Download the PHP package jellis/check without Composer
On this page you can find all versions of the php package jellis/check. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Package check
Short Description A very easy-to-implement user access control package designed for use with Laravel and Eloquent
License MIT
Homepage https://github.com/jellis/check
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package check
NOTE
Ensure you don't use the RoutAwareModel for your Authenticatable User model - it becomes a circular operation when applying the global scopes and you'll get a bad gateway (502) error.
What's it all about?
The purpose of the project was to create a syntactically simple way to implement context-based user access control. What does that mean, exactly? Good question...
Context-based access control
I wanted to start with the idea that I could use a really straight-forward syntax for my "things" (whatever they might be). The first concept I came up with was Check::can('post.edit'). Because I was a fan of naming my routes, this made good sense from a flow point-of-view. Because I have my routes named, I figured I'd be able to implement middleware that would also leverage the access control system.
Adding context to the access control wasn't a trivial task. Each model will have its own context. Say in a Post model, "owning" a post might mean that there is a user_id field on the Post that is equal to the current user, but in a User model, "owning" might mean that users are in the same company as you. So, how do I have a simple syntax for implementing and checking permissions, but also giving context when the need arises?
Using the Jeffrey Way school of thought, I started with how I wanted to define things... I really wanted my Role classes to be so simple it's almost stupid.
After starting with those two ideas, I set to work and actually managed to implement them. What we have is, I think, a simple, fluent way of managing user access.
Route Aware Models
If you have, say, a listing page for your users where they can see all posts, but can only edit their own, you'd simply have to do the following.
Register the service provider config/app.php
Register the facade in config/app.php
Name the route and assign the middleware
Create a role (assuming "member" for this user)
Configure the model to do its thing
You need to implement the getRole() method on the user model
Register the middleware in Kernel.php
Retrieve some records in your controller
And in the view you can do things like
So you're a super admin??
Who really wants to be putting all of those routes in for super admin? Not me.
When defining your SuperAdmin role, just override the can() method
TODO
- Implement ability to define a permission for multiple contexts
edit:own|company - Implement multiple contexts on the scope for checking access rights
- Implement multiple contexts on the scope for pulling records from the model
- Allow ability to wildcard a thing
post.*, whilst still retaining scope abilitypost.*:own
