diyako/laravel-mongodb-permission
Composer 安装命令:
composer require diyako/laravel-mongodb-permission
包简介
Permission handling for Laravel 5.3 using Mongodb based on Spatie package
README 文档
README
This package allows to save permissions and roles in a database. It is built extend from Spatie Laravel Permission
Once installed you can do stuff like this:
//adding permissions to a user $user->givePermissionTo('edit articles'); //adding permissions via a role $user->assignRole('writer'); $user2->assignRole('writer'); $role->givePermissionTo('edit articles');
You can test if a user has a permission with Laravel's default can-function.
$user->can('edit articles');
Install
You can install the package via composer:
$ composer require Mehrdadakbari/laravel-mongodb-permission
This service provider must be installed. And Spatie provider too.
// config/app.php 'providers' => [ ... Spatie\Permission\PermissionServiceProvider::class, Mehrdadakbari\Mongodb\Permissions\PermissionServiceProvider::class, ];
You can publish the config-file with:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
This is the contents of the published config file:
// config/permission.php return [ /* |-------------------------------------------------------------------------- | Authorization Models |-------------------------------------------------------------------------- */ 'models' => [ /* |-------------------------------------------------------------------------- | Permission Model |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | Eloquent model should be used to retrieve your permissions. Of course, it | is often just the "Permission" model but you may use whatever you like. | | The model you want to use as a Permission model needs to implement the | `Spatie\Permission\Contracts\Permission` contract. | */ 'permission' => Spatie\Permission\Models\Permission::class, /* |-------------------------------------------------------------------------- | Role Model |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | Eloquent model should be used to retrieve your roles. Of course, it | is often just the "Role" model but you may use whatever you like. | | The model you want to use as a Role model needs to implement the | `Spatie\Permission\Contracts\Role` contract. | */ 'role' => Spatie\Permission\Models\Role::class, ], /* |-------------------------------------------------------------------------- | Authorization Tables |-------------------------------------------------------------------------- */ 'table_names' => [ /* |-------------------------------------------------------------------------- | Roles Table |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | table should be used to retrieve your roles. We have chosen a basic | default value but you may easily change it to any table you like. | */ 'roles' => 'roles', /* |-------------------------------------------------------------------------- | Permissions Table |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | table should be used to retrieve your permissions. We have chosen a basic | default value but you may easily change it to any table you like. | */ 'permissions' => 'permissions', /* |-------------------------------------------------------------------------- | User Permissions Table |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | table should be used to retrieve your users permissions. We have chosen a | basic default value but you may easily change it to any table you like. | */ 'model_has_permissions' => 'model_has_permissions', /* |-------------------------------------------------------------------------- | User Roles Table |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | table should be used to retrieve your users roles. We have chosen a | basic default value but you may easily change it to any table you like. | */ 'model_has_roles' => 'model_has_roles', /* |-------------------------------------------------------------------------- | Role Permissions Table |-------------------------------------------------------------------------- | | When using the "HasRoles" trait from this package, we need to know which | table should be used to retrieve your roles permissions. We have chosen a | basic default value but you may easily change it to any table you like. | */ 'role_has_permissions' => 'role_has_permissions', ], ];
Adjust the table_names config above for support mongodb many to many relationships (using EmbedsMany)
'model_has_permissions' => Mehrdadakbari\Mongodb\Permissions\Models\EmbedPermission::class, 'model_has_roles' => Mehrdadakbari\Mongodb\Permissions\Models\EmbedRole::class, 'role_has_permissions' => Mehrdadakbari\Mongodb\Permissions\Models\EmbedPermission::class,
Usage
First add the Spatie\Permission\Traits\HasRoles-trait to your User model.
use Illuminate\Foundation\Auth\User as Authenticatable; use Spatie\Permission\Traits\HasRoles; class User extends Authenticatable { use HasRoles; // ... }
This package allows for users to be associated with roles. Permissions can be associated with roles.
A Role and a Permission are regular Eloquent-models. They can have a name and can be created like this:
use Spatie\Permission\Models\Role; use Spatie\Permission\Models\Permission; $role = Role::create(['name' => 'writer']); $permission = Permission::create(['name' => 'edit articles']);
The HasRoles adds eloquent relationships to your models, which can be accessed directly or used as a base query.
