README

开发模式

检查列表

• 缓存

• 超级用户

• ...

• 安装

  • Composer
  • 中间件

• 配置

  • 发布
  • 配置包
  • 配置模型

• 说明

  • 创建数据
  • 附加/解除角色和权限
  • 检查角色/权限/级别
  • 使用中间件

安装

Composer

运行命令

composer require buzz/laravel-advanced-authorization 3.*

或者打开 composer.json，插入以下代码并运行命令 composer update

"buzz/laravel-advanced-authorization": "3.*",

中间件

包已注册中间件 permission

配置

• 因此发布配置、迁移、模型，你可以运行以下命令

php artisan vendor:publish --provider="Buzz\Authorization\AuthorizationServiceProvider"

然后运行命令： php artisan migrate（在运行此命令之前，你可能想编辑迁移文件）

用户模型

你需要移除 trait Authorizable 和 contract AuthorizableContract（laravel的默认设置）。

<?php

namespace App;

use Buzz\Authorization\Traits\PermissionForUserTrait;
use Buzz\Authorization\Traits\RoleForUserTrait;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract
{
    use Notifiable, Authenticatable, CanResetPassword, RoleForUserTrait, PermissionForUserTrait;

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = [
        'name', 'email', 'password',
    ];

    /**
     * The attributes that should be hidden for arrays.
     *
     * @var array
     */
    protected $hidden = [
        'password', 'remember_token',
    ];
}

说明

创建数据

创建角色

$role = new \App\Role();//depend "model_role" config 
$role->name = 'Admin';
$role->slug = 'Admin';// can use str_slug('Create posts', '.');
$role->save();

附加/解除数据

附加/解除权限

//attach
$role->attachPermission($permission);//input is object
$role->attachPermission([$permission, $permission2, $permission3]);//input is array objects
$role->attachPermission(1);//assume 1 is id of $permission
$role->attachPermission([1,2,3]);//assume 1,2,3 is id of $permission, $permission2, $permission3

//detach
$role->detachPermission($permission);//input is object
$role->detachPermission([$permission, $permission2, $permission3]);//input is array objects
$role->detachPermission(1);//assume 1 is id of $permission
$role->detachPermission([1,2,3]);//assume 1,2,3 is id of $permission, $permission2, $permission3
$role->detachPermission([]);//detach all permissions

附加/解除角色

$user = \App\User::find(1);//depend "model_user" config 
//attach
$role->attachRole($role);//input is object
$role->attachRole([$role, $role2, $role3]);//input is array objects
$role->attachRole(1);//assume 1 is id of $role
$role->attachRole([1,2,3]);//assume 1,2,3 is id of $role, $role2, $role3

//detach
$role->detachRole($role);//input is object
$role->detachRole([$role, $role2, $role3]);//input is array objects
$role->detachRole(1);//assume 1 is id of $role
$role->detachRole([1,2,3]);//assume 1,2,3 is id of $role, $role2, $role3
$role->detachRole([]);//detach all roles

检查角色/权限/级别

如果 Auth::check() === false，则始终返回 false

如果配置 blade_shortcut 为 true，则所有 blade 快捷方式都可用

//someAction: is, isAny, can, canAny
//check user with database
$user = \App\User::find(1);
$user->someAction
//check current user login
$user = \Auth::user();
$user->someAction
//or
Authorization::someAction
//or
app('authorization')->someAction

检查是否有角色或有所有角色

$user->is('admin');//admin is slug of role
//OR
$user->is(['admin', 'mod']);//['admin', 'mod'] is array slugs of role
//Blade
@role('admin')
    //your code
@endRole

检查是否在任何角色中有一个角色

$user->isAny(['admin', 'mod']);
//Blade
@anyRole('admin')
    //your code
@endAnyRole

检查是否有权限或有所有权限

$user->can('post.create');//admin is slug of permission
//OR
$user->can(['post.create', 'post.delete']);//['admin', 'mod'] is array slugs of permission
//Blade
@permission('post.create')
    //your code
@endPermission

检查是否有任何权限中的一个权限

$user->canAny(['post.create', 'post.delete']);
//Blade
@anyPermission('post.create')
    //your code
@endAnyPermission

检查级别（如果配置 user_level 为 true，则可用）

@greaterLevel('3')// check smallest level of user > 3
    //your code
@endGreaterLevel
@endLessLevel('3')// check smallest level of user < 3
    //your code
@endGreaterLevel
@betweenLevel(3, 5)// check smallest level of user between 3 and 5
    //your code
@endBetweenLevel
@matchAnyLevel([3,5])// check smallest level of user has in array [3,5]
    //your code
@endMatchAnyLevel

使用中间件检查

如果不匹配，则抛出异常，您可以在配置中通过 key permission_exception、role_exception、level_exception 来更改异常类

检查权限

//check user can delete post
Route::get('/permission', ['middleware' => ['permission:post.delete'], 'uses' => function () {
    return 'permission';
}]);
//check user can delete post and create post
Route::get('/permission', ['middleware' => ['permission:post.delete&post.create'], 'uses' => function () {
    return 'permission';
}]);
//check user can delete post or create post
Route::get('/permission', ['middleware' => ['permission:post.delete|post.create'], 'uses' => function () {
    return 'permission';
}]);

检查角色

//check user is admin
Route::get('/role', ['middleware' => ['role:admin'], 'uses' => function () {
    return 'role';
}]);
//check user is admin and mod
Route::get('/role', ['middleware' => ['role:admin&mod'], 'uses' => function () {
    return 'role';
}]);
//check user is admin or mod
Route::get('/role', ['middleware' => ['role:admin|mod'], 'uses' => function () {
    return 'role';
}]);

检查级别：默认情况下，包获取用户的最小级别并进行比较，如果您想使用最大级别，可以在前面添加前缀 "max"。例如

• level:max1
• level:max1<=>3
• level:max<3
• ...

//check level smallest of user equal 1
Route::get('/level', ['middleware' => ['level:1'], 'uses' => function () {
    return 'level';
}]);
//check 1 <= level smallest of user <= 3
Route::get('/level', ['middleware' => ['level:1<=>3'], 'uses' => function () {
    return 'level';
}]);
//check level smallest of user < 3
Route::get('/level', ['middleware' => ['level:<3'], 'uses' => function () {
    return 'level';
}]);
//check level smallest of user > 3
Route::get('/level', ['middleware' => ['level:>3'], 'uses' => function () {
    return 'level';
}]);
//check user has all level in list 1,2,3
Route::get('/level', ['middleware' => ['level:1&2&3'], 'uses' => function () {
    return 'level';
}]);
//check user has one level in list 1,2,3
Route::get('/level', ['middleware' => ['level:1|2|3'], 'uses' => function () {
    return 'level';
}]);

文档正在最终确定中