Simple ACL with Laravel
Based on the tutorial by Ollie Read
http://ollieread.com/blog/2014/03/18/a-simplified-laravel-acl/...
use IlluminateDatabaseSchemaBlueprint;
use IlluminateDatabaseMigrationsMigration;
class CreateAclPermissionsTable extends ...
{
//
Schema::create('acl_group_permissions', function($table){
$table->integer('group_id', false);
$table->integer('permis...
public function down()
{
//
Schema::drop('acl_user_groups');
}
}
Models
AclGroup.php
<?php
class AclGroup extends Eloquent...
return $this->attributes['ident'];
}
}
AclPermitted.php
<?php
class AclPermittedFilter {
public function filter($route, $r...
Route::group(array('prefix'=>'user'), function () {
Route::get('supersecret', array(
'before'=> ['auth.ldap', 'acl.permitt...
Upcoming SlideShare
Loading in …5
×

Simple acl with laravel

2,451 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,451
On SlideShare
0
From Embeds
0
Number of Embeds
84
Actions
Shares
0
Downloads
40
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Simple acl with laravel

  1. 1. Simple ACL with Laravel Based on the tutorial by Ollie Read http://ollieread.com/blog/2014/03/18/a-simplified-laravel-acl/ Migrations php artisan migrate:make create_acl_groups_table <?php use IlluminateDatabaseSchemaBlueprint; use IlluminateDatabaseMigrationsMigration; class CreateAclGroupsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { // Schema::create('acl_groups', function ($table){ $table->increments('id'); $table->string('name', 50); $table->string('description', 255); }); } /** * Reverse the migrations. * * @return void */ public function down() { // Schema::drop('acl_groups'); } } php artisan migrate:make create_acl_permissions_table <?php
  2. 2. use IlluminateDatabaseSchemaBlueprint; use IlluminateDatabaseMigrationsMigration; class CreateAclPermissionsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { // Schema::create('acl_permissions', function($table){ $table->increments('id'); $table->string('ident', 255); $table->string('description', 255); }); } /** * Reverse the migrations. * * @return void */ public function down() { // Schema::drop('acl_permissions'); } } php artisan migrate:make create_acl_group_permissions_table <?php use IlluminateDatabaseSchemaBlueprint; use IlluminateDatabaseMigrationsMigration; class CreateAclGroupPermissionsTable extends Migration { /** * Run the migrations. * * @return void */ public function up()
  3. 3. { // Schema::create('acl_group_permissions', function($table){ $table->integer('group_id', false); $table->integer('permission_id', false); }); } /** * Reverse the migrations. * * @return void */ public function down() { // Schema::drop('acl_group_permissions'); } } php artisan migrate:make create acl_user_groups_table <?php use IlluminateDatabaseSchemaBlueprint; use IlluminateDatabaseMigrationsMigration; class CreateAclUserGroupsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { // Schema::create('acl_user_groups', function($table){ $table->integer('user_id', false); $table->integer('group_id', false); }); } /** * Reverse the migrations. * * @return void */
  4. 4. public function down() { // Schema::drop('acl_user_groups'); } } Models AclGroup.php <?php class AclGroup extends Eloquent { protected $table = 'acl_groups'; protected $fillable = array('name', 'description'); public $timestamps = false; public function users() { return $this->belongsToMany('User', 'acl_user_groups', 'group_id', 'user_id'); } public function permissions() { return $this->belongsToMany('AclPermission', 'acl_group_permissions', 'group_id', 'permission_id'); } } AclPermission.php <?php class AclPermission extends Eloquent { protected $table = 'acl_permissions'; protected $fillable = array('ident', 'description'); public $timestamps = false; public function groups(){ return $this->belongsToMany('AclGroup', 'acl_group_permissions', 'group_id', 'permission_id'); } public function getKey() {
  5. 5. return $this->attributes['ident']; } } AclPermitted.php <?php class AclPermittedFilter { public function filter($route, $request){ $user = Auth::user(); $user->load('groups', 'groups.permissions'); $permitted = false; foreach($user->groups as $group){ if ( $group->permissions->contains($route->getName()) ){ $permitted = true; break; } } if (!$permitted) { return Redirect::route('user.denied'); } } public static function checkPermission($route) { $user = Auth::user(); $user->load('groups', 'groups.permissions'); $permitted = false; foreach($user->groups as $group){ if ( $group->permissions->contains($route) ){ $permitted = true; break; } } return $permitted; } } Sample Usage routes.php Route::filter('acl.permitted', 'AclPermittedFilter');
  6. 6. Route::group(array('prefix'=>'user'), function () { Route::get('supersecret', array( 'before'=> ['auth.ldap', 'acl.permitted'], 'as' => 'user.supersecret', 'uses' => 'UserController@supersecret' )); Route::get('denied', array( 'as' => 'user.denied', 'uses' => 'UserController@denied' )); }); From a view @if ( AclPermittedFilter::checkPermission('user.supersecret') ) <h5> You are allowed to view secret stuff</h5> @endif

×