$permissions = $user->permissions; $roles = $user->roles()->pluck('name'); // returns a collection
###Using permissions A permission can be given to a user:
$user->givePermissionTo('edit articles'); //you can also give multiple permission at once $user->givePermissionTo('edit articles', 'delete articles'); //you may also pass an array $user->givePermissionTo(['edit articles', 'delete articles']);
A permission can be revoked from a user:
$user->revokePermissionTo('edit articles');
You can test if a user has a permission:
$user->hasPermissionTo('edit articles');
Saved permissions will be registered with the Illuminate\Auth\Access\Gate-class. So you can
test if a user has a permission with Laravel's default can-function.
$user->can('edit articles');
###Using roles and permissions A role can be assigned to a user:
$user->assignRole('writer'); // you can also assign multiple roles at once $user->assignRole('writer', 'admin'); $user->assignRole(['writer', 'admin']);
A role can be removed from a user:
$user->removeRole('writer');
Roles can also be synced :
//all current roles will be removed from the user and replace by the array given $user->syncRoles(['writer', 'admin']);
You can determine if a user has a certain role:
$user->hasRole('writer');
You can also determine if a user has any of a given list of roles:
$user->hasAnyRole(Role::all());
You can also determine if a user has all of a given list of roles:
$user->hasAllRoles(Role::all());
The assignRole, hasRole, hasAnyRole, hasAllRoles and removeRole-functions can accept a
string, a Spatie\Permission\Models\Role-object or an \Illuminate\Support\Collection-object.
A permission can be given to a role:
$role->givePermissionTo('edit articles');
You can determine if a role has a certain permission:
$role->hasPermissionTo('edit articles');
A permission can be revoked from a role:
$role->revokePermissionTo('edit articles');
The givePermissionTo and revokePermissionTo-functions can accept a
string or a Spatie\Permission\Models\Permission-object.
Saved permission and roles are also registered with the Illuminate\Auth\Access\Gate-class.
$user->can('edit articles');
###Using blade directives This package also adds Blade directives to verify whether the currently logged in user has all or any of a given list of roles.
@role('writer') I'm a writer! @else I'm not a writer... @endrole
@hasrole('writer') I'm a writer! @else I'm not a writer... @endhasrole
@hasanyrole(Role::all()) I have one or more of these roles! @else I have none of these roles... @endhasanyrole
@hasallroles(Role::all()) I have all of these roles! @else I don't have all of these roles... @endhasallroles
You can use Laravel's native @can directive to check if a user has a certain permission.
Using a middleware
The package doesn't contain a middleware to check permissions but it's very trivial to add this yourself.
$ php artisan make:middleware RoleMiddleware
This will create a RoleMiddleware for you, where you can handle your role and permissions check.
// app/Http/Middleware/RoleMiddleware.php use Auth; ... public function handle($request, Closure $next, $role, $permission) { if (Auth::guest()) { return redirect($urlOfYourLoginPage); } if (! $request->user()->hasRole($role)) { abort(403); } if (! $request->user()->can($permission)) { abort(403); } return $next($request); }
Don't forget to add the route middleware to your Kernel:
// app/Http/Kernel.php protected $routeMiddleware = [ ... 'role' => \App\Http\Middleware\RoleMiddleware::class, ... ];
Now you can protect your routes using the middleware you just set up:
Route::group(['middleware' => ['role:admin,access_backend']], function () { // });
Extending
If you need to extend or replace the existing Role or Permission models you just need to
keep the following things in mind:
- Your
Rolemodel needs to implement theSpatie\Permission\Contracts\Rolecontract - Your
Permissionmodel needs to implement theSpatie\Permission\Contracts\Permissioncontract - You must publish the configuration with this command:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag="config"and update themodels.roleandmodels.permissionvalues
Unit Test
Soon.
diyako/laravel-mongodb-permission 适用场景与选型建议
diyako/laravel-mongodb-permission 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 133 次下载、GitHub Stars 达 0, 最近一次更新时间为 2023 年 11 月 15 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「mongodb」 「security」 「acl」 「laravel」 「permission」 「rbac」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 diyako/laravel-mongodb-permission 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 diyako/laravel-mongodb-permission 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 diyako/laravel-mongodb-permission 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Generates Symfony2 documents, forms and CRUD
Laravel Multiauth package
Provide a way to secure accesses to all routes of an symfony application.
This package provides a flexible way to add Role-based Permissions to Laravel 6.x
It's a barebone security class written on PHP
A package to allow laravel/passport use with mongodb/laravel-mongodb
统计信息
- 总下载量: 133
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 23
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2023-11-15