Skip to content

studiofrenetic/lock-laravel

 
 

Repository files navigation

Lock - Laravel Driver

Build Status Quality Score Code Coverage Software License Packagist Version Total Downloads

Lock is a flexible, driver based Acl package for PHP 5.4+.

This package is a Laravel driver for Lock. Check the documentation of Lock for more info.

Table of Contents

Installation

Install this package through Composer.

$ composer require beatswitch/lock-laravel

Register the service provider in your app.php config file.

'BeatSwitch\Lock\Integrations\Laravel\LockServiceProvider',

Register the facades in your app.php config file.

'Lock' => 'BeatSwitch\Lock\Integrations\Laravel\Facades\Lock',
'LockManager' => 'BeatSwitch\Lock\Integrations\Laravel\Facades\LockManager',

Publish the configuration file and edit the configuration options at app/config/packages/beatswitch/lock-laravel/config.php.

$ php artisan config:publish beatswitch/lock-laravel

If you're using the database driver you should run the package's migrations. This will create the database table where all permissions will be stored.

$ php artisan migrate --package="beatswitch/lock-laravel"

Please read the main Lock documentation for setting up the caller contract on your User model and for more in-depth documentation on how Lock works.

Also make sure to set the BeatSwitch\Lock\LockAware trait on your User model. That way your authenticated user will receive a Lock instance of itself so you can call permissions directly from your user object. If no user is authenticated, a SimpleCaller object will be bootstrapped which has the guest role. That way you can still use the Lock facade.

Usage

Setting roles and aliases

You can register roles and aliases beforehand through the permissions callback in the config file. Here you can say which actions should be grouped under an alias or set which roles should inherit permissions from each other.

<?php

use BeatSwitch\Lock\Callers\Caller;
use BeatSwitch\Lock\Manager;

return [

    ...

    'permissions' => function (Manager $manager, Caller $caller) {
        // Set your configuration here.
        $manager->alias('manage', ['create', 'read', 'update', 'delete']);
        $manager->setRole('user', 'guest');
        $manager->setRole(['editor', 'admin'], 'user');
    },
];

Setting permissions with the array driver

If you're using the array driver you can set all your permissions beforehand in the same permissions callback from above.

<?php

use BeatSwitch\Lock\Callers\Caller;
use BeatSwitch\Lock\Callers\SimpleCaller;
use BeatSwitch\Lock\Drivers\ArrayDriver;
use BeatSwitch\Lock\Manager;

return [

    ...

    'permissions' => function (Manager $manager, Caller $caller) {
        // Only set permissions beforehand when using the array driver.
        if ($manager->getDriver() instanceof ArrayDriver) {
            // Set some role permissions.
            $manager->role('guest')->allow('read', 'posts');
            $manager->role('user')->allow('create', 'posts');
            $manager->role('editor')->allow('publish', 'posts');

            // Set permissions for a specific user.
            $manager->caller(new SimpleCaller('users', 1)->allow('publish', 'posts');
        }
    },
];

You'll probably never want to set permissions for your current authed user caller because they'd apply to every user who logs in but it's there if you need it.

Warning: Make sure that you never set permissions through the permissions callback when using the database driver. This would result in permissions getting stored into your database each time your app is run.

Using the database driver

Enable the database driver by switching the driver type in the config file. The database driver will use your default database connection to store permissions to your database. You can choose which table to store the permissions into by changing the setting in the config file.

Now that you have your database driver set up, you're ready to create a UI for your permissions and use the lock manager instance in your application to change permissions for callers or roles.

Using the facades

This package ships with two facades: the Lock facade which holds the BeatSwitch\Lock\Lock instance for your current authed user (or the guest user if no user is authed) and the LockManager class which can be used to bootstrap new lock instances for callers or roles.

Checking permissions for the current user is easy.

Lock::can('create', 'posts');
Lock::cannot('publish', $post);

// Or use the auth instance. This is possible because your User model has the LockAware trait.
Auth::user()->can('create', 'posts');

Use the manager to set permissions.

LockManager::caller($user)->allow('create', 'posts');
LockManager::caller($user)->allow('all');
LockManager::role('editor')->allow('create', 'posts');

Using dependency injection

You can use Laravel's IoC container to insert an instance of the current user's lock instance or the lock manager instance into your classes or controllers.

<?php

use BeatSwitch\Lock\Manager;

class UserManagementController extends BaseController
{
    protected $lockManager;

    public function __construct(Manager $lockManager)
    {
        $this->lockManager = $lockManager;
    }

    public function togglePermission()
    {
        $userId = Input::get('user');
        $action = Input::get('action');
        $resource = Input::get('resource');

        $user = User::find($userId);

        $this->lockManager->caller($user)->toggle($action, $resource);

        return Redirect::route('user_management');
    }
}

Maintainer

This package is currently maintained by Dries Vints.
If you have any questions please don't hesitate to ask them in an issue.

Contributing

Please see the contributing file for details.

Changelog

You can see a list of changes for each release in the changelog file.

License

The MIT License (MIT). Please see the license file for more information.

About

This package is a Laravel driver for Lock

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • PHP 100.0%