Riogo\Permiso\UserRolesTrait
...
}
To create the migration file for roles and permissions tables use the command:
$ php artisan permiso:migration
This will create a migration file on database/migrations
.
Then use migrate command.
$ php artisan migrate
Permiso extends Auth class capabilities for checking if authenticated user have especific roles or permissions.
To check for a role you have to use hasRole()
method.
if (Auth::hasRole('admin')) {
// Actions for this Role
}
You can use the alias method is()
too.
if (Auth::is('admin')) {
// Actions for this Role
}
It's possible check for multiple roles, passing an array with the roles or a string with comma separated values.
// Using an array
if (Auth::hasRole(['admin', 'member'])) {
// Actions for this Roles
}
// Same result with string
if (Auth::hasRole('admin, member')) {
// Actions for this Roles
}
It will return true if user have one or more of this roles.
If you want to check if user have all roles use the method checkAll()
before hasRole()
.
// Will return true if user have admin and member roles.
if (Auth::checkAll()->hasRole(['admin', 'member'])) {
// Actions for this Roles
}
All uses of role are applicable in permissions using hasPermission()
ou your alias can()
.
if (Auth::hasPermission('users.list')) {
// Actions for this Permission
}
if (Auth::checkAll()->can('users.delete, users.create')) {
// Actions for this Permissions
}
For check one role it's possible to use a variant of is()
, it use a magic method to define a role to check. See the examples:
Auth::isAdmin()
will return true if user have admin role.Auth::isMember()
will return true if user have member role.Auth::isRoleWithLongName()
will return true if user have role_with_long_name role.
If you will use your own models for Role and Permission or change the default tables names, publish the configuration file using
$ php artisan vendor:publish --provider="Riogo\Permiso\PermisoServiceProvider"
And change all configuration needed in config/permiso.php
.