PHP download

Download the PHP package efficiently/authority-controller without Composer

On this page you can find all versions of the php package efficiently/authority-controller. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download efficiently/authority-controller
More information about efficiently/authority-controller
Files in efficiently/authority-controller

Vendor efficiently
Package authority-controller
Short Description AuthorityController is an PHP authorization library for Laravel 5 which restricts what resources a given user is allowed to access.
License MIT

Keywords authorization security Authentication rails acl laravel permission rbac cancan authority role can ability allow deny laravel 5 Laravel 5.1 Laravel 5.2

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of efficiently/authority-controller

Informations about the package authority-controller

AuthorityController

AuthorityController is an PHP authorization library for Laravel 5.3 which restricts what resources a given user is allowed to access.

All permissions are defined in a single location:

config/authority-controller.php

and not duplicated across controllers, routes, views, and database queries.

For Laravel 5.2 supports see AuthorityController 2.2 branch

For Laravel 5.0 or 5.1 supports see AuthorityController 2.1 branch

For Laravel 4.1 or 4.2 supports see AuthorityController 1.2 branch

Demo application

You can see in action this package with this Laravel 5.3 demo application.

Origins and Inspirations

It's an extension of the authority-laravel package.

And a port of the best Ruby authorization library: CanCan.

Authority ports some features of CanCan and this package ports almost all the other features.

Installation

With Composer

Add authority-controller package to your composer.json file to require AuthorityController:
Add the service provider to config/app.php:
Add the aliases (facades) to your Laravel app config file:
This will allow you to access the Authority class through the static interface you are used to with Laravel components.

Configuration

Create Roles and Permissions Tables

We have provided a basic table structure to get you started in creating your roles and permissions.

Publish them to your migrations directory or copy them directly.

Run the migrations

This will create the following tables

roles
role_user
permissions

To utilize these tables, you can add the following methods to your User model. You will also need to create Role and Permission Model stubs (replacing App\Authority\ with you own namespace)..

Init resource filters and controller methods

In your app/Http/Controllers/Controller.php file, add the ControllerAdditions trait and disable the use of the AuthorizesRequests trait:

NB: If you really need the default Laravel Authorization system, you can use the AuthorizesRequests trait, if you alias its authorize and authorizeResource methods, like this:

Getting Started

AuthorityController expects that auth()->user() return the current authenticated user. Now, by default Laravel 5 handles this.

Defining Authority rules

User permissions are defined in an AuthorityController configuration file.

You can publish the AuthorityController default configuration file with the command below:

This will place a copy of the configuration file at config/authority-controller.php. The config file includes an initialize function, which is a great place to setup your rules and aliases.

See Defining Authority rules for details.

Check Authority rules & Authorization

The current user's permissions can then be checked using the Authority::can() and Authority::cannot() methods in the view and controller.

See Checking Authority rules for more information

The authorize() method in the controller will throw an exception if the user is not able to perform the given action.

Setting this for every action can be tedious, therefore the loadAndAuthorizeResource() method is provided to automatically authorize all actions in a RESTful style resource controller. It will use a before filter to load the resource into an instance variable and authorize it for every action.

See Authorizing Controller Actions for more information.

Exception Handling

The Efficiently\AuthorityController\Exceptions\AccessDenied exception is thrown when calling authorize() in the controller and the user is not able to perform the given action. A message can optionally be provided.

You can catch the exception and modify its behavior in the render() method of the app/Exceptions/Handler.php file. For example here we set the error message to a flash and redirect to the home page.

See Exception Handling for more information.

Documentations

Wiki Docs

Authority Docs

Authority introduction.

Authority-Laravel general usage.

CanCan Wiki Docs

Because AuthorityController is a CanCan port, you can also read the Wiki docs of CanCan here.

Controller additions

Your controllers have now a $params property:

Changelog

2.3.0-dev

Laravel 5.3 support!

2.2.0

Laravel 5.2 support!

2.1.1

Update installation instructions for Laravel >= 5.1.11

2.1.0

Laravel 5.1 support!

