├── .editorconfig ├── .gitignore ├── .php_cs ├── .styleci.yml ├── Gruntfile.js ├── LICENSE ├── README.md ├── composer.json ├── composer.lock └── src ├── DCN └── RBAC │ ├── Contracts │ ├── HasRoleAndPermission.php │ ├── PermissionHasRelations.php │ └── RoleHasRelations.php │ ├── Exceptions │ ├── AccessDeniedException.php │ ├── PermissionDeniedException.php │ └── RoleDeniedException.php │ ├── Middleware │ ├── VerifyPermission.php │ └── VerifyRole.php │ ├── Models │ ├── Permission.php │ └── Role.php │ ├── RBACServiceProvider.php │ └── Traits │ ├── HasRoleAndPermission.php │ ├── PermissionHasRelations.php │ ├── RoleHasRelations.php │ └── Slugable.php ├── config └── rbac.php └── migrations ├── 2015_01_15_105324_create_roles_table.php ├── 2015_01_15_114412_create_role_user_table.php ├── 2015_01_26_115212_create_permissions_table.php ├── 2015_01_26_115523_create_permission_role_table.php └── 2015_02_09_132439_create_permission_user_table.php /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | insert_final_newline = true 7 | indent_style = space 8 | indent_size = 4 9 | trim_trailing_whitespace = true 10 | 11 | [*.yml] 12 | indent_style = space 13 | indent_size = 2 14 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /vendor 2 | /node_modules 3 | Gruntfile.js 4 | package.json 5 | composer.phar 6 | .DS_Store 7 | .php_cs.cache 8 | .idea 9 | .php_cs 10 | .styleci.yml 11 | .editorconfig 12 | -------------------------------------------------------------------------------- /.php_cs: -------------------------------------------------------------------------------- 1 | in(__DIR__); 5 | 6 | $fixers = [ 7 | 'short_array_syntax', 8 | ]; 9 | 10 | return Symfony\CS\Config\Config::create() 11 | ->setUsingCache(true) 12 | ->level(Symfony\CS\FixerInterface::PSR2_LEVEL) 13 | ->fixers($fixers) 14 | ->finder($finder); 15 | -------------------------------------------------------------------------------- /.styleci.yml: -------------------------------------------------------------------------------- 1 | preset: psr2 2 | 3 | enabled: 4 | - short_array_syntax 5 | -------------------------------------------------------------------------------- /Gruntfile.js: -------------------------------------------------------------------------------- 1 | module.exports = function(grunt){ 2 | 3 | grunt.initConfig({ 4 | pkg: grunt.file.readJSON('package.json'), 5 | watch: { 6 | scripts: { 7 | files: 'src/**', 8 | tasks: ['copy:all'], 9 | options: { 10 | spawn: false 11 | } 12 | } 13 | }, 14 | copy: { 15 | all: { 16 | files: [ 17 | {expand: true, src: ['src/**'], dest: '/home/sniper7kills/websites/DCN-CMS/vendor/dcn/rbac/'} 18 | ] 19 | } 20 | }, 21 | default: { 22 | 23 | } 24 | }); 25 | 26 | grunt.registerTask('default', []); 27 | grunt.loadNpmTasks('grunt-contrib-copy'); 28 | grunt.loadNpmTasks('grunt-contrib-watch'); 29 | 30 | }; -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Roman Bičan 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## [No Longer Maintained] 2 | ### Please See https://github.com/mbm-rafal/RBAC Instead! 3 | 4 | # RBAC For Laravel 5.3 5 | Powerful package for handling roles and permissions in Laravel 5.3 6 | 7 | Based on the [Bican/Roles](https://github.com/romanbican/roles/) Package. 8 | 9 | ### So whats Different? 10 | 11 | The difference is how [Inheritance](#inheritance) work. With Bican/Roles, permissions are inherited based on your highest `role level`. 12 | 13 | Instead this package uses a `parent_id` column to enable roles to be inherited from each other. 14 | 15 | This enables us to only pull permissions of roles that our users inherits, or that are directly assigned to the user. 16 | 17 | 18 | - [Installation](#installation) 19 | - [Composer](#composer) 20 | - [Service Provider](#service-provider) 21 | - [Config File And Migrations](#config-file-and-migrations) 22 | - [HasRoleAndPermission Trait And Contract](#hasroleandpermission-trait-and-contract) 23 | - [Usage](#usage) 24 | - Roles 25 | - [Creating Roles](#creating-roles) 26 | - [Attaching And Detaching Roles](#attaching-and-detaching-roles) 27 | - [Deny Roles](#deny-roles) 28 | - [Checking For Roles](#checking-for-roles) 29 | - Permissions 30 | - [Creating Permissions](#creating-permissions) 31 | - [Attaching And Detaching Permissions](#attaching-and-detaching-permissions) 32 | - [Deny Permissions](#deny-permissions) 33 | - [Checking For Permissions](#checking-for-permissions) 34 | - [Inheritance](#inheritance) 35 | - [Entity Check](#entity-check) 36 | - [Blade Extensions](#blade-extensions) 37 | - [Middleware](#middleware) 38 | - [Config File](#config-file) 39 | - [More Information](#more-information) 40 | - [License](#license) 41 | 42 | ## Installation 43 | 44 | This package is very easy to set up. There are only couple of steps. 45 | 46 | ### Composer 47 | 48 | Pull this package in through Composer (file `composer.json`). 49 | 50 | ```js 51 | { 52 | "require": { 53 | "php": ">=5.5.9", 54 | "laravel/framework": "5.1.*", 55 | "dcn/rbac": "~2.0" 56 | } 57 | } 58 | ``` 59 | 60 | Run this command inside your terminal. 61 | 62 | composer update 63 | 64 | ### Service Provider 65 | 66 | Add the package to your application service providers in `config/app.php` file. 67 | 68 | ```php 69 | 'providers' => [ 70 | 71 | /* 72 | * Laravel Framework Service Providers... 73 | */ 74 | Illuminate\Foundation\Providers\ArtisanServiceProvider::class, 75 | Illuminate\Auth\AuthServiceProvider::class, 76 | ... 77 | 78 | /** 79 | * Third Party Service Providers... 80 | */ 81 | DCN\RBAC\RBACServiceProvider::class, 82 | 83 | ], 84 | ``` 85 | 86 | ### Config File And Migrations 87 | 88 | Publish the package config file and migrations to your application. Run these commands inside your terminal. 89 | 90 | php artisan vendor:publish --provider="DCN\RBAC\RBACServiceProvider" --tag=config 91 | php artisan vendor:publish --provider="DCN\RBAC\RBACServiceProvider" --tag=migrations 92 | 93 | And also run migrations. 94 | 95 | php artisan migrate 96 | 97 | > There must be created migration file for users table, which is in Laravel out of the box. 98 | 99 | ### HasRoleAndPermission Trait And Contract 100 | 101 | Include `HasRoleAndPermission` trait and also implement `HasRoleAndPermission` contract inside your `User` model. 102 | 103 | ```php 104 | use DCN\RBAC\Traits\HasRoleAndPermission; 105 | use DCN\RBAC\Contracts\HasRoleAndPermission as HasRoleAndPermissionContract; 106 | 107 | class User extends Model implements AuthenticatableContract, CanResetPasswordContract, HasRoleAndPermissionContract 108 | { 109 | use Authenticatable, CanResetPassword, HasRoleAndPermission; 110 | ``` 111 | 112 | And that's it! 113 | 114 | ## Usage 115 | 116 | ### Creating Roles 117 | 118 | ```php 119 | use DCN\RBAC\Models\Role; 120 | 121 | $adminRole = Role::create([ 122 | 'name' => 'Admin', 123 | 'slug' => 'admin', 124 | 'description' => '', // optional 125 | 'parent_id' => NULL, // optional, set to NULL by default 126 | ]); 127 | 128 | $moderatorRole = Role::create([ 129 | 'name' => 'Forum Moderator', 130 | 'slug' => 'forum.moderator', 131 | ]); 132 | ``` 133 | 134 | > Because of `Slugable` trait, if you make a mistake and for example leave a space in slug parameter, it'll be replaced with a dot automatically, because of `str_slug` function. 135 | 136 | ### Attaching And Detaching Roles 137 | 138 | It's really simple. You fetch a user from database and call `attachRole` method. There is `BelongsToMany` relationship between `User` and `Role` model. 139 | 140 | ```php 141 | use App\User; 142 | 143 | $user = User::find($id); 144 | 145 | $user->attachRole($adminRole); //you can pass whole object, or just an id 146 | ``` 147 | 148 | ```php 149 | $user->detachRole($adminRole); // in case you want to detach role 150 | $user->detachAllRoles(); // in case you want to detach all roles 151 | ``` 152 | 153 | ### Deny Roles 154 | 155 | To deny a user a role and all of its children roles, see the following example. 156 | 157 | We recommend that you plan your roles accordingly if you plan on using this feature. As you could easily lock out users without realizing it. 158 | 159 | ```php 160 | use App\User; 161 | 162 | $role = Role::find($roleId); 163 | 164 | $user = User::find($userId); 165 | $user->attachRole($role, FALSE); // Deny this role, and all of its decedents to the user regardless of what has been assigned. 166 | ``` 167 | 168 | ### Checking For Roles 169 | 170 | You can now check if the user has required role. 171 | 172 | ```php 173 | if ($user->roleIs('admin')) { // you can pass an id or slug 174 | // 175 | } 176 | ``` 177 | 178 | You can also do this: 179 | 180 | ```php 181 | if ($user->isAdmin()) { 182 | // 183 | } 184 | ``` 185 | 186 | And of course, there is a way to check for multiple roles: 187 | 188 | ```php 189 | if ($user->roleIs('admin|moderator')) { // or $user->roleIs('admin, moderator') and also $user->roleIs(['admin', 'moderator']) 190 | // if user has at least one role 191 | } 192 | 193 | if ($user->roleIs('admin|moderator', true)) { // or $user->roleIs('admin, moderator', true) and also $user->roleIs(['admin', 'moderator'], true) 194 | // if user has all roles 195 | } 196 | ``` 197 | 198 | As well as Wild Cards: 199 | 200 | ```php 201 | if ($user->roleIs('admin|moderator.*')) { // or $user->roleIs('admin, moderator.*') and also $user->roleIs(['admin', 'moderator.*']) 202 | //User has admin role, or a moderator role 203 | } 204 | 205 | ``` 206 | 207 | ### Creating Permissions 208 | 209 | It's very simple thanks to `Permission` model. 210 | 211 | ```php 212 | use DCN\RBAC\Models\Permission; 213 | 214 | $createUsersPermission = Permission::create([ 215 | 'name' => 'Create users', 216 | 'slug' => 'create.users', 217 | 'description' => '', // optional 218 | ]); 219 | 220 | $deleteUsersPermission = Permission::create([ 221 | 'name' => 'Delete users', 222 | 'slug' => 'delete.users', 223 | ]); 224 | ``` 225 | 226 | ### Attaching And Detaching Permissions 227 | 228 | You can attach permissions to a role or directly to a specific user (and of course detach them as well). 229 | 230 | ```php 231 | use App\User; 232 | use DCN\RBAC\Models\Role; 233 | 234 | $role = Role::find($roleId); 235 | $role->attachPermission($createUsersPermission); // permission attached to a role 236 | 237 | $user = User::find($userId); 238 | $user->attachPermission($deleteUsersPermission); // permission attached to a user 239 | ``` 240 | 241 | ```php 242 | $role->detachPermission($createUsersPermission); // in case you want to detach permission 243 | $role->detachAllPermissions(); // in case you want to detach all permissions 244 | 245 | $user->detachPermission($deleteUsersPermission); 246 | $user->detachAllPermissions(); 247 | ``` 248 | 249 | ### Deny Permissions 250 | 251 | You can deny a user a permission, or you can deny an entire role a permission. 252 | 253 | To do this, when attaching a permission simply pass a second parameter of false. 254 | This will deny that user that permission regardless of what they are assigned. 255 | Denied permissions take precedent over inherited and granted permissions. 256 | 257 | ```php 258 | use App\User; 259 | use DCN\RBAC\Models\Role; 260 | 261 | $role = Role::find($roleId); 262 | $role->attachPermission($createUsersPermission, FALSE); // Deny this permission to all users who have or inherit this role. 263 | 264 | $user = User::find($userId); 265 | $user->attachPermission($deleteUsersPermission, FALSE); // Deny this permission to this user regardless of what roles they are in. 266 | ``` 267 | 268 | ### Checking For Permissions 269 | 270 | ```php 271 | if ($user->may('create.users') { // you can pass an id or slug 272 | // 273 | } 274 | 275 | if ($user->canDeleteUsers()) { 276 | // 277 | } 278 | ``` 279 | 280 | You can check for multiple permissions the same way as roles. 281 | 282 | ### Inheritance 283 | 284 | > If you don't want the inheritance feature in you application, simply ignore the `parent_id` parameter when you're creating roles. 