1. Go to this page and download the library: Download beatswitch/lock library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
beatswitch / lock example snippets
use BeatSwitch\Lock\Callers\Caller;
class User implements Caller
{
public function getCallerType()
{
return 'users';
}
public function getCallerId()
{
return $this->id;
}
public function getCallerRoles()
{
return ['editor', 'publisher'];
}
}
use BeatSwitch\Lock\Callers\Caller;
class Organization implements Caller
{
public function getCallerType()
{
return 'organizations';
}
public function getCallerId()
{
return $this->id;
}
public function getCallerRoles()
{
return ['enterprise'];
}
}
use \BeatSwitch\Lock\Drivers\ArrayDriver;
use \BeatSwitch\Lock\Lock;
use \BeatSwitch\Lock\Manager;
// Create a new Manager instance.
$manager = new Manager(new ArrayDriver());
// Instantiate a new Lock instance for an object which implements the Caller contract.
$lock = $manager->caller($caller);
// Set some permissions.
$lock->allow('manage_settings');
$lock->allow('create', 'events');
// Use the Lock instance to validate permissions on the given caller.
$lock->can('manage_settings'); // true: can manage settings
$lock->can('create', 'events'); // true: can create events
$lock->cannot('update', 'events'); // true: cannot update events
$lock->can('delete', 'events'); // false: cannot delete events
use BeatSwitch\Lock\Manager;
class UserManagementController extends BaseController
{
protected $lockManager;
public function __construct(Manager $lockManager)
{
$this->lockManager = $lockManager;
}
public function togglePermission()
{
$userId = Input::get('user');
$action = Input::get('action');
$resource = Input::get('resource');
$user = User::find($userId);
$this->lockManager->caller($user)->toggle($action, $resource);
return Redirect::route('user_management');
}
}
$manager->setRole('guest');
$manager->setRole('user', 'guest'); // "user" will inherit all permissions from "guest"
$manager->setRole(['editor', 'admin'], 'user'); // "editor" and "admin" will inherit all permissions from "user".
// Allow a guest to read everything.
$manager->role('guest')->allow('guest', 'read');
// Allow a user to create posts.
$manager->role('user')->allow('create', 'posts');
// Allow an editor and admin to publish posts.
$manager->role('editor')->allow('publish', 'posts');
$manager->role('admin')->allow('publish', 'posts');
// Allow an admin to delete posts.
$manager->role('admin')->allow('delete', 'posts');
// Let's assume our caller has the role of "editor" and check some permissions.
$lock = $manager->caller($caller);
$lock->can('read'); // true
$lock->can('delete', 'posts'); // false
$lock->can('publish'); // false: we can't publish everything, just posts.
$lock->can(['create', 'publish'], 'posts'); // true
$manager->caller($caller)->allow('create', 'posts');
// Notice that we don't need to set the role in the
// manager first if we don't care about inheritance.
$manager->role('user')->deny('user', 'create', 'posts');
$manager->caller($caller)->can('create', 'posts'); // true: the user has explicit permission to create posts.
use BeatSwitch\Lock\Lock;
use BeatSwitch\Lock\Permissions\Condition;
use BeatSwitch\Lock\Permissions\Permission;
use BeatSwitch\Lock\Resources\Resource;
use Illuminate\Auth\AuthManager;
class LoggedInCondition implements Condition
{
/**
* The Laravel AuthManager instance
*
* @var \Illuminate\Auth\AuthManager
*/
protected $auth;
/**
* @param \Illuminate\Auth\AuthManager $auth
*/
public function __construct(AuthManager $auth)
{
$this->auth = $auth;
}
/**
* Assert if the condition is correct
*
* @param \BeatSwitch\Lock\Lock $lock The current Lock instance that's being used
* @param \BeatSwitch\Lock\Permissions\Permission $permission The Permission that's being checked
* @param string $action The action passed to the can or cannot method
* @param \BeatSwitch\Lock\Resources\Resource|null $resource The resource passed to the can or cannot method
* @return bool
*/
public function assert(Lock $lock, Permission $permission, $action, Resource $resource = null)
{
// Condition will succeed if the user is logged in.
return $this->auth->check();
}
}
$condition = App::make('LoggedInCondition');
$lock->allow('create', 'posts', null, $condition);
$lock->can('create', 'posts'); // true if logged in, otherwise false.
