Skip to content
This repository has been archived by the owner on Feb 12, 2019. It is now read-only.

Latest commit

 

History

History
135 lines (123 loc) · 3.89 KB

README.md

File metadata and controls

135 lines (123 loc) · 3.89 KB

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Access Filter

This package adds functionality to laravel which allows you to create and use a simple permission filter for routes.

1. Installation

via Composer

First add the following line to your composer.json .

"advanced-store/access-filter": "dev-master"

Run this command in you CLI.

composer update

2. Configuration

Publish package config

Run the following command if you are installing for the first time.


    php artisan config:publish advanced-store/access-filter

Edit the configuration file accessFilterConfig and add the userPermissions. These should come either from your Sentry/User models or be hardcoded for testing purpose. In future these will be extractable through the ad4mat API client.

Add following lines to your app.php.

Provider


    'AdvancedStore\AccessFilter\AccessFilterServiceProvider',

Aliases


    'YourAlias' => 'AdvancedStore\AccessFilter\Facades\AccessFilterFacade',

Edit the configuration file permissionList.php and insert your route-names and the most nested minimum required permission the user must have to access this route.

My convention for permission naming is :


        [{SystemName}].{ApplicationName}.{Root}.{SubScope}.[0..* {SubScope}]

Example :

Route-name is "admin/users" Required permission could be "myApplicationName.admin.users.listAll" The configuration array would look like this.

    
        return [
            "admin/users"   =>  [
                "myApplicationName.admin.users.listAll",
            ],
        ]
    

It is also possible to set multiple sub-permissions which are equally leveled. The user is required to have only one of there. Notice that I prefer to use also dotted naming for my route-names.


    return [
        "admin.users.index" =>  [
            "ad4mat.admin.users.read",
            "ad4mat.admin.users.self",
        ],
    ]

    

This can come in handy if the user should have the possibility to get access to the users.index route but he should only see his own profile or all , you can decide that inside of your controller.

3. Usage

To check for a certain permission for example if you want to use it in a sidebar menu to display only certain elements.

Structure


    YourAlias::hasPermission( permissionString )

Example from my code

@if( AccessFilter::hasPermission('ad4mat.admin.roles.read') )

If you want to use it to protect resources/routes than you create filter which calls the filter method and add it to which ever resource/route you like.

Create Filter

O2Client is my alias for the oauth2-client package which checks for a existence of a valid token before the actual filter check is applied.


    Route::filter('accessFilter', function(){
    if( O2Client::hasValidAccessToken() == false )
        return Redirect::guest('logout');

    return AccessFilter::filter();
});</code>

Notice Laravel only creates route-names for resources if you use single routes you have to add them yourself. These are the ones matches against the configuration array.