Download the PHP package joseph/rbac without Composer
On this page you can find all versions of the php package joseph/rbac. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Package rbac
Short Description This package provides a flexible way to add Role-based Permissions to Laravel 4
License MIT
Informations about the package rbac
Rbac (Laravel4 Package)
Rbac is a copy of rbac, modded for my need, provides a flexible way to add Role-based Permissions to Laravel4.
Required setup
In the require
key of composer.json
file add the following
"joseph/rbac": "v1.0"
Run the Composer update comand
$ composer update
In your config/app.php
add 'Joseph\Rbac\RbacServiceProvider'
to the end of the $providers
array
At the end of config/app.php
add 'Rbac' => 'Joseph\Rbac\RbacFacade'
to the $aliases
array
Configuration
Set the propertly values to the config/auth.php
. These values will be used by rbac to refer to the correct user table and model.
User relation to roles
Now generate the Rbac migration
$ php artisan rbac:migration
It will generate the <timestamp>_rbac_setup_tables.php
migration. You may now run it with the artisan migrate command:
$ php artisan migrate
After the migration, two new tables will be present: roles
which contain the existent roles and it's permissions and assigned_roles
which will represent the Many-to-Many relation between User
and Role
.
Models
Create a Role model following the example at app/models/Role.php
:
The Role
model has one main attributes: name
and permissions
.
name
, as you can imagine, is the name of the Role. For example: "Admin", "Owner", "Employee".
permissions
field has been deprecated in preference for the permission table. You should no longer use it.
It is an array that is automagically serialized and unserialized and the Model is saved. This array should contain the name of the permissions of the Role
. For example: array( "manage_posts", "manage_users", "manage_products" )
.
Create a Permission model following the example at app/models/Permission.php
:
The Permission
model has two attributes: name
and display_name
.
name
, as you can imagine, is the name of the Permission. For example: "Admin", "Owner", "Employee", "can_manage".
Display name is a viewer friendly version of the permission string. "Admin", "Can Manage", "Something Cool".
Next, use the HasRole
trait in your existing User
model. For example:
This will do the trick to enable the relation with Role
and the following methods roles
, hasRole( $name )
,
can( $permission )
, and ability($roles, $permissions, $options)
within your User
model.
Don't forget to dump composer autoload
$ composer dump-autoload
And you are ready to go.
Usage
Concepts
Let's start by creating the following Role
s and Permission
s:
Next, with both roles created let's assign then to the users. Thanks to the HasRole
trait this are gonna be easy as:
Now we just need to add permissions to those Roles.
Now we can check for roles and permissions simply by doing:
You can have as many Role
s was you want in each User
and vice versa.
More advanced checking can be done using the awesome ability
function. It takes in three parameters (roles, permissions, options).
roles
is a set of roles to check. permissions
is a set of permissions to check.
Either of the roles or permissions variable can be a comma separated string or array.
This will check whether the user has any of the provided roles and permissions. In this case it will return true since the user is an Admin and has the manage_posts permission.
The third parameter is an options array.
validate_all
is a boolean flag to set whether to check all the values for true, or to return true if at least one role or permission is matched.
return_type
specifies whether to return a boolean, array of checked values, or both in an array.
Here's an example output.
Short syntax Route filter
To filter a route by permission or role you can call the following in your app/filters.php
:
Both of these methods accepts a third parameter. If the third parameter is null then the return of a prohibited access will be App::abort(403)
. Otherwise the third parameter will be returned. So you can use it like:
Further both of these methods accept a fourth parameter. It defaults to true and checks all roles/permissions given. If you set it to false, the function will only fail if all roles/permissions fail for that user. Useful for admin applications where you want to allow access for multiple groups.
Route filter
Rbac roles/permissions can be used in filters by simply using the can
and hasRole
methods from within the Facade.
Using a filter to check for a role:
As you can see Rbac::hasRole()
and Rbac::can()
checks if the user is logged, and then if he has the role or permission. If the user is not logged the return will also be false
.
Troubleshooting
If you encounter an error when doing the migration that looks like:
Then it's likely that the id
column in your user table does not match the user_id
column in assigned_roles
. Match sure both are INT(10)
.
Name is having issues saving.
RbacRole->name has a length limitation set within the rules variable of the RbacRole class.
You can adjust it by changing your Role Model.
License
Rbac is free software distributed under the terms of the MIT license
Aditional information
Any questions, feel free to contact me or ask here
Any issues, please report here