285 | 286 | Roles that are assigned a parent_id of another role are automatically inherited when a user is assigned or inherits the parent role. 287 | 288 | Here is an example: 289 | 290 | You have 5 administrative groups. Admins, Store Admins, Store Inventory Managers, Blog Admins, and Blog Writers. 291 | 292 | Role | Parent | 293 | ----------- | ----------- | 294 | Admins | | 295 | Store Admins | Admins | 296 | Store Inventory Managers | Store Admins | 297 | Blog Admins | Admins | 298 | Blog Writers | Blog Admins | 299 | 300 | The `Admins Role` is the parent of both `Store Admins Role` as well as `Blog Admins Role`. 301 | 302 | While the `Store Admins Role` is the parent to `Store Inventory Managers Role`. 303 | 304 | And the `Blog Admins Role` is the parent to `Blog Writers`. 305 | 306 | This enables the `Admins Role` to inherit both `Store Inventory Managers Role` and `Blog Writers Role`. 307 | 308 | But the `Store Admins Role` only inherits the `Store Inventory Managers Role`, 309 | 310 | And the `Blog Admins Role` only inherits the `Blog Writers Role`. 311 | 312 | 313 | Another Example: 314 | 315 | id | slug | parent_id | 316 | --- | ----------- | ----------- | 317 | 1 | admin | NULL | 318 | 2 | admin.user | 1 | 319 | 3 | admin.blog | 1 | 320 | 4 | blog.writer | 3 | 321 | 5 | development | NULL | 322 | 323 | Here, 324 | `admin` inherits `admin.user`, `admin.blog`, and `blog.writer`. 325 | 326 | While `admin.user` doesn't inherit anything, and `admin.blog` inherits `blog.writer`. 327 | 328 | Nothing inherits `development` and, `development` doesn't inherit anything. 329 | 330 | 331 | ### Entity Check 332 | 333 | Let's say you have an article and you want to edit it. This article belongs to a user (there is a column `user_id` in articles table). 334 | 335 | ```php 336 | use App\Article; 337 | use DCN\RBAC\Models\Permission; 338 | 339 | $editArticlesPermission = Permission::create([ 340 | 'name' => 'Edit articles', 341 | 'slug' => 'edit.articles', 342 | 'model' => 'App\Article', 343 | ]); 344 | 345 | $user->attachPermission($editArticlesPermission); 346 | 347 | $article = Article::find(1); 348 | 349 | if ($user->allowed('edit.articles', $article)) { // $user->allowedEditArticles($article) 350 | // 351 | } 352 | ``` 353 | 354 | This condition checks if the current user is the owner of article. If not, it will be looking inside user permissions for a row we created before. 355 | 356 | ```php 357 | if ($user->allowed('edit.articles', $article, false)) { // now owner check is disabled 358 | // 359 | } 360 | ``` 361 | 362 | ### Blade Extensions 363 | 364 | There are three Blade extensions. Basically, it is replacement for classic if statements. 365 | 366 | ```php 367 | @role('admin') // @if(Auth::check() && Auth::user()->roleIs('admin')) 368 | // user is admin 369 | @endrole 370 | 371 | @permission('edit.articles') // @if(Auth::check() && Auth::user()->may('edit.articles')) 372 | // user can edit articles 373 | @endpermission 374 | 375 | @allowed('edit', $article) // @if(Auth::check() && Auth::user()->allowed('edit', $article)) 376 | // show edit button 377 | @endallowed 378 | 379 | @role('admin|moderator', 'all') // @if(Auth::check() && Auth::user()->roleIs('admin|moderator', 'all')) 380 | // user is admin and also moderator 381 | @else 382 | // something else 383 | @endrole 384 | ``` 385 | 386 | ### Middleware 387 | 388 | This package comes with `VerifyRole` and `VerifyPermission` middleware. You must add them inside your `app/Http/Kernel.php` file. 389 | 390 | ```php 391 | /** 392 | * The application's route middleware. 393 | * 394 | * @var array 395 | */ 396 | protected $routeMiddleware = [ 397 | 'auth' => \App\Http\Middleware\Authenticate::class, 398 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 399 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 400 | 'role' => \DCN\RBAC\Middleware\VerifyRole::class, 401 | 'permission' => \DCN\RBAC\Middleware\VerifyPermission::class, 402 | ]; 403 | ``` 404 | 405 | Now you can easily protect your routes. 406 | 407 | ```php 408 | $router->get('/example', [ 409 | 'as' => 'example', 410 | 'middleware' => 'role:admin', 411 | 'uses' => 'ExampleController@index', 412 | ]); 413 | 414 | $router->post('/example', [ 415 | 'as' => 'example', 416 | 'middleware' => 'permission:edit.articles', 417 | 'uses' => 'ExampleController@index', 418 | ]); 419 | ``` 420 | 421 | You also can pass multiple parameters on `VerifyPermission` and `VerifyRole` middleware, 422 | example: `role:admin,moderator,true`, the last parameter will be used to determine if user has all role or just any of the role passed, default value would be `false`. 423 | 424 | It throws `\DCN\RBAC\Exception\RoleDeniedException` or `\DCN\RBAC\Exception\PermissionDeniedException` exceptions if it goes wrong. 425 | 426 | You can catch these exceptions inside `app/Exceptions/Handler.php` file and do whatever you want. 427 | 428 | ```php 429 | /** 430 | * Render an exception into an HTTP response. 431 | * 432 | * @param \Illuminate\Http\Request $request 433 | * @param \Exception $e 434 | * @return \Illuminate\Http\Response 435 | */ 436 | public function render($request, Exception $e) 437 | { 438 | if ($e instanceof \DCN\RBAC\Exceptions\RoleDeniedException) { 439 | // you can for example flash message, redirect... 440 | return redirect()->back(); 441 | } 442 | 443 | return parent::render($request, $e); 444 | } 445 | ``` 446 | 447 | ## Config File 448 | 449 | You can change connection for models, slug separator, models path and there is also a handy pretend feature. Have a look at config file for more information. 450 | 451 | ## More Information 452 | 453 | This project is based on [Bican/Roles](https://github.com/romanbican/roles/). 454 | 455 | ## License 456 | 457 | This package is free software distributed under the terms of the MIT license. 