authority-php/authority-laravel
Composer 安装命令:
composer require authority-php/authority-laravel
包简介
A simple and flexible authorization system for PHP
README 文档
README
A simple and flexible authorization system for Laravel 5
Installation via Composer
Add Authority to your composer.json file to require Authority
require : {
"laravel/framework": "~5.0.16",
"authority-php/authority-laravel": "dev-master"
}
Now update Composer
composer update
The last required step is to add the service provider to config/app.php
'Authority\AuthorityLaravel\AuthorityLaravelServiceProvider',
Congratulations, you have successfully installed Authority. However, we have also included some other configuration options for your convenience.
For Laravel 4 supports, see Authority-Laravel 2.3 branch
Additional (optional) Configuration Options
Add the alias (facade) to your Laravel app config file.
'Authority' => 'Authority\AuthorityLaravel\Facades\Authority',
This will allow you to access the Authority class through the static interface you are used to with Laravel components.
Authority::can('update', 'SomeModel');
Publish the Authority default configuration file
php artisan vendor:publish
This will place a copy of the configuration file at config/authority.php. The config file includes an 'initialize' function, which is a great place to setup your rules and aliases.
// config/authority.php <?php return array( 'initialize' => function($authority) { $user = $authority->getCurrentUser(); // action aliases $authority->addAlias('manage', array('create', 'read', 'update', 'delete')); $authority->addAlias('moderate', array('read', 'update', 'delete')); // an example using the `hasRole` function, see below examples for more details if ($user->hasRole('admin')){ $authority->allow('manage', 'all'); } } );
Create Roles and Permissions Tables
We have provided a basic table structure to get you started in creating your roles and permissions.
Publish them to your migrations directory or copy them directly.
php artisan vendor:publish
Run the migrations
php artisan migrate
This will create the following tables
- roles
- role_user
- permissions
To utilize these tables, you can add the following methods to your User model. You will also need to create Role and Permission Model stubs.
// app/User.php public function roles() { return $this->belongsToMany('App\Authority\Role'); } public function permissions() { return $this->hasMany('App\Authority\Permission'); } public function hasRole($key) { foreach ($this->roles as $role) { if ($role->name === $key) { return true; } } return false; } // app/Authority/Role.php <?php use Illuminate\Database\Eloquent\Model; class Role extends Model {} // app/Authority/Permission.php <?php use Illuminate\Database\Eloquent\Model; class Permission extends Model {}
Lastly, in your Authority config file which you copied over in the previous configuration step. You can add some rules:
// config/authority.php <?php return array( 'initialize' => function($authority) { $user = $authority->getCurrentUser(); // action aliases $authority->addAlias('manage', array('create', 'read', 'update', 'delete')); $authority->addAlias('moderate', array('read', 'update', 'delete')); // an example using the `hasRole` function, see below examples for more details if ($user->hasRole('admin')) { $authority->allow('manage', 'all'); } // loop through each of the users permissions, and create rules foreach ($user->permissions as $perm) { if ($perm->type == 'allow') { $authority->allow($perm->action, $perm->resource); } else { $authority->deny($perm->action, $perm->resource); } } } );
General Usage
// If you added the alias to `config/app.php` then you can access Authority, from any Controller, View, or anywhere else in your Laravel app like so: if (Authority::can('create', 'User')) { User::create(array( 'username' => 'someuser@test.com' )); } // If you just chose to use the service provider, you can use the IoC container to resolve your instance $authority = App::make('authority');
Interface
There are 5 basic functions that you need to be aware of to utilize Authority.
-
allow: create a rule that will allow access a resource
example 1:
Authority::allow('read', 'User');
example 2, using an extra condition:
Authority::allow('manage', 'User', function($self, $user){ return $self->getCurrentUser()->id === $user->id; });
-
deny: create a rule that will deny access a resource
example 1:
Authority::deny('create', 'User');
example 2, using an extra condition:
Authority::deny('delete', 'User', function ($self, $user) { return $self->getCurrentUser()->id === $user->id; });
-
can: check if a user can access a resource
example:
Authority::can('read', 'User', $user);
-
cannot: check if a use cannot access a resource
example:
Authority::cannot('create', 'User');
-
addAlias: alias together a group of actions
this example aliases together the CRUD methods under a name of
manageAuthority::alias('manage', array('create', 'read', 'update', 'delete'));
Converting to this library, where you previously had been using the IoC container to resolve an instance.
The service provider will merely create a new instance of Authority, and pass in the currently logged in user to the constructor. This should be basically the same process that you were doing in your IoC registry. This means that any code you have used in the past should still work just fine! However it is recommended that you move your rule definitions into the provided configuration file.
authority-php/authority-laravel 适用场景与选型建议
authority-php/authority-laravel 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 17.22k 次下载、GitHub Stars 达 6, 最近一次更新时间为 2015 年 05 月 16 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「authorization」 「Authentication」 「laravel」 「laravel 5」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 authority-php/authority-laravel 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 authority-php/authority-laravel 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 authority-php/authority-laravel 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Ory-Hydra OAuth 2.0 Client Provider for The PHP League OAuth2-Client
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
Email Toolkit Plugin for CakePHP
统计信息
- 总下载量: 17.22k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 8
- 点击次数: 19
- 依赖项目数: 1
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2015-05-16