muan/laravel-acl

ACL package for Laravel

Muan Laravel Acl package v1.3

Muan Acl is a PHP package for Laravel Framework, used for manipulation of access control list. Package is providing an easier way to control roles and permissions of users on your site., _(*1)

Requirements

• PHP >=7.0

Install

1) Type next command in your terminal:, _(*2)

composer require muan/laravel-acl

2) Add the service provider to your config/app.php file in section providers:, _(*3)

Laravel 5.5 uses Package Auto-Discovery, so does not require you to manually add the ServiceProvider., _(*4)

'providers' => [
    // ...
    Muan\Acl\AclServiceProvider::class,
    // ...
],

3) Run the migrations:, _(*5)

php artisan migrate

Usage

Use the following traits on your User model:

// ...

use Muan\Acl\Traits\{HasRolesTrait, HasPermissionsTrait};

class User extends Authenticatable
{
    use HasRolesTrait, HasPermissionsTrait;

    // ... Your User Model Code
}

Using observer

To bind the base role to the user after registration, you can specify a public property $baseRole., _(*6)

For example:, _(*7)

class User extends Authenticatable
{
    // ...

    /**
     * Attach base role
     */
    public $baseRole = 'user';

    // ...
}

Using in code

Check role, _(*8)

if ($user->hasRole('admin')) {
    // User is admin
}
// or
if ($user->hasRole('admin', 'writer')) {
    // User is admin or writer
}

Attach role, _(*9)

$user->attachRole(10, "moderator")

The same function, detach role, _(*10)

$user->detachRole('moder');
// ...
$user->detachRole('admin', '3', '2');

Clear all roles, _(*11)

$user->clearRoles();

Check permission, _(*12)

if ($user->hasPermission('create post')) {
    // User has permission "create post"
}

Attach permissions, _(*13)

$user->attachPermission("update post");

Detach permissions, _(*14)

$user->detachPermission("remove post");

Clear all permissions, _(*15)

$user->clearPermissions();

See the code for more information... =), _(*16)

Commands for manipulation

Permissions

Create new permission, _(*17)

php artisan permission:add "create post"

Rename permission, _(*18)

php artisan permission:rename "create post" create.post

Remove permission, _(*19)

php artisan permission:remove "create post"

Show all permissions, _(*20)

php artisan permission:list

Roles

Create new role, _(*21)

php artisan role:add admin

Rename role, _(*22)

php artisan role:rename admin superuser

Remove role, _(*23)

php artisan role:remove admin

View all roles, _(*24)

php artisan role:list

Attach permissions to role, _(*25)

php artisan role:attach admin --id=2 --id=3 --name="create post"

Detach permissions from role, _(*26)

php artisan role:detach admin --id=3 --name="destroy user"

Clear all attached permissions, _(*27)

php artisan role:clear

View information about role and show all attached permissions, _(*28)

php artisan role:view admin

Users

Attach roles, _(*29)

php artisan user:role-attach 5 --id=2 --name=moderator

Detach roles, _(*30)

php artisan user:role-detach 5 --id=2 --name=admin

Detached all roles from user, _(*31)

php artisan user:role-clear

Attach permissions, _(*32)

php artisan user:permission-attach 5 --id=7 --name="remove comment"

Detach permissions, _(*33)

php artisan user:permission-detach 5 --id=2 --name="read secret post"

Detached all permission from user, _(*34)

php artisan user:permission-clear

View information about user, all attached roles and permissions, _(*35)

php artisan user:view 5

where 5 is ID of user., _(*36)

Using blade directives

You also can use directives to verify the currently logged in user has any roles or permissions., _(*37)

Check roles:, _(*38)

blade @role('admin') <!-- User has role admin --> @elserole('writer') <!-- User has role writer --> <!-- ... --> @else <!-- User with other roles --> @endrole, _(*39)

or check more roles in one directive:, _(*40)

 @role(['admin', 'writer'])
    <!-- User has next roles: admin, writer -->
 @endrole

Check permissions:, _(*41)

@can('create post')
    <!-- User can create post -->
@elsecan('edit post')
    <!-- User can edit post  -->
@endcan

Using middlewares

You can use role middleware for check access to some routes, _(*42)

Route::middleware(['role:admin'])->group(function() {

    // Only for user with role admin
    Route::get('/admin', function() {
        // some code
    });

});

also you can use permission middleware, _(*43)

Route::middleware(['permission:create post'])->group(function() {

    // Only for user with permission create post
    Route::get('/admin/post', function() {
        // some code
    });

});

or use role and permission middleware together, _(*44)

Route::middleware(['role:moderator', 'permission:remove post'])->group(function() {

    // Only for user with role moderator and with permission create post
    Route::get('/admin/post/remove', function() {
        // some code
    });

});

License

Muan Laravel Acl package is licensed under the MIT License., _(*45)