458 | 459 | I don't care what you do with it. 460 | 461 | ## Contribute 462 | 463 | I honestly don't know what I'm doing. If you see something that could be fixed. Make a pull request on the develop branch!. 464 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "dcn/rbac", 3 | "description": "Powerful RBAC package for Laravel 5.1", 4 | "keywords": ["roles", "permissions", "rbac", "auth", "laravel", "illuminate"], 5 | "license": "MIT", 6 | "authors": [ 7 | { 8 | "name": "Will G", 9 | "email": "willg@cloudmy.it" 10 | } 11 | ], 12 | "require": { 13 | "php": ">=5.5.9", 14 | "illuminate/support": "~5.0" 15 | }, 16 | "extra": { 17 | "branch-alias": { 18 | "dev-master": "2.0-dev" 19 | } 20 | }, 21 | "autoload": { 22 | "psr-0": { 23 | "DCN\\RBAC": "src/" 24 | } 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /composer.lock: -------------------------------------------------------------------------------- 1 | { 2 | "_readme": [ 3 | "This file locks the dependencies of your project to a known state", 4 | "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", 5 | "This file is @generated automatically" 6 | ], 7 | "hash": "49828cfe96ba85c5e082b06d7e40dc9e", 8 | "content-hash": "48277f1759b3e1ae8e734c076abfafa4", 9 | "packages": [ 10 | { 11 | "name": "doctrine/inflector", 12 | "version": "v1.1.0", 13 | "source": { 14 | "type": "git", 15 | "url": "https://github.com/doctrine/inflector.git", 16 | "reference": "90b2128806bfde671b6952ab8bea493942c1fdae" 17 | }, 18 | "dist": { 19 | "type": "zip", 20 | "url": "https://api.github.com/repos/doctrine/inflector/zipball/90b2128806bfde671b6952ab8bea493942c1fdae", 21 | "reference": "90b2128806bfde671b6952ab8bea493942c1fdae", 22 | "shasum": "" 23 | }, 24 | "require": { 25 | "php": ">=5.3.2" 26 | }, 27 | "require-dev": { 28 | "phpunit/phpunit": "4.*" 29 | }, 30 | "type": "library", 31 | "extra": { 32 | "branch-alias": { 33 | "dev-master": "1.1.x-dev" 34 | } 35 | }, 36 | "autoload": { 37 | "psr-0": { 38 | "Doctrine\\Common\\Inflector\\": "lib/" 39 | } 40 | }, 41 | "notification-url": "https://packagist.org/downloads/", 42 | "license": [ 43 | "MIT" 44 | ], 45 | "authors": [ 46 | { 47 | "name": "Roman Borschel", 48 | "email": "roman@code-factory.org" 49 | }, 50 | { 51 | "name": "Benjamin Eberlei", 52 | "email": "kontakt@beberlei.de" 53 | }, 54 | { 55 | "name": "Guilherme Blanco", 56 | "email": "guilhermeblanco@gmail.com" 57 | }, 58 | { 59 | "name": "Jonathan Wage", 60 | "email": "jonwage@gmail.com" 61 | }, 62 | { 63 | "name": "Johannes Schmitt", 64 | "email": "schmittjoh@gmail.com" 65 | } 66 | ], 67 | "description": "Common String Manipulations with regard to casing and singular/plural rules.", 68 | "homepage": "http://www.doctrine-project.org", 69 | "keywords": [ 70 | "inflection", 71 | "pluralize", 72 | "singularize", 73 | "string" 74 | ], 75 | "time": "2015-11-06 14:35:42" 76 | }, 77 | { 78 | "name": "illuminate/contracts", 79 | "version": "v5.3.23", 80 | "source": { 81 | "type": "git", 82 | "url": "https://github.com/illuminate/contracts.git", 83 | "reference": "ce5d73c6015b2054d32f3f8530767847b358ae4e" 84 | }, 85 | "dist": { 86 | "type": "zip", 87 | "url": "https://api.github.com/repos/illuminate/contracts/zipball/ce5d73c6015b2054d32f3f8530767847b358ae4e", 88 | "reference": "ce5d73c6015b2054d32f3f8530767847b358ae4e", 89 | "shasum": "" 90 | }, 91 | "require": { 92 | "php": ">=5.6.4" 93 | }, 94 | "type": "library", 95 | "extra": { 96 | "branch-alias": { 97 | "dev-master": "5.3-dev" 98 | } 99 | }, 100 | "autoload": { 101 | "psr-4": { 102 | "Illuminate\\Contracts\\": "" 103 | } 104 | }, 105 | "notification-url": "https://packagist.org/downloads/", 106 | "license": [ 107 | "MIT" 108 | ], 109 | "authors": [ 110 | { 111 | "name": "Taylor Otwell", 112 | "email": "taylor@laravel.com" 113 | } 114 | ], 115 | "description": "The Illuminate Contracts package.", 116 | "homepage": "https://laravel.com", 117 | "time": "2016-09-26 20:36:27" 118 | }, 119 | { 120 | "name": "illuminate/support", 121 | "version": "v5.3.23", 122 | "source": { 123 | "type": "git", 124 | "url": "https://github.com/illuminate/support.git", 125 | "reference": "050d0ed3e1c0e1d129d73b2eaa14044e46a66f77" 126 | }, 127 | "dist": { 128 | "type": "zip", 129 | "url": "https://api.github.com/repos/illuminate/support/zipball/050d0ed3e1c0e1d129d73b2eaa14044e46a66f77", 130 | "reference": "050d0ed3e1c0e1d129d73b2eaa14044e46a66f77", 131 | "shasum": "" 132 | }, 133 | "require": { 134 | "doctrine/inflector": "~1.0", 135 | "ext-mbstring": "*", 136 | "illuminate/contracts": "5.3.*", 137 | "paragonie/random_compat": "~1.4|~2.0", 138 | "php": ">=5.6.4" 139 | }, 140 | "replace": { 141 | "tightenco/collect": "self.version" 142 | }, 143 | "suggest": { 144 | "illuminate/filesystem": "Required to use the composer class (5.2.*).", 145 | "symfony/process": "Required to use the composer class (3.1.*).", 146 | "symfony/var-dumper": "Required to use the dd function (3.1.*)." 147 | }, 148 | "type": "library", 149 | "extra": { 150 | "branch-alias": { 151 | "dev-master": "5.3-dev" 152 | } 153 | }, 154 | "autoload": { 155 | "psr-4": { 156 | "Illuminate\\Support\\": "" 157 | }, 158 | "files": [ 159 | "helpers.php" 160 | ] 161 | }, 162 | "notification-url": "https://packagist.org/downloads/", 163 | "license": [ 164 | "MIT" 165 | ], 166 | "authors": [ 167 | { 168 | "name": "Taylor Otwell", 169 | "email": "taylor@laravel.com" 170 | } 171 | ], 172 | "description": "The Illuminate Support package.", 173 | "homepage": "https://laravel.com", 174 | "time": "2016-11-03 15:25:28" 175 | }, 176 | { 177 | "name": "paragonie/random_compat", 178 | "version": "v2.0.4", 179 | "source": { 180 | "type": "git", 181 | "url": "https://github.com/paragonie/random_compat.git", 182 | "reference": "a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e" 183 | }, 184 | "dist": { 185 | "type": "zip", 186 | "url": "https://api.github.com/repos/paragonie/random_compat/zipball/a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e", 187 | "reference": "a9b97968bcde1c4de2a5ec6cbd06a0f6c919b46e", 188 | "shasum": "" 189 | }, 190 | "require": { 191 | "php": ">=5.2.0" 192 | }, 193 | "require-dev": { 194 | "phpunit/phpunit": "4.