PHP code example of dlnsk / h-rbac
1. Go to this page and download the library: Download dlnsk/h-rbac library . Choose the download type require .
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
dlnsk / h-rbac example snippets
class User extends Authenticatable
{
use \Dlnsk\HierarchicalRBAC\Traits\WithPermissions;
...
}
if (\Gate::allows('edit', $post)) { /* do something */ }
...
if (\Gate::denies('edit', $post)) { abort(403); }
...
if (\Gate::forUser($user)->allows('edit', $post)) { /* do something */ }
if ($request->user()->can('edit', $post)) { /* do something */ }
...
if ($request->user()->cannot('edit', $post)) { abort(403); }
$this->authorize('edit', $post);
$this->authorize('edit', $post);
$this->authorize('create', Post::class);
$this->authorize('download', ReportPolicy::class);
$this->authorize('download', [ReportPolicy::class, 'current_date' => Carbon::now()]);
$this->authorize('download', ['current_date' => Carbon::now(), 'policy' => ReportPolicy::class]);
// PostPolicy.php
// See more about 'chains' below
public $chains = [
'edit' => [
'editAnyPost',
'editPostInCategory',
'editOwnPost',
],
];
$helper = resolve(Dlnsk\HierarchicalRBAC\HRBACHelper::class);
$permissions = $helper->getPermissionsPayload($user, 'edit', PostPolicy::class)
$query = Post::query();
if ($permissions->keys()->contains('editPostInCategory')) {
$query->orWhereIn(
'category_id',
$permissions->get('editPostInCategory')->pluck('value')
);
}
if ($permissions->keys()->contains('editOwnPost')) {
$query->orWhere('user_id', $user->id);
}
$posts = $query->get();
$helper = resolve(Dlnsk\HierarchicalRBAC\HRBACHelper::class);
...
if ($helper->canUserTakeAbility($user, 'edit', PostPolicy::class)) {
$menu->add('Posts', route('posts.index'));
}
class PostPolicy
{
public $chains = [
'edit' => [
'editAnyPost',
'editPostInCategory',
'editOwnPost',
],
'delete' => [
'deleteAnyPost',
'deleteOwnPost',
],
];
////////////// Callbacks ///////////////
public function editOwnPost($authorizedUser, $post) {
return $authorizedUser->id === $post->user_id;
}
public function editPostInCategory($authorizedUser, $post, $permissions): bool {
return $permissions && $permissions->contains('value', $post->category_id);
}
}
'permissionsUI' => [
'enabled' => true,
'routePrefix' => '',
'routeMiddlewares' => ['auth'],
'baseLayout' => 'layout.app',
],
php
public function editOwnPost($authorizedUser, $post) {
return $authorizedUser->id === $post->user_id;
}
php
if (\Gate::can('editOwnPost', $post)) {
}
php
if (\Gate::can('edit', $post)) {
}
php
public function getRolesAttribute() {
return $this->roles()->pluck('name')->toArray();
}
php
public function editPostInCategory($authorizedUser, $post, $permissions): bool {
return $permissions && $permissions->contains('value', $post->category_id);
}
php
return [
/**
* Built-in application roles and its permissions
*/
'builtinRoles' => [
'manager' => [
'editAnyPost',
'deleteAnyPost',
'seeReportsInCategory',
],
'user' => [
'editOwnPost',
'seeOwnReports',
],
],
];