通过
搜索
搜索rappasoft / vault
此包已被废弃且不再维护。未建议替代包。
Vault, Laravel 5 角色与权限
v0.1-alpha
2015-02-03 15:05 UTC
Requires
- php: >=5.4.0
- illuminate/html: 5.*
- illuminate/support: ~5.0
Requires (Dev)
- phpunit/phpunit: 4.0.*
This package is auto-updated.
Last update: 2020-03-21 15:55:27 UTC
README
##此包不再维护。请使用完整模板代替。
Vault (Laravel 5 包)
Vault 是一个简单而强大的 Laravel 5 框架访问控制系统。它包含一个后端用户界面来管理用户、角色和权限,以及它们之间的关系。
请注意,虽然此包完全可用,但仍在开发中,代码库经常变化。当包稳定发布时,将创建 1.0 标签。
示例: Vault 用户索引 Vault 创建角色 Vault 编辑用户 Vault 角色索引
文档
- 设置
- [配置] (#configuration)
- [许可证] (#license)
- [问题] (#issues)
先决条件
- 此包假设您已经安装了使用预打包认证库和功能的 Laravel 5。对于全新项目,我建议使用我的Laravel 5 模板包并要求此库。
- 用户模型必须启用软删除。
在 composer.json 文件的 require 键中添加以下内容
"rappasoft/vault": "dev-master"
$ composer update
在您的 config/app.php 中,将以下内容添加到您的 $providers 和 $aliases 数组中
'providers' => [ App\Providers\EventServiceProvider::class, App\Providers\RouteServiceProvider::class, ... Rappasoft\Vault\VaultServiceProvider::class, Illuminate\Html\HtmlServiceProvider::class, ],
'aliases' => [ 'App' => Illuminate\Support\Facades\App::class, ... 'Form' => Illuminate\Html\FormFacade::class, 'HTML' => Illuminate\Html\HtmlFacade::class ],运行 `vendor:publish` 命令
$ php artisan vendor:publish --provider="Rappasoft\Vault\VaultServiceProvider"
$ php artisan vendor:publish --provider="Rappasoft\Vault\VaultServiceProvider" --tag="config"
$ php artisan vendor:publish --provider="Rappasoft\Vault\VaultServiceProvider" --tag="migration"
$ php artisan vendor:publish --provider="Rappasoft\Vault\VaultServiceProvider" --tag="seeder"
$ php artisan vendor:publish --provider="Rappasoft\Vault\VaultServiceProvider" --tag="assets"
$ composer dumpautoload -o
$ php artisan migrate
<?php namespace App; ... use Illuminate\Database\Eloquent\SoftDeletes; use Rappasoft\Vault\Traits\UserHasRole; class User extends Model implements AuthenticatableContract, CanResetPasswordContract { use Authenticatable, CanResetPassword, SoftDeletes, UserHasRole; }运行 `seed` 命令
$ php artisan db:seed --class="VaultTableSeeder"
protected $routeMiddleware = [ 'auth' => App\Http\Middleware\Authenticate::class, 'auth.basic' => Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'guest' => App\Http\Middleware\RedirectIfAuthenticated::class, ... 'vault.routeNeedsRole' => \Rappasoft\Vault\Http\Middleware\RouteNeedsRole::class, 'vault.routeNeedsPermission' => \Rappasoft\Vault\Http\Middleware\RouteNeedsPermission::class, 'vault.routeNeedsRoleOrPermission' => \Rappasoft\Vault\Http\Middleware\RouteNeedsRoleOrPermission::class, ];
### 完成!现在您应该能够导航到 http://localhost/access/users 来查看用户索引。
## 配置 ### 配置文件/* * The company name used in the footer of the vault views. */ vault.general.company_name /* * Whether or not to load the vault views when the application loads. * Useful if you want to copy the vault routes into your own routes file to modify. */ vault.general.use_vault_routes /* * The namespaced route to the vault role */ vault.role /* * The namespaced route to the vault permission */ vault.permission /* * Used by Vault to save roles to the database. */ vault.roles_table /* * Used by Vault to save permissions to the database. */ vault.permissions_table /* * Used by Vault to save relationship between permissions and roles to the database. */ vault.permission_role_table /* * Used by Vault to save relationship between permissions and users to the database. * This table is only for permissions that belong directly to a specific user and not a role */ vault.permission_user_table /* * Used by Vault to save assigned roles to the database. */ vault.assigned_roles_table /* * Amount of users to show per page for pagination on users.index */ vault.users.default_per_page /* * The rules to validate the users password by when creating a new user */ vault.users.password_validation /* * Whether a role must contain a permission or can be used standalone (perhaps as a label) */ vault.roles.role_must_contain_permission /* * Whether or not the administrator role must possess every permission * Works in unison with permissions.permission_must_contain_role */ vault.roles.administrator_forced /* * Whether a permission must contain a role or can be used standalone * Works in unison with roles.administrator_forced * If a permission doesn't contain a role it can be assigned directly to a user */ vault.permissions.permission_must_contain_role /* * Validation overwrites, at time of validation uses these rules * Each must return an array even if a single rule */ vault.validation.users.create vault.validation.users.update### Vault 视图
默认情况下,该包在没有发布其视图的情况下工作。但如果你想要将 vault 视图发布到应用程序以完全控制,请运行 vault:views 命令
$ php artisan vault:views
如果你不想让 vault 使用其默认的路由文件,你可以复制它并将配置 vault.general.use_vault_routes 设置为 false,它将默认不加载。
如果你想要启用/禁用用户,你只需在登录用户的地方进行一个检查即可
if ($user->status == 0) return Redirect::back()->withMessage("Your account is currently disabled");## 应用路由中间件
Laravel 5 正在尝试远离 filters.php 文件,更多地使用中间件。以下是从 vault 路由文件中的示例,展示了一组需要管理员角色的路由
Route::group([ 'middleware' => 'vault.routeNeedsRole', 'role' => ['Administrator'], 'redirect' => '/', 'with' => ['error', 'You do not have access to do that.'] ], function() { Route::group(['prefix' => 'access'], function () { /*User Management*/ Route::resource('users', '\Rappasoft\Vault\Http\Controllers\UserController', ['except' => ['show']]); }); });vault.routeNeedsRole vault.routeNeedsPermission vault.routeNeedsRoleOrPermission ### 路由参数
middleware => 中间件名称,你可以在 app/Http/Kernel.php 文件中更改它们。 role => 一个角色的字符串或由名称组成的角色数组。 permission => 一个权限的字符串或由名称组成的权限数组。 needsAll => 一个布尔值,默认为 false,表示是否需要所有指定的角色/权限进行认证。 with => 在失败时发送会话闪存。数组包含 2 项,第一项是会话键,第二项是值。 redirect => 认证失败时重定向到 URL。 redirectRoute => 认证失败时重定向到路由。 redirectAction => 认证失败时重定向到动作。 如果没有指定重定向,将抛出 response('Unauthorized', 401);。
/** * Checks if the user has a Role by its name. * @param string $name * @return bool */ Vault::hasRole($role); /** * Checks to see if the user has an array of roles, and whether or not all must return true to authenticate * @param array $roles * @param boolean $needsAll * @return bool */ Vault::hasRoles($roles, $needsAll); /** * Check if user has a permission by its name. * @param string $permission. * @return bool */ Vault::can($permission); /** * Check an array of permissions and whether or not all are required to continue * @param array $permissions * @param boolean $needsAll * @return bool */ Vault::canMultiple($permissions, $needsAll);
$user->hasRole($role); $user->hasRoles($roles, $needsAll); $user->can($permission); $user->canMultiple($permissions, $needsAll);### VaultRoute 特性
如果您想利用 Vault 路由处理程序使用的方法,可以使用 use 它
use Rappasoft\Vault\Traits\VaultRoute
这将为您的中介服务提供抓取路由资源的方法。您可以在中介服务中添加方法来抓取 Vault 默认不抓取的资源并利用它们。
## Blade 扩展Vault 随带 @blade 扩展,帮助您通过角色或权限显示和隐藏数据,而无需在代码中使用不想要的 if 语句来混淆代码
@role('User') This content will only show if the authenticated user has the `User` role. @endrole @permission('can_view_this_content') This content will only show if the authenticated user is somehow associated with the `can_view_this_content` permission. @endpermission
@role('User') @section('special_content') @endrole @permission('can_view_this_content') @section('special_content') @endpermission## 许可证 ## 其他信息