Laravel Guardian
Laravel Guardian makes it easy to perform permission
https://github.com/cuongnd88/lara-guardian
1-Install cuongnd88/lara-repository
using Composer.
$ composer require cuongnd88/lara-guardian
2-Add the following service provider in config/app.php
<?php
// config/app.php
return [
// ...
'providers' => [
// ...
Cuongnd88\LaraGuardian\LaraGuardianServiceProvider::class,
]
// ...
];
3-Run make:guardian
command
php artisan vendor:publish --provider="Cuongnd88\LaraQueryKit\LaraQueryKitServiceProvider"
php artisan make:guardian
App/Traits
provides QueryKit
trait to empower Laravel models.
App/Guardian/Traits
has a trait to support Laravel Guardian.
App/Http/Middlewares/GuardianMiddleware.php
is to check user's permissions.
App/Models
provides 5 models such as Action, Role, Group, Permission, Role.
database/migrations
has 5 tables: actions, roles, groups, permissions, roles.
Sample Usage
Based on route's name, Lara Guardian checks user's permission. You must follow the rule in naming a route: $page.$action
Route::group(['middleware' => ['guardian']], function(){
Route::get('/user', function(){
dump("Congratulation. You have the right permission");
})->name('user.read');
});
You have to assign the guard
middleware in your app/Http/Kernel.php
file.
protected $routeMiddleware = [
. . . .
'guardian' => \App\Http\Middleware\GuardianMiddleware::class,
];
There is the relationship of Guardian's models
MEMO
: the alias
of actions, pages
tables is used to name a route, therefore you need to enter lower-case
letters, dash
symbol instead of space.
Please add App\Guardian\Traits\HasGuardian.php
into the model
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use App\Guardian\Traits\HasGuardian;
class User extends Authenticatable
{
use Notifiable;
use HasGuardian;
}
The HasGuardian
trait provides:
joinGroup($groupId)
: user joins a group.
public function joinGroup(Request $request)
{
$user = \App\Models\User::find(10);
$user->joinGroup(2);
}
joinMultiGroups($groups)
: user joins multi groups.
public function joinManyGroups(Request $request)
{
$user = \App\Models\User::find(10);
$user->joinMultiGroups([
['group_id' => 1],
['group_id' => 3],
]);
}
hasPermissions(array $where = [], string $action = null, array $select = [])
: show user's permissions.
public function getUserPermissions(Request $request)
{
$user = \App\Models\User::find(10);
$user->hasPermissions()->toArray();
}
rightAccess(string $page = null, string $action = null)
: check user has the permission to access.
public function checkUserAccess(Request $request)
{
$user = \App\Models\User::find(10);
if ($user->rightAccess('product', 'create')) {
dump('Right Access');
} else {
dump('Forbidden');
}
}
Import/Export data
Currently, Lara Guardian imports array data (read files in config\guardian
) into database, and exports data in DB to file by using simple command
php artisan guardian --action[=ACTION] --model[=MODEL]
--action=
is import
or export
value.
model=
is one or three values actions|pages|groups
.
For example:
php artisan guardian --action=import --model=actions
App\Traits\QueryKit.php
support these useful methods in importing/exporting guardian data:
insertDuplicate(array $data, array $insertKeys, array $updateKeys)
is insert new rows or update existed rows. The first argument consists of the values to insert or update, while second argument lists the column(s) that uniquely identify records within the associated table. The third argument is an array of the columns that should be updated if a matching record already exists in the database.
$data = [
['fullname' => 'AAAA', 'email' => 'aaaa@xxxx.com', 'age' => 20, 'address' => 'WWW'],
['fullname' => 'BBBBB', 'email' => 'bbbb@xxxx.com', 'age' => 25, 'address' => 'QQQQ'],
];
\App\Models\User::insertDuplicate(
$data,
['fullname', 'email'],
['age', 'address']
);
except(array $columns)
is to retrieve a subset of the output data.
$exceptable = ['created_at', 'updated_at', 'deleted_at'];
$data = app(User::class)->except($exceptable)->get()->toArray()
Top comments (0)