Skip to content
/ aclcore Public

ACL for Laravel. Optimized for performance

License

Notifications You must be signed in to change notification settings

Napp/aclcore

Repository files navigation

Napp ACL Core

Build Status Scrutinizer Code Quality Code Coverage Software License codecov

Roles and Permissions for Laravel optimized for performance. Every permission is registered through code instead of pivot tables. This results in great performance.

Install

composer require napp/aclcore

You can publish the config file with:

php artisan vendor:publish --provider="Napp\Core\Acl\AclServiceProvider" --tag="config"

When published - then review it and change accordingly to your applications. The config files config/acl.php contains:

return [
    /**
     * Define which Eloquent models used by the package
     */
    'models' => [
        'role' => Napp\Core\Acl\Model\Role::class,
        'user' => Illuminate\Foundation\Auth\User::class,
    ],

    /**
     * Table names for the package
     */
    'table_names' => [
        'roles' => 'roles',
        'users_roles' => 'users_roles',
    ],

    /**
     * The default guard used to authorize users
     */
    'guard' => 'web'
];

Usage

Add HasRole trait to your User model:

use Illuminate\Foundation\Auth\User as Authenticatable;
use Napp\Core\Acl\Contract\Role as RoleContract;
use Napp\Core\Acl\Role\HasRole;

class User extends Authenticatable implements RoleContract
{
    use HasRole;
}

Register Permissions

Register simple permissions in your app.

Napp\Core\Acl\PermissionRegistrar::register([
    'users.create', 
    'users.view'
]);

Register permissions with Closure.

Napp\Core\Acl\PermissionRegistrar::register([
    'users.create' => 'My\App\Users\Permissions@create',
    'users.update' => 'My\App\Users\Permissions@edit',
    'users.view'
]);

Register Middleware

Add the middleware to App/Http/Kernal.php

protected $routeMiddleware = [
    'may' => \Napp\Core\Acl\Middleware\Authorize::class,

usage:

Route::get('users', ['uses' => 'UsersController@index'])->middleware('may:users.view');

Usage in php code

// authorize a single permission
if (may('users.view')) {
    // do something
}

// authorize if **any** of the permissions are valid
if (may(['users.view', 'users.create'])) {
    // do something
}

// authorize if **all** of the permissions are valid
if (mayall(['users.view', 'users.create'])) {
    // do something
}

// reverse - not logic
if (maynot('users.view')) {
    return abort();
}

// check for user role
if (has_role($user, 'manager')) {
    // do something
}

// check if user has many roles
if (has_role($user, ['support', 'hr'])) {
    // do something
}

Usage in Blade

may is equivalent to default can from Laravel.

@may('users.create')
    <a href="my-link">Create</a>
@endmay

Check if user has any of the permissions

@may(['users.create', 'users.update'])
    <a href="my-link">Create</a>
@endmay

Check if user have all of the permissions

@mayall(['users.create', 'users.update'])
    <a href="my-link">Create</a>
@endmayall

Use maynot for reverse logic

@maynot('users.create')
    <a href="my-link">Create</a>
@endmaynot

Check if user has a specific role

@hasrole('admin')
    <a href="my-link">Create</a>
@endhasrole

See PHPUnit tests for more examples and usage.