Download the PHP package mdsys/laravel-acl without Composer

Laravel ACL

ACL component for Laravel 4.

• Installation
• Configuration
  • Provider
  • Super users
  • Guest user
  • Permissions
  • Groups
• Usage

Installation

First you need to install this package through Composer. Edit your project's composer.json file to require vivify-ideas/acl.

Next, update Composer from the Terminal:

Once this operation completes, you will need to add the service provider into your app. Open app/config/app.php, and add a new item to the providers array.

And also add new alias into aliases array.

The last step is to create database structure for keeping ACL. You can do this easily by running the following artisan command:

This will use current permission provider (Eloquent) to create necessary DB structure. When finished, you should have six new tables in your database: acl_permissions, acl_groups, acl_user_permissions, acl_roles, acl_roles_permissions and acl_users_roles.

That's it! You're all set to go.

Configuration

After runing artisan acl:install command, you will get a new config file in app/config/packages/vivify-ideas/acl/config.php.

There you will notice several different settings.

Provider

Here you can set the provider class that you want to use. Main feature of this ACL component is PermissionsProvider, which abstract storage of permissions. Currently Eloquent is the only one permission provider available (you can assume that permissions will be stored in DB that you specified on your project).

SuperUsers

Here you can define user IDs that will have superuser rights. These users will be allowed all permissions.

GuestUser

Put here ID that will used for setting permissions to guest users.

Permissions

Here you need to put permissions for every resource that will be protected by ACL. Any resource that is not definied here or has its allowed field set to true will be freely accessable by any authenticated user or possibly a guest. Permissions need to be in following format:

Groups

The purpose of groups is to limit access to groups of resources that share the same base path. For example you want to alllow user to access the page at admin/products path Every permission can belong to a group. You can have groups that belongs to other group. Every group can have a route. Use the following format:

Roles

Roles are sets of permissions that can be assigned to different users. Permissions based on roles are applied after general permissions, but before user specific permissions. This means that you can override role based permissions with user specific permissions.

Usage

When you are satisfied with your configuration file, run the following artisan command:

This command needs to be run every time you update config file with new permissions and wish to add them to the database.

If you want to delete all permissions (including user permissions), and again reload permissions from config file you can use this command:

Available Artisan commands

Here is the list of all artisan commands:

• Create ACL table structure.
• Delete all acl tables, reset config file to default version and again create ACL table structure.
• Update all ACL permissions in the database from config file.
• Reset all ACL permissions. This will delete both user and system permissions and install permissions from config file

Add Acl Filter To Your Application

Now we need to add appropriate filter to application and to set usage in routes.php file.

You can add this filter to your filters.php file and adjust it to suit your own needs:

And then in routes.php use this filter according to your needs.

Checking permissions

Here are few ways how to check user permissions: