DEV Community

loading...
Cover image for Make Laravel Permission by yourself

Make Laravel Permission by yourself

Ngo Dinh Cuong
Once you stop learning you start dying
・3 min read

Laravel Guardian

Laravel Guardian makes it easy to perform permission

https://github.com/cuongnd88/lara-guardian

1-Install cuongnd88/lara-repository using Composer.

$ composer require cuongnd88/lara-guardian
Enter fullscreen mode Exit fullscreen mode

2-Add the following service provider in config/app.php

<?php
// config/app.php
return [
    // ...
    'providers' => [
        // ...
        Cuongnd88\LaraGuardian\LaraGuardianServiceProvider::class,
    ]
    // ...
];
Enter fullscreen mode Exit fullscreen mode

3-Run make:guardian command


php artisan vendor:publish --provider="Cuongnd88\LaraQueryKit\LaraQueryKitServiceProvider"

php artisan make:guardian

Enter fullscreen mode Exit fullscreen mode

App/Traits provides QueryKit trait to empower Laravel models.

App/Guardian/Traits has a trait to support Laravel Guardian.

App/Http/Middlewares/GuardianMiddleware.php is to check user's permissions.

App/Models provides 5 models such as Action, Role, Group, Permission, Role.

database/migrations has 5 tables: actions, roles, groups, permissions, roles.

Sample Usage

Based on route's name, Lara Guardian checks user's permission. You must follow the rule in naming a route: $page.$action

Route::group(['middleware' => ['guardian']], function(){
    Route::get('/user', function(){
        dump("Congratulation. You have the right permission");
    })->name('user.read');
});
Enter fullscreen mode Exit fullscreen mode

You have to assign the guard middleware in your app/Http/Kernel.php file.

    protected $routeMiddleware = [
        . . . .
        'guardian' => \App\Http\Middleware\GuardianMiddleware::class,
    ];

Enter fullscreen mode Exit fullscreen mode

There is the relationship of Guardian's models

Guardian models

MEMO: the alias of actions, pages tables is used to name a route, therefore you need to enter lower-case letters, dash symbol instead of space.

Please add App\Guardian\Traits\HasGuardian.php into the model

namespace App\Models;

use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use App\Guardian\Traits\HasGuardian;

class User extends Authenticatable
{
    use Notifiable;
    use HasGuardian;
}
Enter fullscreen mode Exit fullscreen mode

The HasGuardian trait provides:

joinGroup($groupId) : user joins a group.

    public function joinGroup(Request $request)
    {
        $user = \App\Models\User::find(10);
        $user->joinGroup(2);
    }
Enter fullscreen mode Exit fullscreen mode

joinMultiGroups($groups) : user joins multi groups.

    public function joinManyGroups(Request $request)
    {
        $user = \App\Models\User::find(10);
        $user->joinMultiGroups([
            ['group_id' => 1],
            ['group_id' => 3],
        ]);
    }
Enter fullscreen mode Exit fullscreen mode

hasPermissions(array $where = [], string $action = null, array $select = []) : show user's permissions.

    public function getUserPermissions(Request $request)
    {
        $user = \App\Models\User::find(10);
        $user->hasPermissions()->toArray();
    }
Enter fullscreen mode Exit fullscreen mode

rightAccess(string $page = null, string $action = null) : check user has the permission to access.

    public function checkUserAccess(Request $request)
    {
        $user = \App\Models\User::find(10);
        if ($user->rightAccess('product', 'create')) {
            dump('Right Access');
        } else {
            dump('Forbidden');
        }
    }
Enter fullscreen mode Exit fullscreen mode

Import/Export data

Currently, Lara Guardian imports array data (read files in config\guardian) into database, and exports data in DB to file by using simple command

php artisan guardian --action[=ACTION] --model[=MODEL]
Enter fullscreen mode Exit fullscreen mode

--action= is import or export value.

model= is one or three values actions|pages|groups.

For example:

php artisan guardian --action=import --model=actions
Enter fullscreen mode Exit fullscreen mode

App\Traits\QueryKit.php support these useful methods in importing/exporting guardian data:

insertDuplicate(array $data, array $insertKeys, array $updateKeys) is insert new rows or update existed rows. The first argument consists of the values to insert or update, while second argument lists the column(s) that uniquely identify records within the associated table. The third argument is an array of the columns that should be updated if a matching record already exists in the database.

$data = [
    ['fullname' => 'AAAA', 'email' => 'aaaa@xxxx.com', 'age' => 20, 'address' => 'WWW'],
    ['fullname' => 'BBBBB', 'email' => 'bbbb@xxxx.com', 'age' => 25, 'address' => 'QQQQ'],
];
\App\Models\User::insertDuplicate(
        $data,
        ['fullname', 'email'],
        ['age', 'address']
    );
Enter fullscreen mode Exit fullscreen mode

except(array $columns) is to retrieve a subset of the output data.

    $exceptable = ['created_at', 'updated_at', 'deleted_at'];
    $data = app(User::class)->except($exceptable)->get()->toArray()
Enter fullscreen mode Exit fullscreen mode

Discussion (0)