Giter VIP home page Giter VIP logo

permissionmanager's Introduction

Backpack\PermissionManager

Latest Version on Packagist Software License Build Status Coverage Status Quality Score Style CI Total Downloads

An admin interface to easily add/edit/remove users, roles and permissions, using Laravel Backpack. As opposed to some other packages:

  • a user can have multiple roles;
  • a user can have extra permissions, in addition to the permissions on the roles he has;

Edit a user in Backpack/PermissionManager

Security updates and breaking changes

Please subscribe to the Backpack Newsletter so you can find out about any security updates, breaking changes or major features. We send an email every 1-2 months.

Install

  1. In your terminal:
$ composer require backpack/permissionmanager
  1. For Laravel <5.5, add the service provider to your config/app.php file:
Backpack\PermissionManager\PermissionManagerServiceProvider::class,
  1. Publish the config file & run the migrations
php artisan vendor:publish --provider="Backpack\PermissionManager\PermissionManagerServiceProvider" #publish config files and migrations
php artisan migrate #create the role and permission tables
  1. Use the following traits on your User model:
<?php namespace App;

use Backpack\CRUD\CrudTrait; // <------------------------------- this one
use Spatie\Permission\Traits\HasRoles;// <---------------------- and this one
use Illuminate\Foundation\Auth\User as Authenticatable; 

class User extends Authenticatable
{
    use CrudTrait; // <----- this
    use HasRoles; // <------ and this

    /**
     * Your User Model content
     */
  1. [Optional] Add a menu item for it in resources/views/vendor/backpack/base/inc/sidebar_content.blade.php or menu.blade.php:
<!-- Users, Roles Permissions -->
  <li class="treeview">
    <a href="#"><i class="fa fa-group"></i> <span>Users, Roles, Permissions</span> <i class="fa fa-angle-left pull-right"></i></a>
    <ul class="treeview-menu">
      <li><a href="{{ url(config('backpack.base.route_prefix', 'admin') . '/user') }}"><i class="fa fa-user"></i> <span>Users</span></a></li>
      <li><a href="{{ url(config('backpack.base.route_prefix', 'admin') . '/role') }}"><i class="fa fa-group"></i> <span>Roles</span></a></li>
      <li><a href="{{ url(config('backpack.base.route_prefix', 'admin') . '/permission') }}"><i class="fa fa-key"></i> <span>Permissions</span></a></li>
    </ul>
  </li>
  1. [Optional] Disallow create/update on your roles or permissions after you define them, using the config file in config/backpack/permissionmanager.php. Please note permissions and roles are referenced in code using their name. If you let your admins edit these strings and they do, your permission and role checks will stop working.

API Usage

Because the package requires spatie/laravel-permission, the API will be the same:

Using permissions

A permission can be given to a user:

$user->givePermissionTo('edit articles');

A permission can be revoked from a user:

$user->revokePermissionTo('edit articles');

You can test if a user has a permission:

$user->hasPermissionTo('edit articles');

Saved permissions will be registered with the Illuminate\Auth\Access\Gate-class. So you can test if a user has a permission with Laravel's default can-function.

$user->can('edit articles');

Using roles and permissions

A role can be assigned to a user:

$user->assignRole('writer');

A role can be removed from a user:

$user->removeRole('writer');

You can determine if a user has a certain role:

$user->hasRole('writer');

You can also determine if a user has any of a given list of roles:

$user->hasAnyRole(Role::all());

You can also determine if a user has all of a given list of roles:

$user->hasAllRoles(Role::all());

The assignRole, hasRole, hasAnyRole, hasAllRoles and removeRole-functions can accept a string, a Role-object or an \Illuminate\Support\Collection-object.

A permission can be given to a role:

$role->givePermissionTo('edit articles');

You can determine if a role has a certain permission:

$role->hasPermissionTo('edit articles');

A permission can be revoked from a role:

$role->revokePermissionTo('edit articles');

The givePermissionTo and revokePermissionTo-functions can accept a string or a Permission-object.

Saved permission and roles are also registered with the Illuminate\Auth\Access\Gate-class.

$user->can('edit articles');

Using blade directives

This package also adds Blade directives to verify whether the currently logged in user has all or any of a given list of roles.

@role('writer')
    I\'m a writer!
@else
    I\'m not a writer...
@endrole
@hasrole('writer')
    I\'m a writer!
@else
    I\'m not a writer...
@endhasrole
@hasanyrole(Role::all())
    I have one or more of these roles!
@else
    I have none of these roles...
@endhasanyrole
@hasallroles(Role::all())
    I have all of these roles!
@else
    I don\'t have all of these roles
@endhasallroles

You can use Laravels native @can directive to check if a user has a certain permission.

Change log

Please see CHANGELOG for more information what has changed recently.

Screenshots

Roles table view in Backpack/PermissionManager

Testing

// TODO

Overwriting functionality

If you need to modify how this works in a project:

  • create a routes/backpack/permissionmanager.php file; the package will see that, and load your routes file, instead of the one in the package;
  • create controllers/models that extend the ones in the package, and use those in your new routes file;
  • modify anything you'd like in the new controllers/models;

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Please subscribe to the Backpack Newsletter so you can find out about any security updates, breaking changes or major features. We send an email every 1-2 months.

Credits

License

Backpack is free for non-commercial use and 39 EUR/project for commercial use. Please see License File and backpackforlaravel.com for more information.

permissionmanager's People

Contributors

7ute avatar alashow avatar atanasov avatar automat64 avatar bul-ikana avatar eduardoarandah avatar exotickg1 avatar frittenkeez avatar jguyomard avatar jvinternetsolutions avatar l3rady avatar lloy0076 avatar ludioao avatar mariusconstantin2503 avatar mishbah avatar naoray avatar oliverziegler avatar oscarpan avatar promatik avatar reeslo avatar shaoshiva avatar swader avatar tabacitu avatar tomsb avatar welcomattic avatar xayer avatar yingdongzhang avatar

Watchers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.