通过 
搜索
搜索panoscape / access
Laravel 的角色和权限控制
1.0.2
2017-02-14 03:46 UTC
Requires
- illuminate/support: ^5.3
Requires (Dev)
- orchestra/database: ~3.3
- orchestra/testbench: ~3.3
- phpunit/phpunit: ~5.0
This package is not auto-updated.
Last update: 2024-09-15 01:11:41 UTC
README
访问
Laravel 的角色和权限控制
安装
Composer
composer require panoscape/access
服务提供者
config/app.php
'providers' => [ ... Panoscape\Access\AccessServiceProvider::class, ];
外观
config/app.php
'aliases' => [ ... 'Access' => Panoscape\Access\Facades\Access::class, ];
权限和角色
config/app.php
'aliases' => [ ... 'App\Permission' => Panoscape\Access\Permission::class, 'App\Role' => Panoscape\Access\Role::class, ];
中间件
app/Http/Kernel.php
protected $routeMiddleware = [ ... 'access' => \Panoscape\Access\Middleware\VerifyAccess::class, ];
迁移
php artisan vendor:publish --provider="Panoscape\Access\AccessServiceProvider" --tag=migrations
在迁移之前,您需要修改发布迁移文件中的 users 表,以匹配您的应用程序中使用的正确用户表
//TODO: user table $table->foreign('user_id')->references('id')->on('users')
用法
将 HasRoles 特性添加到用户模型中。
<?php namespace App; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Database\Eloquent\SoftDeletes; use Panoscape\Access\HasRoles; class User extends Authenticatable { use Notifiable, SoftDeletes, HasRoles; }
获取角色和权限
$user->roles(); $user->permissions(); $role->permissions(); $role->users(); $permission->roles();
您还可以使用动态属性
$user->roles; $user->permissions; $role->permissions; $role->users; $permission->roles;
检查角色和权限
//return true if the user has this role $user->hasRoles('admin'); //return true if the user has all three roles $user->hasRoles(['admin', 'editor', 'author']); //equivalent to array $user->hasRoles('admin|editor|author'); //return true if the user has any of the three roles $user->hasRoles(['admin', 'editor', 'author'], false); //by default it checks 'name' column; you may specify which column to check $user->hasRoles([1, 3, 12], true, 'id'); //or check permissions $user->hasPermissions('edit_users'); //also available on role $role->hasPermissions('edit_users');
附加/分离/同步
//by name $user->attachRoles('admin'); //by id $user->attachRoles(1); //by model instance $user->attachRoles($role); //with array $user->attachRoles(['admin', 'editor']); $user->attachRoles([1, 2]); //specify column $user->attachRoles(['1', '2'], 'id'); //detach $user->detachRoles('admin'); //detach all $user->detach([]); //sync $user->syncRoles('admin'); //detach all $user->syncRoles([]); //sync without detaching $user->syncRoles(['admin', 'editor'], false); //same with role and permissions $role->attachPermissions('editor_users'); $role->detachPermissions('editor_users'); $role->syncPermissions('editor_users');
外观
//check the current authenticated user's roles and permissions Access::hasRoles('admin'); Access::hasPermissions('edit_users'); //check the given user's roles and permissions Access::hasRoles('admin', true, 'name', $user); Access::hasPermissions('edit_users', true, 'name', $user); //attach roles to current authenticated user Access::attachRoles('admin'); Access::attachRoles(['admin', 'editor']); //attach roles to the given user Access::attachRoles('admin', 'name', $user); Access::attachRoles(['admin', 'editor'], 'name', $user);
中间件
//role Route::get('/dashboard', 'DashboardController@index')->middleware('access:roles,admin'); //permission Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,edit_users'); //multiple Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,edit_users|manage_sites'); //requirement and column Route::get('/dashboard', 'DashboardController@index')->middleware('access:permissions,1|3,false,id');
Blade
@roles('admin')
<div>
...
<div>
@endroles
@permissions('edit_users|Manage_sites')
<div>
...
<div>
@endpermissions
@roles('admin|editor|root', false)
<div>
...
<div>
@endroles
@permissions('1|2|3', false, 'id')
<div>
...
<div>
@endpermissions
测试
composer test
或
vendor/bin/phpunit
变更日志
1.0.1 - 2016-11-24
新增
- 在 Facades 中添加了附加/分离/同步角色和权限的功能
- 现在,外观接受特定的用户,而不是始终使用
auth()->user() - 删除用户时分离角色
- 删除角色时分离权限
- 单元测试
变更
- 将
access中间件第一个参数的名称从单数改为复数格式:从role改为roles,从permission改为permissions - Blade 指令中的多个参数不再需要用数组包裹
修复
roles和permissionsBlade 指令失败问题