Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding permissions to different Model? #465

Closed
ctwillie opened this issue Sep 11, 2019 · 10 comments
Closed

Adding permissions to different Model? #465

ctwillie opened this issue Sep 11, 2019 · 10 comments
Labels

Comments

@ctwillie
Copy link

ctwillie commented Sep 11, 2019

How would one go about adding permissions to another model? I am using the default user model in laravel with bouncer. I want to be able to add permissions to my "Department" model and have bouncer work the same with. So, If I allow a permission to a Department, then check for that permission on a user that belongs to that department, bouncer will authorize.

What would need to be done to accomplish this for permissions. I don't plan to assign roles to Departments, only permissions.

@JosephSilber
Copy link
Owner

Bouncer lets you grant roles and abilities to any type of model:

Bouncer::allow($department)->to('create', Coo::class);

However, when checking a user's ability, Bouncer won't automatically check the department. For that, you'll need a policy class:

class CooPolicy
{
    public function create($user)
    {
        return $user->department->can('create', Coo::class);
    }
}

@ctwillie
Copy link
Author

Got it. Thanks!

@ctwillie
Copy link
Author

So after doing the first step above, the ability is created in "abilities" table, but there is no record for assignment in "permissions" table.

I planned to query the "permissions" table in my policy logic for this check, but no record is being created. Is it something to do with the lazy conductor?

@ctwillie
Copy link
Author

ctwillie commented Sep 16, 2019

Also, in reference to,

Bouncer lets you grant roles and abilities to any type of model:

I'm getting this error when trying to grant a department permission to a specific resource.

Example:

$page = App\Page::first();
$department = App\Department::first();
Bouncer::allow($department)->to('view', $page);

Error:
BadMethodCallException with message 'Call to undefined method App/Department::abilities()

@JosephSilber
Copy link
Owner

To add permissions to other models, be sure to use the Authorizable trait:

use Illuminate\Database\Eloquent\Model;
use Silber\Bouncer\Database\Concerns\Authorizable;

class Department extends Model
{
    use Authorizable;
}

@ctwillie
Copy link
Author

So, I'm working in tinker for testing.
I added the "Authorizable" trait to my department model.
after running:

Bouncer::allow($department)->to('view', $page)

I still get an error in tinker:

BadMethodCallException with message 'Call to undefined method App/Department::abilities()

Despite the error in tinker, the record is SUCCESSFULLY created in the "abilities" table, but NO RECORD is created in the "permissions" table.
Is there something I am missing?

@ctwillie
Copy link
Author

Any help here? I created a work around to add and check department abilities, but its definitely not the laravel way.

@ctwillie ctwillie closed this as completed Oct 2, 2019
@ctwillie
Copy link
Author

ctwillie commented Oct 2, 2019

I get a policy is required to check the permissions, but this

Bouncer::allow($department)->to('create', Coo::class);

isn't even working properly. And yes, I did add the Authorizable trait.

@ziming
Copy link
Contributor

ziming commented Feb 20, 2020

Hi @ctwillie

Encountered the same problem today. Hope you solved yours.

The solution I found is to add Authorizable trait and HasAbilities trait as follows

use Authorizable, HasAbilities {
        Authorizable::getClipboardInstance insteadof HasAbilities;
    }

Hope it helped you as it has helped me.

@JosephSilber The docs could benefit from an update on this. Cheers!

@ctwillie
Copy link
Author

ctwillie commented Feb 20, 2020

I appreciate the helpful response. I'm going to try this out now. Will give you an update. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants