1. Go to this page and download the library: Download foothing/laravel-wrappr library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
foothing / laravel-wrappr example snippets
Route::get('api/users/{id?}', ['middleware:wrappr.check:read.users,user,{id}', function() {
// Access is allowed to users with the 'read.users' permission on
// the 'user' resource with the {id} identifier
}]);
Route::get('api/users', ['middleware:wrappr.check:admin.users', function() {
// Access is allowed for the users with the 'admin.users' permission
}]);
Route::get('api/users/{id?}', ['middleware:wrappr.check:read.users,user,1', function() {
// Access is allowed for the users with the 'read.users' permission on
// the 'user' resource with the {id} identifier
}]);
Route::get('api/users/{id?}', ['middleware:wrappr.check:read.users,user,{id}', function() {
// Access is allowed for the users with the 'read.users' permission on
// the 'user' resource with the {id} identifier
}]);
GET /api/v1/resources/users
GET /api/v1/resources/posts
POST /api/v1/services/publish/post
'routes' => [
[
// Allowed values are 'get', 'post', 'put', 'delete'
// or the '*' wildcard to enable all verbs.
'verb' => 'post',
// The url path we want to restrict access to.
'path' => 'foo',
// The 'post',
'path' => 'api/v1/resources/users',
'permissions' => 'admin.account',
],
// This configuration will control the access to the
// PUT:api/v1/resources/posts/{id} action, which will be
// only allowed for users with both the 'posts.create' and
// 'posts.update' permissions on the 'post' resource with
// the {id} identifier.
[
'verb' => 'put',
'path' => 'api/v1/resources/posts/{id}',
'permissions' => ['posts.create', 'posts.update'],
'resource' => 'post',
],
// In this case the 'admin/' nested routes
// will be granted access only when the 'admin' permission
// is available to the current auth user.
[
'verb' => '*',
'path' => 'admin/*',
'permissions' => ['admin'],
],
// You can also use the path wildcard in this way,
// therefore requiring the 'superadmin' permission
// for each route starting with 'admin'.
[
'verb' => '*',
'path' => 'admin*',
'permissions' => ['superadmin'],
],
],
/**
* Check the given user has access to the given permission.
*
* @param $user
* @param $permissions
* @param null $resourceName
* @param null $resourceId
*
* @return mixed
*/
public function check($user, $permissions, $resourceName = null, $resourceId = null);
/**
* Check the given subject has access to the given permission.
*
* @param $permissions
* @param null $resourceName
* @param null $resourceId
*
* @return mixed
*/
public function can($permissions, $resourceName = null, $resourceId = null);
/**
* Fluent method to work on users.
* @param $user
* @return self
*/
public function user($user);
/**
* Fluent method to work on roles.
* @param $role
* @return self
*/
public function role($role);
/**
* Return all permissions for the given subject.
* @return mixed
*/
public function all();
/**
* Grant the given permissions to the given subject.
*
* @param $permissions
* @param null $resourceName
* @param null $resourceId
*
* @return mixed
*/
public function grant($permissions, $resourceName = null, $resourceId = null);
/**
* Revoke the given permissions from the given subject.
*
* @param $permissions
* @param null $resourceName
* @param null $resourceId
*
* @return mixed
*/
public function revoke($permissions, $resourceName = null, $resourceId = null);