*|5.*" 195 | }, 196 | "suggest": { 197 | "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." 198 | }, 199 | "type": "library", 200 | "autoload": { 201 | "files": [ 202 | "lib/random.php" 203 | ] 204 | }, 205 | "notification-url": "https://packagist.org/downloads/", 206 | "license": [ 207 | "MIT" 208 | ], 209 | "authors": [ 210 | { 211 | "name": "Paragon Initiative Enterprises", 212 | "email": "security@paragonie.com", 213 | "homepage": "https://paragonie.com" 214 | } 215 | ], 216 | "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", 217 | "keywords": [ 218 | "csprng", 219 | "pseudorandom", 220 | "random" 221 | ], 222 | "time": "2016-11-07 23:38:38" 223 | } 224 | ], 225 | "packages-dev": [], 226 | "aliases": [], 227 | "minimum-stability": "stable", 228 | "stability-flags": [], 229 | "prefer-stable": false, 230 | "prefer-lowest": false, 231 | "platform": { 232 | "php": ">=5.5.9" 233 | }, 234 | "platform-dev": [] 235 | } 236 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Contracts/HasRoleAndPermission.php: -------------------------------------------------------------------------------- 1 | message = sprintf("You don't have a required ['%s'] permission.", $permission); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Exceptions/RoleDeniedException.php: -------------------------------------------------------------------------------- 1 | message = sprintf("You don't have a required ['%s'] role.", $role); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Middleware/VerifyPermission.php: -------------------------------------------------------------------------------- 1 | auth = $auth; 24 | } 25 | 26 | /** 27 | * Handle an incoming request. 28 | * 29 | * @param \Illuminate\Http\Request $request 30 | * @param \Closure $next 31 | * @param int|string $permissions 32 | * @return mixed 33 | * @throws \DCN\RBAC\Exceptions\PermissionDeniedException 34 | */ 35 | public function handle($request, Closure $next, ...$permissions) 36 | { 37 | $all = filter_var(array_values(array_slice($permissions, -1))[0], FILTER_VALIDATE_BOOLEAN); 38 | if ($this->auth->check() && $this->auth->user()->may($permissions, $all)) { 39 | return $next($request); 40 | } 41 | 42 | throw new PermissionDeniedException(implode(',', $permissions)); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Middleware/VerifyRole.php: -------------------------------------------------------------------------------- 1 | auth = $auth; 24 | } 25 | 26 | /** 27 | * Handle an incoming request. 28 | * 29 | * @param \Illuminate\Http\Request $request 30 | * @param \Closure $next 31 | * @param int|string $role 32 | * @return mixed 33 | * @throws \DCN\RBAC\Exceptions\RoleDeniedException 34 | */ 35 | public function handle($request, Closure $next, ...$roles) 36 | { 37 | $all = filter_var(array_values(array_slice($roles, -1))[0], FILTER_VALIDATE_BOOLEAN); 38 | if ($this->auth->check() && $this->auth->user()->roleIs($roles, $all)) { 39 | return $next($request); 40 | } 41 | 42 | throw new RoleDeniedException(implode(',', $roles)); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Models/Permission.php: -------------------------------------------------------------------------------- 1 | connection = $connection; 32 | } 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Models/Role.php: -------------------------------------------------------------------------------- 1 | connection = $connection; 32 | } 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/DCN/RBAC/RBACServiceProvider.php: -------------------------------------------------------------------------------- 1 | publishes([ 17 | __DIR__ . '/../../config/rbac.php' => config_path('rbac.php') 18 | ], 'config'); 19 | 20 | $this->publishes([ 21 | __DIR__ . '/../../migrations/' => base_path('/database/migrations') 22 | ], 'migrations'); 23 | 24 | $this->registerBladeExtensions(); 25 | } 26 | 27 | /** 28 | * Register any application services. 29 | * 30 | * @return void 31 | */ 32 | public function register() 33 | { 34 | $this->mergeConfigFrom(__DIR__ . '/../../config/rbac.php', 'rbac'); 35 | } 36 | 37 | /** 38 | * Register Blade extensions. 39 | * 40 | * @return void 41 | */ 42 | protected function registerBladeExtensions() 43 | { 44 | $blade = $this->app['view']->getEngineResolver()->resolve('blade')->getCompiler(); 45 | 46 | $blade->directive('role', function ($expression) { 47 | return "roleIs({$expression})): ?>"; 48 | }); 49 | 50 | $blade->directive('endrole', function () { 51 | return ""; 52 | }); 53 | 54 | $blade->directive('permission', function ($expression) { 55 | return "may({$expression})): ?>"; 56 | }); 57 | 58 | $blade->directive('endpermission', function () { 59 | return ""; 60 | }); 61 | 62 | $blade->directive('allowed', function ($expression) { 63 | return "allowed({$expression})): ?>"; 64 | }); 65 | 66 | $blade->directive('endallowed', function () { 67 | return ""; 68 | }); 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Traits/HasRoleAndPermission.php: -------------------------------------------------------------------------------- 1 | belongsToMany(config('rbac.models.role'))->withTimestamps()->withPivot('granted'); 33 | } 34 | 35 | /** 36 | * Get only Granted Roles 37 | */ 38 | public function grantedRoles() { 39 | return $this->roles()->wherePivot('granted', true); 40 | } 41 | 42 | /** 43 | * Get only Denied Roles 44 | */ 45 | public function deniedRoles() { 46 | return $this->roles()->wherePivot('granted', false); 47 | } 48 | 49 | /** 50 | * User belongs to many permissions. 51 | * 52 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 53 | */ 54 | public function userPermissions() 55 | { 56 | return $this->belongsToMany(config('rbac.models.permission'))->withTimestamps()->withPivot('granted'); 57 | } 58 | 59 | /** 60 | * Get only Granted Permissions 61 | */ 62 | public function grantedPermissions() { 63 | return $this->userPermissions()->wherePivot('granted', true); 64 | } 65 | 66 | /** 67 | * Get only Denied Permissions 68 | */ 69 | public function deniedPermissions() { 70 | return $this->userPermissions()->wherePivot('granted', false); 71 | } 72 | 73 | /** 74 | * Get all roles as collection. 