Download the PHP package spekkionu/laravel-zend-acl without Composer
On this page you can find all versions of the php package spekkionu/laravel-zend-acl. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download spekkionu/laravel-zend-acl
More information about spekkionu/laravel-zend-acl
Files in spekkionu/laravel-zend-acl
Package laravel-zend-acl
Short Description Adds ACL to Laravel via Laminas\Permissions\Acl component.
License MIT
Informations about the package laravel-zend-acl
Laravel Zend Acl
Adds ACL to Laravel 5 or Lumen via Laminas\Permissions\Acl component.
Most of the ACL solutions for Laravel store the permissions rules in the database or other persistance layer. This is great if access is dynamic but for applications with set permissions by roles this makes modification more difficult. Adding new resources, permissions, or roles requires runnning db queries via a migration or other means. With this package the permissions are stored in code and thus in version control (hopefully).
Rather than reinvent the wheel this package makes use of the Acl package from Zend Framework. Documentation for the Laminas\Permissions\Acl can be found at https://docs.laminas.dev/laminas-permissions-acl/
Installation
Run composer require spekkionu/laravel-zend-acl
from your project root.
Setup
Laravel
- For Laravel versions less than 5.5 Add
'Spekkionu\ZendAcl\ZendAclServiceProvider',
to the service provider list inconfig/app.php
. This step is not necessary for Laravel 5.5+. - Add
'Acl' => 'Spekkionu\ZendAcl\Facades\Acl',
to the list of aliases inconfig/app.php
. - Run
php artisan vendor:publish --provider="Spekkionu\ZendAcl\ZendAclServiceProvider"
After publishing the permissions will be defined in routes/acl.php
.
Lumen
- Add
$app->register(Spekkionu\ZendAcl\ZendAclLumenServiceProvider::class);
to theRegister Service Providers
section inbootstrap/app.php
. - Copy the
vendor/spekkionu/laravel-zend-acl/src/config/zendacl.php
file to theconfig
folder in the app root (create the folder if it does not exist). - Copy the
vendor/spekkionu/laravel-zend-acl/src/config/acl.php
file to theroutes
folder (this folder should also contain theweb.php
routes file).
Migrating from version 6
The namespace for the Zend framework libraries has changed from Zend to Laminas.
To migrate to the 7.x branch you will need to change any references to the old Zend namespace in your project to the new Laminas namespace.
This will likely include changing the RoleInterface your user model implements from Zend\Permissions\Acl\Role\RoleInterface
to Laminas\Permissions\Acl\Role\RoleInterface
.
Also anywhere you are type hinting for Zend\Permissions\Acl\Acl
to Laminas\Permissions\Acl\Acl
.
Usage
The Laminas\Permissions\Acl is available through the Facade Acl or through the acl service in the IOC container. The IOC container can also inject the acl instance by type-hinting Laminas\Permissions\Acl\Acl.
The permissions can be modified at app/Http/acl.php
.
Adding a Resource
You can add a new resource using the addResource method.
Adding a Role
You can add a new resource using the addRole method.
Adding / Removing Permissions
You can add permissions using the allow method.
You can remove permissions using the deny method.
Checking for permissions
You can check for access using the isAllowed method
Given the following permissions:
Checking permissions for a user
In order to check permissions for a logged in user the user needs to have a field that stores the user's role. If using an Eloquent user model have the user model implement Laminas\Permissions\Acl\Role\RoleInterface. This interface has one method getRoleId() that should return the role for the user.
Example Model
Say there is a table users
that has a field role
The following model will allow an instance of the User model to be passed to the isAllowed() method.
Using the user model to check permissions
Adding permission checks to routes
There is an acl route middleware included in this package that lets you restrict access by route.
The route middleware requires the model returned by Auth::user() to implement Laminas\Permissions\Acl\Role\RoleInterface
as above.
Registering the acl middleware
Laravel
Add the following to the $routeMiddleware
array in app/Http/Kernel.php
Lumen
Add the following to the array in the $app->routeMiddleware()
method in bootstrap/app.php
Using the acl middleware
You can add the middleware to any route as a before middleware such as the following.
When the route is requested it will check if the currently logged in user has is allowed the view privilege on the article resource.
If there is no logged in user (Auth::guest() returns true) the role guest
will be checked.
If the user has access to the given resource then the controller will be called as normal.
What happens of the user is not allowed access to the resource is configurable in config/zendacl.php
.
There are two different actions that can be taken if the user is not authorized.
-
The user can be redirected to a url or named route. This can be set by setting the
action
setting to "redirect" or "route" and theredirect
setting to the url or named route. - A view can be rendered.
This can be set by setting the
action
to "view". Theview
setting controls the view to be rendered. By default the view will be located atresources/vendor/zendacl/unauthorized
. This view can be modified or theview
setting can be changed to another view.
Ajax requests will be sent a 401 response regardless of the settings.
All versions of laravel-zend-acl with dependencies
laminas/laminas-permissions-acl Version ^2.14
illuminate/support Version 6.* | 7.* | 8.* | 9.* | 10.*