ephort/laravel-data-authorization
Composer 安装命令:
composer require ephort/laravel-data-authorization
包简介
Add authorization to your data
README 文档
README
This package adds authorization to your spatie/laravel-data objects, which
is very useful if you want to expose data objects to the frontend (e.g. when using Inertia), but still need to check
if the user is allowed to perform certain actions.
Installation
Install the package via composer:
composer require ephort/laravel-data-authorization
Usage
This package is intended to be used with Inertia, but does not require it or depend on it.
To add the authorization checks to your data objects, extend the DataWithAuthorization class.
All the methods of the base Data class are still available.
Next, implement the static getAuthorizations method, which should return an array containing the
names of the actions that need to be exposed and checked.
use Ephort\LaravelDataAuthorization\DataWithAuthorization; class UserData extends DataWithAuthorization { public function __construct( public int $id, public string $name, ) { } public static function getAuthorizations(): array { return [ 'view', 'update', 'delete', ]; } }
When the data object is transformed, a lazy authorization property is appended to the resulting array.
This property contains a key for each defined policy action and is evaluated by Gate::allows.
{
"id": 1,
"name": "Taylor Otwell",
"authorization": {
"view": true,
"update": false,
"delete": false
}
}
Avoid processing authorizations
Because the authorization property is lazy, we can exclude it from the data object to avoid calling the gate on every
serialization.
UserData::from($user)->exclude('authorization');
Or use the built-in helper method:
UserData::from($user)->withoutAuthorization();
Note when using custom from methods
When using
a custom from method,
the pipeline that resolves authorizations is not used.
This means you must call the static resolveAuthorizationArray method manually when instantiating your
data object:
public static function fromModel(User $user): self { return self::from([ 'id' => $user->id, 'name' => $user->name, 'authorization' => static::resolveAuthorizationArray($user), ]); }
You can also wrap the authorization array in a Lazy property if needed:
Lazy::create(fn () => static::resolveAuthorizationArray($user))->defaultIncluded();
TypeScript support
Thanks to Spatie, it's very easy to generate TypeScript interfaces from data objects and enums.
Install the TypeScript Transformer package and publish its
configuration file:
composer require spatie/laravel-typescript-transformer php artisan vendor:publish --tag=typescript-transformer-config
Open config/typescript-transformer.php and add the following collector and transformer:
Ephort\LaravelDataAuthorization\Collectors\DataAuthorizationTypeScriptCollector::class must be the first collector.
'collectors' => [
+ Ephort\LaravelDataAuthorization\Collectors\DataAuthorizationTypeScriptCollector::class,
Spatie\TypeScriptTransformer\Collectors\DefaultCollector::class,
Spatie\TypeScriptTransformer\Collectors\EnumCollector::class,
],
'transformers' => [
Spatie\LaravelTypeScriptTransformer\Transformers\SpatieStateTransformer::class,
Spatie\TypeScriptTransformer\Transformers\EnumTransformer::class,
Spatie\TypeScriptTransformer\Transformers\SpatieEnumTransformer::class,
Spatie\LaravelTypeScriptTransformer\Transformers\DtoTransformer::class,
+ Ephort\LaravelDataAuthorization\Transformers\DataAuthorizationTypeScriptTransformer::class,
],
The above configuration uses a collector provided by this package, which finds data objects that
extend DataWithAuthorization and generates typings with their authorizations. This is what powers typed authorization
support.
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Credits
The code is primarily copied from the awesome project Hybridly by Enzo Innocenzi, which is a great alternative to Inertia.
License
The MIT License (MIT). Please see License File for more information.
ephort/laravel-data-authorization 适用场景与选型建议
ephort/laravel-data-authorization 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3.98k 次下载、GitHub Stars 达 5, 最近一次更新时间为 2024 年 06 月 04 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「laravel」 「laravel-data」 「ephort」 「laravel-data-authorization」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 ephort/laravel-data-authorization 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 ephort/laravel-data-authorization 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 ephort/laravel-data-authorization 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A Scribe Plugin to generate API doc from spatie/laravel-data
Generate JSON Schemas from Laravel Data objects with validation attributes
Free Scramble extension for automatic OpenAPI schema generation from spatie/laravel-data classes
Alfabank REST API integration
Laravel package for URL value objects, sanitization pipelines, browser URL support, validation rules, request macros, and Laravel Data integration.
Create unified resources and data transfer objects
统计信息
- 总下载量: 3.98k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 6
- 点击次数: 15
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-06-04