75 | * 76 | * @return \Illuminate\Database\Eloquent\Collection 77 | */ 78 | public function getRoles() 79 | { 80 | if(!$this->roles){ 81 | $this->roles = $this->grantedRoles()->get(); 82 | 83 | $deniedRoles = $this->deniedRoles()->get(); 84 | foreach($deniedRoles as $role) 85 | $deniedRoles = $deniedRoles->merge($role->descendants()); 86 | 87 | foreach($this->roles as $role) 88 | if(!$deniedRoles->contains($role)) 89 | $this->roles = $this->roles->merge($role->descendants()); 90 | 91 | $this->roles = $this->roles->filter(function($role) use ($deniedRoles){ 92 | return !$deniedRoles->contains($role); 93 | }); 94 | } 95 | return $this->roles; 96 | } 97 | 98 | /** 99 | * Get all permissions from roles. 100 | * 101 | * @return \Illuminate\Database\Eloquent\Collection 102 | */ 103 | public function rolePermissions() 104 | { 105 | 106 | $permissions = new Collection(); 107 | foreach ($this->getRoles() as $role) 108 | $permissions = $permissions->merge($role->permissions); 109 | return $permissions; 110 | } 111 | 112 | /** 113 | * Get all permissions as collection. 114 | * 115 | * @return \Illuminate\Database\Eloquent\Collection 116 | */ 117 | public function getPermissions() 118 | { 119 | if(!$this->permissions){ 120 | $rolePermissions = $this->rolePermissions(); 121 | $userPermissions = $this->grantedPermissions()->get(); 122 | 123 | $permissions = $rolePermissions->merge($userPermissions); 124 | $deniedPermissions =$this->deniedPermissions()->get(); 125 | 126 | $this->permissions = $permissions->filter(function($permission) use ($deniedPermissions) 127 | { 128 | return !$deniedPermissions->contains($permission); 129 | }); 130 | } 131 | return $this->permissions; 132 | } 133 | /** 134 | * Check if the user has a role or roles. 135 | * 136 | * @param int|string|array $role 137 | * @param bool $all 138 | * @return bool 139 | */ 140 | public function roleIs($role, $all = false) 141 | { 142 | if ($this->isPretendEnabled()) { 143 | return $this->pretend('is'); 144 | } 145 | 146 | return $this->{$this->getMethodName('is', $all)}($this->getArrayFrom($role)); 147 | } 148 | 149 | /** 150 | * Check if the user has at least one role. 151 | * 152 | * @param array $roles 153 | * @return bool 154 | */ 155 | protected function isOne(array $roles) 156 | { 157 | foreach ($roles as $role) { 158 | if ($this->hasRole($role)) { 159 | return true; 160 | } 161 | } 162 | 163 | return false; 164 | } 165 | 166 | /** 167 | * Check if the user has all roles. 168 | * 169 | * @param array $roles 170 | * @return bool 171 | */ 172 | protected function isAll(array $roles) 173 | { 174 | foreach ($roles as $role) { 175 | if (!$this->hasRole($role)) { 176 | return false; 177 | } 178 | } 179 | 180 | return true; 181 | } 182 | 183 | /** 184 | * Check if the user has role. 185 | * 186 | * @param int|string $role 187 | * @return bool 188 | */ 189 | protected function hasRole($role) 190 | { 191 | return $this->getRoles()->contains(function ($value, $key) use ($role) { 192 | return $role == $value->id || Str::is($role, $value->slug); 193 | }); 194 | } 195 | 196 | /** 197 | * Check if the user has a permission or permissions. 198 | * 199 | * @param int|string|array $permission 200 | * @param bool $all 201 | * @return bool 202 | */ 203 | public function may($permission, $all = false) 204 | { 205 | if ($this->isPretendEnabled()) { 206 | return $this->pretend('can'); 207 | } 208 | 209 | return $this->{$this->getMethodName('can', $all)}($this->getArrayFrom($permission)); 210 | } 211 | 212 | /** 213 | * Check if the user has at least one permission. 214 | * 215 | * @param array $permissions 216 | * @return bool 217 | */ 218 | protected function canOne(array $permissions) 219 | { 220 | foreach ($permissions as $permission) { 221 | if ($this->hasPermission($permission)) { 222 | return true; 223 | } 224 | } 225 | 226 | return false; 227 | } 228 | 229 | /** 230 | * Check if the user has all permissions. 231 | * 232 | * @param array $permissions 233 | * @return bool 234 | */ 235 | protected function canAll(array $permissions) 236 | { 237 | foreach ($permissions as $permission) { 238 | if (!$this->hasPermission($permission)) { 239 | return false; 240 | } 241 | } 242 | 243 | return true; 244 | } 245 | 246 | /** 247 | * Check if the user has a permission. 248 | * 249 | * @param int|string $permission 250 | * @return bool 251 | */ 252 | protected function hasPermission($permission) 253 | { 254 | return $this->getPermissions()->contains(function ($value, $key) use ($permission) { 255 | return $permission == $value->id || Str::is($permission, $value->slug); 256 | }); 257 | } 258 | 259 | /** 260 | * Check if the user is allowed to manipulate with entity. 261 | * 262 | * @param string $providedPermission 263 | * @param \Illuminate\Database\Eloquent\Model $entity 264 | * @param bool $owner 265 | * @param string $ownerColumn 266 | * @return bool 267 | */ 268 | public function allowed($providedPermission, Model $entity, $owner = true, $ownerColumn = 'user_id') 269 | { 270 | if ($this->isPretendEnabled()) { 271 | return $this->pretend('allowed'); 272 | } 273 | 274 | if ($owner === true && $entity->{$ownerColumn} == $this->id) { 275 | return true; 276 | } 277 | 278 | return $this->isAllowed($providedPermission, $entity); 279 | } 280 | 281 | /** 282 | * Check if the user is allowed to manipulate with provided entity. 