Laravel ACL adds role based permissions to your Laravel 5 applications. Middleware helps protect routes based on roles and even protects crud methods. Follow along the documentation to find out more.
Add this to your composer.json file, in the require object:
"kodeine/laravel-acl": "dev-master"After that, run composer install to install the package.
Next, add the HasRole, HasPermission traits to your User model:
use Kodeine\ACL\HasRole;
use Kodeine\ACL\HasPermission;
class User extends Model implements AuthenticatableContract, CanResetPasswordContract
{
use Authenticatable, CanResetPassword, HasRole, HasPermission;
}Lets create your first roles.
$role = new Role();
$roleAdmin = $role->create([
'name' => 'Administrator',
'slug' => 'administrator',
'description'=>'manage administration privileges'
]);
$role = new Role();
$roleModerator = $role->create([
'name' => 'Moderator',
'slug' => 'moderator',
'description'=>'manage moderator privileges'
]);Lets assign created roles to a User.
Note: You can pass an object, an array, role->id or just a slug.
$user = User::find(1);
// by object
$user->assignRole($roleAdmin);
// or by id
$user->assignRole($roleAdmin->id);
// or by just a slug
$user->assignRole('administrator');Or multiple roles at once:
// multiple roles in an array
$user->assignRole(array($roleAdmin, $roleModerator));
// or mutiple role slugs separated by comma or pipe.
$user->assignRole('administrator, moderator');Note: The system will throw an exception if role does not exists.
Similarly, you may revoke roles from user
Note: You can pass an object, an array, role->id or just a slug.
$user = User::find(1);
// by object
$user->revokeRole($roleAdmin);
// or by id
$user->revokeRole($roleAdmin->id);
// or by just a slug
$user->revokeRole('administrator');Or multiple roles at once:
// multiple roles in an array
$user->revokeRole(array($roleAdmin, $roleModerator));
// or mutiple role slugs separated by comma or pipe.
$user->revokeRole('administrator, moderator');Note: The system will throw an exception if role does not exists.
You can pass an array of role objects,ids or slugs to sync them to a user.
$user->syncRoles([1,2,3]);
$user->syncRoles('administrator, moderator');
$user->syncRoles((array($roleAdmin, $roleModerator));Note: The system will throw an exception if role does not exists.
You can revoke all roles assigned to a user.
$user->revokeAllRoles();Get roles assigned to a user.
$user = User::first();
$user->getRoles();Lets create your first permission.
$permission = new Permission();
$permUser = $permission->create([
'name' => 'user',
'slug' => [ // pass an array of permissions.
'create' => true,
'view' => true,
'update' => true,
'delete' => true,
'view.phone' => true
],
'description' => 'manage user permissions'
]);
$permission = new Permission();
$permPost = $permission->create([
'name' => 'post',
'slug' => [ // pass an array of permissions.
'create' => true,
'view' => true,
'update' => true,
'delete' => true,
],
'description' => 'manage post permissions'
]);Lets assign created permissions to a Role.
Note: You can pass an object, an array, role->id or just name.
$roleAdmin = Role::first(); // administrator
// permission as an object
$roleAdmin->assignPermission($permUser);
// as an id
$roleAdmin->assignPermission($permUser->id);
// or by name
$roleAdmin->assignPermission('user');Or multiple permissions at once:
// multiple permissions in an array
$roleAdmin->assignPermission(array($permUser, $permPost->id));
// or mutiple role slugs separated by comma or pipe.
$roleAdmin->assignPermission('user, 'post');Note: The system will throw an exception if permission does not exists.
Similarly, you may revoke permissions from a role
Note: You can pass an object, an array, permission->id or just a name.
$roleAdmin = Role::first(); // administrator
// permission as an object
$roleAdmin->revokePermission($permUser);
// as an id
$roleAdmin->revokePermission($permUser->id);
// or by name
$roleAdmin->revokePermission('user');Or multiple permissions at once:
// multiple permissions in an array
$roleAdmin->assignPermission(array($permUser, $permPost->id));
// or mutiple role slugs separated by comma or pipe.
$roleAdmin->assignPermission('user, 'post');Note: The system will throw an exception if role does not exists.
You can pass an array of role objects,ids or slugs to sync them to a user.
$roleAdmin->syncPermissions([1,2,3]);
$roleAdmin->syncPermissions('user, post');
$roleAdmin->syncPermissions((array($permUser, $permPost));Note: The system will throw an exception if role does not exists.
You can revoke all roles assigned to a user.
$roleAdmin->revokeAllPermissions();Get permissions assigned to a role.
$roleAdmin->getPermissions();Get permissions assigned to a user.
$user = User::first();
$user->getPermissions();Roles can be validated by calling is method.
Validate based on User
$user = User::first();
$user->is('administrator');
$user->isAdministrator(); // using methodPermissions can be validated by calling can method.
Validate based on a Role
$admin = Role::first(); // administrator
$admin->can('view.user');
$admin->canViewUser(); // using method.
// by an array
$admin->can(array('view.user', 'edit.user'));
// multiple validations by comma, pipe separated
$admin->can('view.user, edit.user, view.admin, delete.admin');Validate based on User
$user = User::first();
$user->can('delete.user');
$user->canDeleteUser(); // using method