BaseCode/laravel-admin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
laravel-admin/docs/en/permission.md

142 lines
3.8 KiB
Markdown
Raw Normal View History

init
2022-09-21 11:59:53 +08:00
# Access Control
`laravel-admin` has built-in` RBAC` permissions control module, expand the left sidebar `Auth`, you can see user, permissions and roles management panel, the use of permissions control as follows:
## Route permission
In the `laravel-admin 1.5`, the permissions and routes are bound together, in the edit permission page which set the current permissions can access the routing, in the `HTTP method` select box to select the method of access to the path, in the `HTTP path` textarea fill in the path to access.
For example, to add a permission, the permission can access the path `/admin/users` in GET method, then `HTTP method` select `GET`, `HTTP path` fill in `/users`.
If you want to access all paths with the prefix `/admin/users`, then the `HTTP path` fill in `/users*`, if the permissions include multiple access paths, wrap the line for each path.
## Page permission
If you want to control the user's permissions in the page, you can refer to the following example
### example1
For example, there is now a scene, here is a article module, we use create articles as an example
At first open `http://localhost/admi/auth/permissions`, fill up slug field with text `create-post`, and `Create post` in name field, then assign this permission to some roles.
In your controller action:
```php
use Encore\Admin\Auth\Permission;
class PostController extends Controller
{
public function create()
{
// check permission, only the roles with permission `create-post` can visit this action
Permission::check('create-post');
}
}
```
### example2
If you want to control the page elements of the user's display, then you need to first define permissions, such as `delete-image` and `view-title-column`, respectively, to control the permissions to delete pictures and display a column in grid, then assign these two permissions to roles, add following code to the grid
```php
$grid->actions(function ($actions) {
// The roles with this permission will not able to see the delete button in actions column.
if (!Admin::user()->can('delete-image')) {
$actions->disableDelete();
}
});
// Only roles with permission `view-title-column` can view this column in grid
if (Admin::user()->can('view-title-column')) {
$grid->column('title');
}
```
## Other methods
Get current user object.
```php
Admin::user();
```
Get current user id.
```php
Admin::user()->id;
```
Get user's roles.
```php
Admin::user()->roles;
```
Get user's permissions.
```php
Admin::user()->permissions;
```
User is role.
```php
Admin::user()->isRole('developer');
```
User has permission.
```php
Admin::user()->can('create-post');
```
User don't has permission.
```php
Admin::user()->cannot('delete-post');
```
Is user super administrator.
```php
Admin::user()->isAdministrator();
```
Is user in one of roles.
```php
Admin::user()->inRoles(['editor', 'developer']);
```
## Permission middleware
You can use permission middleware in the routes to control the routing permission
```php
// Allow roles `administrator` and `editor` access the routes under group.
Route::group([
'middleware' => 'admin.permission:allow,administrator,editor',
], function ($router) {
$router->resource('users', UserController::class);
...
});
// Deny roles `developer` and `operator` access the routes under group.
Route::group([
'middleware' => 'admin.permission:deny,developer,operator',
], function ($router) {
$router->resource('users', UserController::class);
...
});
// User has permission `edit-post``create-post` and `delete-post` can access routes under group.
Route::group([
'middleware' => 'admin.permission:check,edit-post,create-post,delete-post',
], function ($router) {
$router->resource('posts', PostController::class);
...
});
```
The usage of permission middleware is just as same as other middleware.
Reference in New Issue Copy Permalink