Making of the Laravel 5.3 sample application with AuthorityController package
You can get the demo application HERE.
The Laravel framework utilizes Composer for installation and dependency management. If you haven't already, start by installing Composer.
Now you can install Laravel by issuing the following command from your terminal:
composer create-project laravel/laravel your-project-name --prefer-distLaravel provides a quick way to scaffold all of the routes and views you need for authentication using one simple command:
cd your-project-name/
php artisan make:authThen, add authority-controller package to your composer.json file to require AuthorityController:
composer require efficiently/authority-controller:2.3.*Add the service provider to config/app.php:
Efficiently\AuthorityController\AuthorityControllerServiceProvider::class,Add the aliases (facades) to your Laravel app config file:
'Params' => Efficiently\AuthorityController\Facades\Params::class,
'Authority' => Efficiently\AuthorityController\Facades\Authority::class,Configure your application database, for this tutorial we use SQLite.
So you need to enable php_sqlite3 and php_pdo_sqlite extensions in your php.ini file.
In config/database.php, replace default' => 'mysql', by default' => 'sqlite',':
'default' => 'sqlite',Then in the sqlite connection, replace 'database' => env('DB_DATABASE', database_path('database.sqlite')),
by 'database' => env('DB_DATABASE', storage_path('database.sqlite')),
And in .env, replace DB_CONNECTION=mysql by DB_CONNECTION=sqlite
You also need to create the database file, execute this command from the root of your project:
touch storage/database.sqliteTo create the users table we will use artisan, We hope you know how to use it.
Next, we can run our migrations from our terminal using the migrate command. Simply execute this command from the root of your project:
php artisan migrateFor an easy start, we should insert a default user in the table. To do this, we create the following file database/seeds/UsersTableSeeder.php:
<?php
//database/seeds/UsersTableSeeder.php:
use Illuminate\Database\Seeder;
use App\User;
class UsersTableSeeder extends Seeder
{
public function run()
{
// !!! All existing users are deleted !!!
DB::table('users')->truncate();
User::create([
'email' => 'admin@localhost.com',
'name' => 'Administrator',
'password' => Hash::make('password'),
]);
}
}This way we simply create an admin user with password as password. Now we have to tell the system to use this seeder. We uncomment the call to UsersTableSeeder in the DatabaseSeeder.
<?php
//database/seeds/DatabaseSeeder.php:
use Illuminate\Database\Seeder;
use Illuminate\Database\Eloquent\Model;
class DatabaseSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$this->call(UsersTableSeeder::class);
}
}We have provided a basic table structure to get you started in creating your roles and permissions.
Publish them to your migrations directory or copy them directly.
php artisan vendor:publish --provider="Efficiently\AuthorityController\AuthorityControllerServiceProvider" --tag="migrations"Run the migrations
php artisan migrateThis will create the following tables
- roles
- role_user
- permissions
To utilize these tables, you can add the following methods to your App\User model. You will also need to create Role and Permission Model stubs.
//app/User.php
public function roles()
{
return $this->belongsToMany(Authority\Role:class);
}
public function permissions()
{
return $this->hasMany(Authority\Permission::class);
}
public function hasRole($key)
{
$hasRole = false;
foreach ($this->roles as $role) {
if ($role->name === $key) {
$hasRole = true;
break;
}
}
return $hasRole;
}
//app/Authority/Role.php
<?php
namespace App\Authority;
use Illuminate\Database\Eloquent\Model;
class Role extends Model {}
//app/Authority/Permission.php
<?php
namespace App\Authority;
use Illuminate\Database\Eloquent\Model;
class Permission extends Model {}For an easy start, we should insert a default role in the table. To do this, we create the following file database/seeds/RolesTableSeeder.php:
<?php
//database/seeds/RolesTableSeeder.php:
use Illuminate\Database\Seeder;
use App\User;
use App\Authority\Role;
class RolesTableSeeder extends Seeder
{
public function run()
{
// !!! All existing roles are deleted !!!
DB::table('role_user')->truncate();
DB::table('roles')->truncate();
$user = User::where('email', 'admin@localhost.com')->firstOrFail();
$roleAdmin = Role::create(['name' => 'admin']);
$user->roles()->attach($roleAdmin->id);
}
}This way we simply create an admin role and attach it to your admin user. Now we have to tell the system to use this seeder. We declare a call RolesTableSeeder in the DatabaseSeeder.
<?php
//database/seeds/DatabaseSeeder.php:
use Illuminate\Database\Seeder;
use Illuminate\Database\Eloquent\Model;
class DatabaseSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$this->call(UsersTableSeeder::class);
$this->call(RolesTableSeeder::class);
}
}Composer need to know this two new Seeder classes, run this command:
composer dump-autoloadTo seed your database, you may use the db:seed command on the Artisan CLI:
php artisan db:seedUser permissions are defined in an AuthorityController configuration file.
You can publish the AuthorityController default configuration file with the command below:
php artisan vendor:publish --provider="Efficiently\AuthorityController\AuthorityControllerServiceProvider" --tag="config"Here a basic config sample. Users with admin role can do everything (create, read, update, delete) in App\User resource.
//config/authority-controller.php
<?php
$serializer = new SuperClosure\Serializer;
return [
'initialize' => $serializer->serialize(function ($authority) {
$user = auth()->guest() ? new App\User : $authority->getCurrentUser();
if ($user->hasRole('admin')) {
$authority->allow('manage', App\User::class);
} else {
// nothing
}
})
];Edit your app/Http/Controllers/Controller.php file to add the ControllerAdditions trait and disable the use of the AuthorizesRequests trait:
<?php
namespace App\Http\Controllers;
use Illuminate\Foundation\Bus\DispatchesJobs;
use Illuminate\Routing\Controller as BaseController;
use Illuminate\Foundation\Validation\ValidatesRequests;
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
class Controller extends BaseController
{
// use AuthorizesRequests;
use DispatchesJobs, ValidatesRequests;
use \Efficiently\AuthorityController\ControllerAdditions;
//code...
}Create a RESTful controller UsersController via the command line, execute the following command:
php artisan make:controller UsersControllerNow we can register a resourceful route to the controller, add the line below a the end of routes/web.php file:
//...
Route::resource('users', 'UsersController');Next, we'll create a simple view to display our user data. We're going to place a new view file resources/views/users/index.blade.php:
@extends('layouts.app')
@section('content')
<h2>Users list</h2>
<ul>
@foreach($users as $user)
<li>{{ $user->name }}</li>
@endforeach
</ul>
@stopNow let's modify our UsersController to add a constructor and complete index action to look like this:
//app/Http/Controllers/UsersController.php
//...
public function __construct()
{
$this->loadAndAuthorizeResource();
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index()
{
return view('users.index')->with('users', $this->users);
}
//...Run Laravel development server, with this command:
php artisan serveIn your Web browser, go to this URL: http://localhost:8000/users
You should see an AccessDenied exception.
With this error message: You are not authorized to access this page..
Go to: http://localhost:8000/login
Fill the login form with admin@localhost.com and password then click on the Login button.
You should see: You are logged in!.
Then go back to: http://localhost:8000/users
You should see: Administrator.
Congratulations, You have the basics to use AuthorityController!