2.0.1

Replace the deprecated package illuminate/html package by the laravelcollective/html package
Autoloading migrations class is useless, see issue #30 (reported by @Fnatte)
Autoloading class from tests directory are now only available in Composer's dev mode to avoid conflicts

2.0.0

Laravel 5.0 support!
Use your Laravel Aliases to resolve your models namespace name.
Or auto guessing them, e.g. User => App\User
Add a new config option controllerClass which is by default Illuminate\Routing\Controller
Support Route Model Binding in the Parameters class. See: http://laravel.com/docs/5.0/routing#route-model-binding and issue #21
Use authority-laravel package instead of authority-l4.
Upgrade Notes (if you used previously this package with Laravel 4):
- Move your authory-controller config file from app/config/packages/efficiently/authority-controller/config.php to config/authority-controller.php
- Publish the authory-controller migrations files (see the section Create Roles and Permissions Tables of this README)

1.2.4

Add BaseController::flushAuthorityEvents() static method. Useful for functional tests with Codeception (see issue #14 and this Wiki page for more explanations).
Fix User::hasRoles() method to avoid duplicate roles.

1.2.3

Follow PSR-2 coding style

1.2.2

Run tests with Laravel 4.2

1.2.1

Fix composer.json file.

1.2.0

Security fix: conditional callback was never evaluated when an actual instance object was present.
Non backwards compatible: Deny rules override prior rules and Allow rules don't override prior rules but instead are logically or'ed (fix #5). Match more CanCan default behavior unlike authority-php\authority package. Read the Wiki doc for more information: Authority-Precedence.
Support PHP 5.4, 5.5, 5.6 and HipHop Virtual Machine (hhvm).
Update Parameters class to allow custom routes with id and parent_id routes's parameters (fix #6).

1.1.3

Upgrade Authority-L4 package to fix Laravel 4.1 support.

1.1.2

Tweak the mock system who simulates Eloquent's constructor method.

1.1.1

Less intrusive parameters injection in the controllers
- Check if the current resolved controller responds to paramsBeforeFilter method. Otherwise the application crash.
- Use the Controller alias of the current Laravel application instead of a hardcoded class name.

1.1.0

First beta release for Laravel 4.1 compatibility.
Non backwards compatible with Laravel 4.0.

1.0.0

First stable release, only compatible with Laravel 4.0.
For Laravel 4.1 supports, see AuthorityController 1.1 branch.
Fix AccessDenied class, the exception message didn't fallback to the default message if it was empty.

0.10.0

Non backwards compatible: Params::get('controller') behaviour is now like Rails. It returns controller name in snake_case and in plural.

0.9.0

First beta release

Missing features

In ControllerResource class, the #load_collection method, who uses in the User model #accessible_by method. Looks complicated. Instead, use specific query scopes with collectionScope option to filtering your data in your collection (e.g. index) controller actions. Because you'll allowing/denying access by roles or check user's authorizations on each record of the collection.
In Ability class, the #attributes_for method. Looks useless with Authority because rules conditions are only possible by Closure not by associative array. And CanCan handles #attribute_for only for Hash (associative array) conditions.
#skip_* methods in ControllerAdditions.
For allow() and deny() methods of Authority, the third argument isn't an optional hash (associative array) of conditions but an anonymous function (Closure):

Good to know

Compatibility

It's only compatible with PHP >= 5.6 and Laravel >= 5.3 framework.

Differences between CanCan and AuthorityController

See Wiki page Differences between CanCan and AuthorityController

Philosophy

It's following the D.R.W.J.P.I. principle:

Don't Reinvent the Wheel, Just Port It ! -- (c) 2013 A.D.

Questions or Problems?

If you have any issues with AuthorityController, please add an issue on GitHub or fork the project and send a pull request.

To get the tests running you should install PHPUnit and run phpunit tests.

Special Thanks

AuthorityController was heavily inspired by CanCan and uses Authority-Laravel.

All versions of authority-controller with dependencies

PHP Build Version

Package Version

Version 2.2.0 Release 13. May 2016
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of authority-controller from vendor efficiently

Requires php Version >=5.5.9
authority-php/authority-laravel Version ~2.4.3

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package efficiently/authority-controller contains the following files

Loading the files please wait ....