283 | * 284 | * @param string $providedPermission 285 | * @param \Illuminate\Database\Eloquent\Model $entity 286 | * @return bool 287 | */ 288 | protected function isAllowed($providedPermission, Model $entity) 289 | { 290 | foreach ($this->getPermissions() as $permission) { 291 | if ($permission->model != '' && get_class($entity) == $permission->model 292 | && ($permission->id == $providedPermission || $permission->slug === $providedPermission) 293 | ) { 294 | return true; 295 | } 296 | } 297 | 298 | return false; 299 | } 300 | 301 | /** 302 | * Attach role to a user. 303 | * 304 | * @param int|\DCN\RBAC\Models\Role $role 305 | * @param bool $granted 306 | * @return bool|null 307 | */ 308 | public function attachRole($role, $granted = TRUE) 309 | { 310 | if($granted) 311 | return (!$this->grantedRoles()->get()->contains($role)) ? $this->roles()->attach($role, array('granted' => TRUE)) : true; 312 | else 313 | return (!$this->deniedRoles()->get()->contains($role)) ? $this->roles()->attach($role, array('granted' => FALSE)) : true; 314 | } 315 | 316 | /** 317 | * Detach role from a user. 318 | * 319 | * @param int|\DCN\RBAC\Models\Role $role 320 | * @return int 321 | */ 322 | public function detachRole($role) 323 | { 324 | return $this->roles()->detach($role); 325 | } 326 | 327 | /** 328 | * Detach all roles from a user. 329 | * 330 | * @return int 331 | */ 332 | public function detachAllRoles() 333 | { 334 | return $this->roles()->detach(); 335 | } 336 | 337 | /** 338 | * Attach permission to a user. 339 | * 340 | * @param int|\DCN\RBAC\Models\Permission $permission 341 | * @param bool $granted 342 | * @return bool|null 343 | */ 344 | public function attachPermission($permission, $granted = true) 345 | { 346 | if($granted) 347 | return (!$this->grantedPermissions()->get()->contains($permission)) ? $this->userPermissions()->attach($permission, array('granted' => TRUE)) : true; 348 | else 349 | return (!$this->deniedPermissions()->get()->contains($permission)) ? $this->userPermissions()->attach($permission, array('granted' => FALSE)) : true; 350 | 351 | } 352 | 353 | /** 354 | * Detach permission from a user. 355 | * 356 | * @param int|\DCN\RBAC\Models\Permission $permission 357 | * @return int 358 | */ 359 | public function detachPermission($permission) 360 | { 361 | return $this->userPermissions()->detach($permission); 362 | } 363 | 364 | /** 365 | * Detach all permissions from a user. 366 | * 367 | * @return int 368 | */ 369 | public function detachAllPermissions() 370 | { 371 | return $this->userPermissions()->detach(); 372 | } 373 | 374 | /** 375 | * Check if pretend option is enabled. 376 | * 377 | * @return bool 378 | */ 379 | private function isPretendEnabled() 380 | { 381 | return (bool) config('roles.pretend.enabled'); 382 | } 383 | 384 | /** 385 | * Allows to pretend or simulate package behavior. 386 | * 387 | * @param string $option 388 | * @return bool 389 | */ 390 | private function pretend($option) 391 | { 392 | return (bool) config('roles.pretend.options.' . $option); 393 | } 394 | 395 | /** 396 | * Get method name. 397 | * 398 | * @param string $methodName 399 | * @param bool $all 400 | * @return string 401 | */ 402 | private function getMethodName($methodName, $all) 403 | { 404 | return ((bool) $all) ? $methodName . 'All' : $methodName . 'One'; 405 | } 406 | 407 | /** 408 | * Get an array from argument. 409 | * 410 | * @param int|string|array $argument 411 | * @return array 412 | */ 413 | private function getArrayFrom($argument) 414 | { 415 | return (!is_array($argument)) ? preg_split('/ ?[,|] ?/', $argument) : $argument; 416 | } 417 | 418 | /** 419 | * Handle dynamic method calls. 420 | * 421 | * @param string $method 422 | * @param array $parameters 423 | * @return mixed 424 | */ 425 | public function __call($method, $parameters) 426 | { 427 | if (starts_with($method, 'roleIs')) { 428 | return $this->roleIs(snake_case(substr($method, 6), config('roles.separator'))); 429 | } elseif (starts_with($method, 'may')) { 430 | return $this->may(snake_case(substr($method, 3), config('roles.separator'))); 431 | } elseif (starts_with($method, 'allowed')) { 432 | return $this->allowed(snake_case(substr($method, 7), config('roles.separator')), $parameters[0], (isset($parameters[1])) ? $parameters[1] : true, (isset($parameters[2])) ? $parameters[2] : 'user_id'); 433 | } elseif (starts_with($method, 'hasRole')) { 434 | return $this->hasRole(isset($parameters[0]) ? $parameters[0] : snake_case(substr($method, 7), config('roles.separator'))); 435 | } 436 | 437 | return parent::__call($method, $parameters); 438 | } 439 | } 440 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Traits/PermissionHasRelations.php: -------------------------------------------------------------------------------- 1 | belongsToMany(config('rbac.models.role'))->withTimestamps(); 15 | } 16 | 17 | /** 18 | * Permission belongs to many users. 19 | * 20 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 21 | */ 22 | public function users() 23 | { 24 | return $this->belongsToMany(config('auth.model'))->withTimestamps(); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Traits/RoleHasRelations.php: -------------------------------------------------------------------------------- 1 | belongsToMany(config('rbac.models.permission'))->withTimestamps()->withPivot('granted'); 15 | } 16 | 17 | /** 18 | * Role belongs to many users. 19 | * 20 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 21 | */ 22 | public function users() 23 | { 24 | return $this->belongsToMany(config('auth.model'))->withTimestamps(); 25 | } 26 | 27 | /** 28 | * Role belongs to parent role. 29 | * 30 | * @return \Illuminate\Database\Eloquent\Relations\BelongsTo 31 | */ 32 | 33 | public function parent() 34 | { 35 | return $this->belongsTo(config('rbac.models.role'),'parent_id'); 36 | } 37 | 38 | public function ancestors() 39 | { 40 | $ancestors = $this->where('id', '=', $this->parent_id)->get(); 41 | while ($ancestors->last() && $ancestors->last()->parent_id !