visualappeal/laravel-rbac
Composer 安装命令:
composer require visualappeal/laravel-rbac
包简介
Role based access control for Laravel 5
README 文档
README
Super simple RBAC/ACL implementation for Laravel 5. Laravel >=5.4 compatible fork of https://github.com/keepanitreel/laravel-rbac.
Installation
Require this package with composer (Packagist) using the following command
composer require visualappeal/laravel-rbac
or modify your composer.json
"require": {
...
"visualappeal/laravel-rbac": "^0.7"
}
then run composer update.
After installation register the ServiceProvider to the providers array in config/app.php
PHPZen\LaravelRbac\RbacServiceProvider::class,
Publish migration files
$ php artisan vendor:publish --provider="PHPZen\LaravelRbac\RbacServiceProvider" --force
Run migrations
$ php artisan migrate
Add RBAC middleware to your app/Http/Kernel.php
protected $routeMiddleware = [ ... 'rbac' => '\PHPZen\LaravelRbac\Middleware\Rbac::class' ];
Add Rbac trait to your User model
use PHPZen\LaravelRbac\Traits\Rbac; class User extends Authenticatable { use Rbac; ... }
Usage
Roles
Create role
$adminRole = new Role; $adminRole->name = 'Administrator'; $adminRole->slug = 'administrator'; $adminRole->description = 'System Administrator'; $adminRole->save(); $editorRole = new Role; $editorRole->name = 'Editor'; $editorRole->slug = 'editor'; $editorRole->description = 'Editor'; $editorRole->save();
Assign role to user
$user = User::find(1); $user->roles()->attach($adminRole->id);
you can also assign multiple roles at once
$user->roles()->attach([$adminRole->id, $editorRole->id]);
Revoke role from user
$user->roles()->detach($adminRole->id);
you can also revoke multiple roles at once
$user->roles()->detach([$adminRole->id, $editorRole->id]);
Sync roles
$user->roles()->sync([$editorRole->id]);
Any role already assigned to user will be revoked if you don't pass its id to sync method.
Permissions
Create permission
$createUser = new Permission; $createUser->name = 'Create user'; $createUser->slug = 'user.create'; $createUser->description = 'Permission to create user'; $createUser->save(); $updateUser = new Permission; $updateUser->name = 'Update user'; $updateUser->slug = 'user.update'; $updateUser->description = 'Permission to update user'; $updateUser->save();
Assign permission to role
$adminRole = Role::find(1); $adminRole->permissions()->attach($createUser->id);
you can also assign multiple permissions at once
$adminRole->permissions()->attach([$createUser->id, $updateUser->id]);
Revoke permission from role
$adminRole->permissions()->detach($createUser->id);
you can also revoke multiple permissions at once
$adminRole->permissions()->detach([$createUser->id, $updateUser->id]);
Sync permissions
$adminRole->permissions()->sync([$updateUser->id]);
Any permission already assigned to role will be revoked if you don't pass its id to sync method.
Check user roles/permissions
Roles and permissions can be checked on User instance using hasRole and canDo methods.
$isAdmin = Auth::user()->hasRole('administrator'); // pass role slug as parameter $isAdminOrEditor = Auth::user()->hasRole('administrator|editor'); // using OR operator $canUpdateUser = Auth::user()->canDo('update.user'); // pass permission slug as parameter $canUpdateOrCreateUser = Auth::user()->canDo('update.user|create.user'); // using OR operator
Protect routes
Laravel RBAC provides middleware to protect single route and route groups. Middleware expects 2 comma separated params:
- is or can as first param - what to check (role/permission)
- role/permission slug as second param
Route::get('/backend', [ 'uses' => 'BackendController@index', 'middleware' => ['auth', 'rbac:is,administrator'] ]); Route::get('/backend', [ 'uses' => 'BackendController@index', 'middleware' => ['auth', 'rbac:is,administrator|editor'] ]); Route::get('/dashboard', [ 'uses' => 'DashboardController@index', 'middleware' => ['auth', 'rbac:can,view.dashboard'] ]); Route::get('/dashboard', [ 'uses' => 'DashboardController@index', 'middleware' => ['auth', 'rbac:can,view.dashboard|view.statistics'] ]);
Blade directive
Laravel RBAC provides two Blade directives to check if user has role/permission assigned.
Check for role
@ifUserIs('administrator')
// show admin content here
@else
// sorry
@endif
@ifUserIs('administrator|editor')
// show editor content here
@else
// sorry
@endif
Check for permission
@ifUserCan('delete.user')
// show delete button
@endif
@ifUserCan('delete.user|manage.user')
// show delete button
@endif
License
Laravel RBAC is open-sourced software licensed under the MIT license
visualappeal/laravel-rbac 适用场景与选型建议
visualappeal/laravel-rbac 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 17.61k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2016 年 11 月 21 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「auth」 「acl」 「laravel」 「roles」 「permissions」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 visualappeal/laravel-rbac 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 visualappeal/laravel-rbac 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 visualappeal/laravel-rbac 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Laravel Multiauth package
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
Provide a way to secure accesses to all routes of an symfony application.
This package provides a flexible way to add Role-based Permissions to Laravel 6.x
It's a barebone security class written on PHP
Email Toolkit Plugin for CakePHP
统计信息
- 总下载量: 17.61k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 32
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2016-11-21