$lock->allow('create', 'posts', null, [$falseCondition, $trueCondition]);
$lock->can('create', 'posts'); // false: there's at least one false condition
$lock->allow('create', 'posts', null, function ($lock, $permission, $action, $resource = null) {
return false;
});
$lock->can('create', 'posts'); // false because the callback returns false.
use BeatSwitch\Lock\Callers\Caller;
use BeatSwitch\Lock\LockAware;
class Organization implements Caller
{
use LockAware;
public function getCallerType()
{
return 'organizations';
}
public function getCallerId()
{
return $this->id;
}
public function getCallerRoles()
{
return ['enterprise'];
}
}
use BeatSwitch\Lock\Callers\Caller;
use BeatSwitch\Lock\Drivers\Driver;
use BeatSwitch\Lock\Permissions\Permission;
use BeatSwitch\Lock\Permissions\PermissionFactory;
use BeatSwitch\Lock\Roles\Role;
use CallerPermission;
use RolePermission;
class EloquentDriver implements Driver
{
/**
* Returns all the permissions for a caller
*
* @param \BeatSwitch\Lock\Callers\Caller $caller
* @return \BeatSwitch\Lock\Permissions\Permission[]
*/
public function getCallerPermissions(Caller $caller)
{
$permissions = CallerPermission::where('caller_type', $caller->getCallerType())
->where('caller_id', $caller->getCallerId())
->get();
return PermissionFactory::createFromData($permissions->toArray());
}
/**
* Stores a new permission into the driver for a caller
*
* @param \BeatSwitch\Lock\Callers\Caller $caller
* @param \BeatSwitch\Lock\Permissions\Permission
* @return void
*/
public function storeCallerPermission(Caller $caller, Permission $permission)
{
$eloquentPermission = new CallerPermission;
$eloquentPermission->caller_type = $caller->getCallerType();
$eloquentPermission->caller_id = $caller->getCallerId();
$eloquentPermission->type = $permission->getType();
$eloquentPermission->action = $permission->getAction();
$eloquentPermission->resource_type = $permission->getResourceType();
$eloquentPermission->resource_id = $permission->getResourceId();
$eloquentPermission->save();
}
/**
* Removes a permission from the driver for a caller
*
* @param \BeatSwitch\Lock\Callers\Caller $caller
* @param \BeatSwitch\Lock\Permissions\Permission
* @return void
*/
public function removeCallerPermission(Caller $caller, Permission $permission)
{
CallerPermission::where('caller_type', $caller->getCallerType())
->where('caller_id', $caller->getCallerId())
->where('type', $permission->getType())
->where('action', $permission->getAction())
->where('resource_type', $permission->getResourceType())
->where('resource_id', $permission->getResourceId())
->delete();
}
/**
* Checks if a permission is stored for a user
*
* @param \BeatSwitch\Lock\Callers\Caller $caller
* @param \BeatSwitch\Lock\Permissions\Permission
* @return bool
*/
public function hasCallerPermission(Caller $caller, Permission $permission)
{
return (bool) CallerPermission::where('caller_type', $caller->getCallerType())
->where('caller_id', $caller->getCallerId())
->where('type', $permission->getType())
->where('action', $permission->getAction())
->where('resource_type', $permission->getResourceType())
->where('resource_id', $permission->getResourceId())
->first();
}
/**
* Returns all the permissions for a role
*
* @param \BeatSwitch\Lock\Roles\Role $role
* @return \BeatSwitch\Lock\Permissions\Permission[]
*/
public function getRolePermissions(Role $role)
{
$permissions = RolePermission::where('role', $role->getRoleName())->get();
return PermissionFactory::createFromData($permissions->toArray());
}
/**
* Stores a new permission for a role
*
* @param \BeatSwitch\Lock\Roles\Role $role
* @param \BeatSwitch\Lock\Permissions\Permission
* @return void
*/
public function storeRolePermission(Role $role, Permission $permission)
{
$eloquentPermission = new RolePermission;
$eloquentPermission->role = $role->getRoleName();
$eloquentPermission->type = $permission->getType();
$eloquentPermission->action = $permission->getAction();
$eloquentPermission->resource_type = $permission->getResourceType();
$eloquentPermission->resource_id = $permission->getResourceId();
$eloquentPermission->save();
}
/**
* Removes a permission for a role
*
* @param \BeatSwitch\Lock\Roles\Role $role
* @param \BeatSwitch\Lock\Permissions\Permission
* @return void
*/
public function removeRolePermission(Role $role, Permission $permission)
{
RolePermission::where('role', $role->getRoleName())
->where('type', $permission->getType())
->where('action', $permission->getAction())
->where('resource_type', $permission->getResourceType())
->where('resource_id', $permission->getResourceId())
->delete();
}
/**
* Checks if a permission is stored for a role
*
* @param \BeatSwitch\Lock\Roles\Role $role
* @param \BeatSwitch\Lock\Permissions\Permission
* @return bool
*/
public function hasRolePermission(Role $role, Permission $permission)
{
return (bool) RolePermission::where('role', $role->getRoleName())
->where('type', $permission->getType())
->where('action', $permission->getAction())
->where('resource_type', $permission->getResourceType())
->where('resource_id', $permission->getResourceId())
->first();
}
}
use BeatSwitch\Lock\Tests\PersistentDriverTestCase;
class EloquentDriverTest extends PersistentDriverTestCase
{
public function setUp()
{
// Don't forget to reset your DB here.
// Bootstrap your driver.
$this->driver = new EloquentDriver();
parent::setUp();
}
}