English | 中文

Laravel RBAC

This package helps you to manage permissions and roles.

Installation

You may install this package via Composer:

composer require huang-yi/laravel-rbac

Next, you should publish configuration and migration files using the vendor:publish Artisan command:

php artisan vendor:publish --provider="HuangYi\Rbac\RbacServiceProvider"

Finally, you should run your database migrations:

php artisan migrate

Configuration

• user: The user model class you are using.
• database:
  • connection: The database connection for RBAC tables.
  • prefix: The common prefix for RBAC tables.
• cache: The cache switch.

Usage

Your User model must be configured to rbac.user option. It should implement the HuangYi\Rbac\Contracts\Authorizable interface and use the HuangYi\Rbac\Concerns\Authorizable trait.

namespace App;

use HuangYi\Rbac\Concerns\Authorizable;
use HuangYi\Rbac\Contracts\Authorizable as AuthorizableContract;

class User extends Authenticatable implement AuthorizableContract
{
    use Authorizable, Notifiable;
}

Store a permission to database:

use HuangYi\Rbac\Permission;

Permission::make('edit post');

Store a role to database:

use HuangYi\Rbac\Role;

Permission::make('personnel manager');

Attach or detach permissions to role:

$role->attachPermissions($permissions);

$role->detachPermissions($permissions);

$role->syncPermissions($permissions);

Attach or detach roles to user:

$user->attachRoles($roles);

$user->detachRoles($roles);

$user->syncRoles($roles);

Attach or detach permissions to user:

$user->attachPermissions($permissions);

$user->detachPermissions($permissions);

$user->syncPermissions($permissions);

Determine if the user has roles:

$user->hasRole('author');

$user->hasRoles(['author', 'personnel manager']);

$user->hasAnyRoles(['author', 'personnel manager']);

Determine if the user has permissions:

$user->hasPermission('create post');

$user->hasPermissions(['create post', 'edit post']);

$user->hasAnyPermissions(['create post', 'edit post']);

// this is similar to hasAnyPermissions
$user->can('edit post|edit post');

Super Admin

You may register a callback for determining if the user is a super admin by using Rbac::checkSuperAdminUsing() method:

namespace App\Providers;

use HuangYi\Rbac\Rbac;
use Illuminate\Support\ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    public function boot()
    {
        Rbac::checkSuperAdminUsing(function ($user) {
            return in_array($user->email, ['[email protected]']);
        });
    }
}

Middleware

// role middleware
Route::get('admin/staffs', [StaffController::class, 'index'])->middleware('role:personnel manager|vice president');

// permission middleware
Route::post('post/{post}', [PostController::class, 'update'])->middleware('permission:create post|edit post');

// this is similar to 'permission' middleware
Route::post('post/{post}', [PostController::class, 'update'])->middleware('can:create post|edit post');

Blade Directives

Role directives:

• @role, @elserole, @endrole → hasRole
• @roles, @elseroles, @endroles → hasRoles
• @anyroles, @elseanyroles, @endanyroles → hasAnyRoles

Permission directives:

• @permission, @elsepermission, @endpermission → hasPermission
• @permissions, @elsepermissions, @endpermissions → hasPermissions
• @anypermissions, @elseanypermissions, @endanypermissions → hasAnyPermissions

Tests

composer test

License

This package is open-sourced software licensed under the MIT license.