== null) 42 | { 43 | $parent = $this->where('id', '=', $ancestors->last()->parent_id)->get(); 44 | $ancestors = $ancestors->merge($parent); 45 | } 46 | return $ancestors; 47 | } 48 | 49 | 50 | /** 51 | * Role has many children roles 52 | * 53 | * @return \Illuminate\Database\Eloquent\Relations\HasMany 54 | */ 55 | public function children() 56 | { 57 | return $this->hasMany(config('rbac.models.role'),'parent_id'); 58 | } 59 | 60 | public function descendants() 61 | { 62 | $descendants = $this->where('parent_id', '=', $this->id)->get(); 63 | 64 | foreach($descendants as $descendant) 65 | $descendants = $descendants->merge($descendant->descendants()); 66 | 67 | return $descendants; 68 | } 69 | 70 | /** 71 | * Attach permission to a role. 72 | * 73 | * @param int|\Bican\Roles\Models\Permission $permission 74 | * @param bool $granted 75 | * @return bool|int 76 | */ 77 | public function attachPermission($permission, $granted = true) 78 | { 79 | return (!$this->permissions()->get()->contains($permission)) ? $this->permissions()->attach($permission, array('granted' => $granted)) : true; 80 | } 81 | 82 | /** 83 | * Detach permission from a role. 84 | * 85 | * @param int|\Bican\Roles\Models\Permission $permission 86 | * @return int 87 | */ 88 | public function detachPermission($permission) 89 | { 90 | return $this->permissions()->detach($permission); 91 | } 92 | 93 | /** 94 | * Detach all permissions. 95 | * 96 | * @return int 97 | */ 98 | public function detachAllPermissions() 99 | { 100 | return $this->permissions()->detach(); 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /src/DCN/RBAC/Traits/Slugable.php: -------------------------------------------------------------------------------- 1 | attributes['slug'] = Str::slug($value, config('rbac.separator')); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/config/rbac.php: -------------------------------------------------------------------------------- 1 | null, 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Slug Separator 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you can change the slug separator. This is very important in matter 24 | | of magic method __call() and also a `Slugable` trait. The default value 25 | | is a dot. 26 | | 27 | */ 28 | 29 | 'separator' => '.', 30 | 31 | /* 32 | |-------------------------------------------------------------------------- 33 | | Models 34 | |-------------------------------------------------------------------------- 35 | | 36 | | If you want, you can replace default models from this package by models 37 | | you created. Have a look at `DCN\RBAC\Models\Role` model and 38 | | `DCN\RBAC\Models\Permission` model. 39 | | 40 | */ 41 | 42 | 'models' => [ 43 | 'role' => DCN\RBAC\Models\Role::class, 44 | 'permission' => DCN\RBAC\Models\Permission::class, 45 | ], 46 | 47 | /* 48 | |-------------------------------------------------------------------------- 49 | | Roles, Permissions and Allowed "Pretend" 50 | |-------------------------------------------------------------------------- 51 | | 52 | | You can pretend or simulate package behavior no matter what is in your 53 | | database. It is really useful when you are testing you application. 54 | | Set up what will methods roleIs(), may() and allowed() return. 55 | | 56 | */ 57 | 58 | 'pretend' => [ 59 | 60 | 'enabled' => false, 61 | 62 | 'options' => [ 63 | 'roleIs' => true, 64 | 'may' => true, 65 | 'allowed' => true, 66 | ], 67 | 68 | ], 69 | 70 | ]; 71 | -------------------------------------------------------------------------------- /src/migrations/2015_01_15_105324_create_roles_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->string('name'); 18 | $table->string('slug')->unique(); 19 | $table->string('description')->nullable(); 20 | $table->integer('parent_id')->unsigned()->nullable(); 21 | $table->foreign('parent_id')->references('id')->on('roles'); 22 | $table->timestamps(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::drop('roles'); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/migrations/2015_01_15_114412_create_role_user_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->integer('role_id')->unsigned()->index(); 18 | $table->foreign('role_id')->references('id')->on('roles')->onDelete('cascade'); 19 | $table->integer('user_id')->unsigned()->index(); 20 | $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade'); 21 | $table->boolean('granted')->default(true); 22 | $table->timestamps(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::drop('role_user'); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/migrations/2015_01_26_115212_create_permissions_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->string('name'); 18 | $table->string('slug'); 19 | $table->string('description')->nullable(); 20 | $table->string('model')->nullable(); 21 | $table->timestamps(); 22 | }); 23 | } 24 | 25 | /** 26 | * Reverse the migrations. 27 | * 28 | * @return void 29 | */ 30 | public function down() 31 | { 32 | Schema::drop('permissions'); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /src/migrations/2015_01_26_115523_create_permission_role_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->integer('permission_id')->unsigned()->index(); 18 | $table->foreign('permission_id')->references('id')->on('permissions')->onDelete('cascade'); 19 | $table->integer('role_id')->unsigned()->index(); 20 | $table->foreign('role_id')->references('id')->on('roles')->onDelete('cascade'); 21 | $table->boolean('granted')->default(true); 22 | $table->timestamps(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::drop('permission_role'); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/migrations/2015_02_09_132439_create_permission_user_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 17 | $table->integer('permission_id')->unsigned()->index(); 18 | $table->foreign('permission_id')->references('id')->on('permissions')->onDelete('cascade'); 19 | $table->integer('user_id')->unsigned()->index(); 20 | $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade'); 21 | $table->boolean('granted')->default(true); 22 | $table->timestamps(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::drop('permission_user'); 34 | } 35 | } 36 | --------------------------------------------------------------------------------