-
Notifications
You must be signed in to change notification settings - Fork 66
Routes, Permissions and Filter
Steve edited this page Sep 2, 2013
·
1 revision
##Permissions Permission are base on Sentry 2, please refer to Sentry Website for more information.
##Filter The auth.cpanel filter can be use to protect your route. Here a example on how to apply the filter on a route
Route::group(array('prefix' => 'admin', 'before' => 'auth.cpanel'), function()
{
Route::resource('posts', 'AdminPostsController');
});
By default the filter make some assumption. These can be overriden if a filter parameter is provided.
- You are using a prefix route. In the above example the prefix is admin.
- You are using name route.
- admin.posts.index
- admin.posts.create
The auth.cpanel filter use Route::currentRouteName()
to determine which permission to apply on a route.
- The route name
admin.posts.index
will look for permission onposts.view
- The route name
admin.posts.show
will look for permission onposts.view
- The route name
admin.posts.create
will look for permission onposts.create
- The route name
admin.posts.store
will look for permission onposts.create
- The route name
admin.posts.edit
will look for permission onposts.update
- The route name
admin.posts.update
will look for permission onposts.update
- The route name
admin.posts.destroy
will look for permission onposts.delete
A custom filter parameter can also be supply for custom route.
Route::get('admin/foo', array(
'uses' => 'MyController@getFoo',
'before' => 'auth.cpanel:foo.view'
));
In this case the filter will check for foo.view
permission.
##Example
- Let's create a route for a controller
Route::group(array('prefix' => 'admin', 'before' => 'auth.cpanel'), function()
{
Route::resource('posts', 'AdminPostsController');
});
- Create the permissions. Go to the users > permissions and click New Permission.
- Module name will be
posts
- select
view, create, update, delete
So now the folowing permissions will be apply on our routes as follow
-
http:://localhost/admin/posts
- Route name is
admin.posts.index
- Filter will look for permission on
posts.view
- Route name is
-
http:://localhost/admin/posts/1
- Route name is
admin.posts.show
- Filter will look for permission on
posts.view
- Route name is
-
http:://localhost/admin/posts/create
- Route name is
admin.posts.create
- Filter will look for permission on
posts.create
- Route name is
- Form post action to
http:://localhost/admin/posts/create
- Route name is
admin.posts.store
- Filter will look for permission on
posts.create
- Route name is
-
http:://localhost/admin/1/edit
- Route name is
admin.posts.edit
- Filter will look for permission on
posts.update
- Route name is
- Form put action
http:://localhost/admin/1/edit
- Route name is
admin.posts.update
- Filter will look for permission on
posts.update
- Route name is
-
http:://localhost/admin/1/destroy
- Route name is
admin.posts.destroy
- Filter will look for permission on
posts.delete
- Route name is