├── .gitignore ├── LICENSE.txt ├── composer.json ├── composer.lock ├── readme.md └── src ├── Ntrust ├── Commands │ └── MigrationCommand.php ├── Middleware │ ├── NtrustAbility.php │ ├── NtrustPermission.php │ └── NtrustRole.php ├── Ntrust.php ├── NtrustFacade.php ├── NtrustServiceProvider.php └── Traits │ ├── NtrustPermissionTrait.php │ ├── NtrustRoleTrait.php │ └── NtrustUserTrait.php ├── config └── ntrust.php └── views └── generators └── migration.blade.php /.gitignore: -------------------------------------------------------------------------------- 1 | /vendor/ 2 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | THE SOFTWARE. -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "klaravel/ntrust", 3 | "description": "Role-Based Permissions for Laravel 5.3+", 4 | "license": "MIT", 5 | "keywords": ["laravel", "trust", "ntrust", "user", "admin", "user role permissions", "role", "permissions"], 6 | "authors": [ 7 | { 8 | "name": "Keyur Ajmera", 9 | "email": "ajmerainfo@gmail.com" 10 | } 11 | ], 12 | "require": { 13 | "illuminate/console": "5.*", 14 | "illuminate/support": "5.*", 15 | "illuminate/cache": "5.*" 16 | }, 17 | "autoload": { 18 | "psr-4": { 19 | "Klaravel\\Ntrust\\": "src/Ntrust" 20 | } 21 | }, 22 | "extra": { 23 | "laravel": { 24 | "providers": [ 25 | "Klaravel\\Ntrust\\NtrustServiceProvider" 26 | ], 27 | "aliases": { 28 | "Ntrust": "Klaravel\\Ntrust\\NtrustFacade" 29 | } 30 | } 31 | }, 32 | "minimum-stability": "dev" 33 | } 34 | -------------------------------------------------------------------------------- /composer.lock: -------------------------------------------------------------------------------- 1 | { 2 | "_readme": [ 3 | "This file locks the dependencies of your project to a known state", 4 | "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", 5 | "This file is @generated automatically" 6 | ], 7 | "hash": "bcd3a7456a6ec13692c783d8b1e10fbe", 8 | "content-hash": "579b99549d2b0f2afe8bf01eb5f2e73f", 9 | "packages": [ 10 | { 11 | "name": "doctrine/inflector", 12 | "version": "dev-master", 13 | "source": { 14 | "type": "git", 15 | "url": "https://github.com/doctrine/inflector.git", 16 | "reference": "803a2ed9fea02f9ca47cd45395089fe78769a392" 17 | }, 18 | "dist": { 19 | "type": "zip", 20 | "url": "https://api.github.com/repos/doctrine/inflector/zipball/803a2ed9fea02f9ca47cd45395089fe78769a392", 21 | "reference": "803a2ed9fea02f9ca47cd45395089fe78769a392", 22 | "shasum": "" 23 | }, 24 | "require": { 25 | "php": ">=5.3.2" 26 | }, 27 | "require-dev": { 28 | "phpunit/phpunit": "4.*" 29 | }, 30 | "type": "library", 31 | "extra": { 32 | "branch-alias": { 33 | "dev-master": "1.1.x-dev" 34 | } 35 | }, 36 | "autoload": { 37 | "psr-0": { 38 | "Doctrine\\Common\\Inflector\\": "lib/" 39 | } 40 | }, 41 | "notification-url": "https://packagist.org/downloads/", 42 | "license": [ 43 | "MIT" 44 | ], 45 | "authors": [ 46 | { 47 | "name": "Roman Borschel", 48 | "email": "roman@code-factory.org" 49 | }, 50 | { 51 | "name": "Benjamin Eberlei", 52 | "email": "kontakt@beberlei.de" 53 | }, 54 | { 55 | "name": "Guilherme Blanco", 56 | "email": "guilhermeblanco@gmail.com" 57 | }, 58 | { 59 | "name": "Jonathan Wage", 60 | "email": "jonwage@gmail.com" 61 | }, 62 | { 63 | "name": "Johannes Schmitt", 64 | "email": "schmittjoh@gmail.com" 65 | } 66 | ], 67 | "description": "Common String Manipulations with regard to casing and singular/plural rules.", 68 | "homepage": "http://www.doctrine-project.org", 69 | "keywords": [ 70 | "inflection", 71 | "pluralize", 72 | "singularize", 73 | "string" 74 | ], 75 | "time": "2016-05-12 17:23:41" 76 | }, 77 | { 78 | "name": "illuminate/cache", 79 | "version": "dev-master", 80 | "source": { 81 | "type": "git", 82 | "url": "https://github.com/illuminate/cache.git", 83 | "reference": "3506670a22c94acfd1c17d3327fba4e238510bb8" 84 | }, 85 | "dist": { 86 | "type": "zip", 87 | "url": "https://api.github.com/repos/illuminate/cache/zipball/3506670a22c94acfd1c17d3327fba4e238510bb8", 88 | "reference": "3506670a22c94acfd1c17d3327fba4e238510bb8", 89 | "shasum": "" 90 | }, 91 | "require": { 92 | "illuminate/contracts": "5.4.*", 93 | "illuminate/support": "5.4.*", 94 | "nesbot/carbon": "~1.20", 95 | "php": ">=5.6.4" 96 | }, 97 | "suggest": { 98 | "illuminate/database": "Required to use the database cache driver (5.4.*).", 99 | "illuminate/filesystem": "Required to use the file cache driver (5.4.*).", 100 | "illuminate/redis": "Required to use the redis cache driver (5.4.*)." 101 | }, 102 | "type": "library", 103 | "extra": { 104 | "branch-alias": { 105 | "dev-master": "5.4-dev" 106 | } 107 | }, 108 | "autoload": { 109 | "psr-4": { 110 | "Illuminate\\Cache\\": "" 111 | } 112 | }, 113 | "notification-url": "https://packagist.org/downloads/", 114 | "license": [ 115 | "MIT" 116 | ], 117 | "authors": [ 118 | { 119 | "name": "Taylor Otwell", 120 | "email": "taylor@laravel.com" 121 | } 122 | ], 123 | "description": "The Illuminate Cache package.", 124 | "homepage": "https://laravel.com", 125 | "time": "2016-09-21 17:27:09" 126 | }, 127 | { 128 | "name": "illuminate/console", 129 | "version": "dev-master", 130 | "source": { 131 | "type": "git", 132 | "url": "https://github.com/illuminate/console.git", 133 | "reference": "b48ca083f6524cb0e0b88d204d32189c50c612e2" 134 | }, 135 | "dist": { 136 | "type": "zip", 137 | "url": "https://api.github.com/repos/illuminate/console/zipball/b48ca083f6524cb0e0b88d204d32189c50c612e2", 138 | "reference": "b48ca083f6524cb0e0b88d204d32189c50c612e2", 139 | "shasum": "" 140 | }, 141 | "require": { 142 | "illuminate/contracts": "5.4.*", 143 | "illuminate/support": "5.4.*", 144 | "nesbot/carbon": "~1.20", 145 | "php": ">=5.6.4", 146 | "symfony/console": "3.2.*" 147 | }, 148 | "suggest": { 149 | "guzzlehttp/guzzle": "Required to use the ping methods on schedules (~5.3|~6.0).", 150 | "mtdowling/cron-expression": "Required to use scheduling component (~1.0).", 151 | "symfony/process": "Required to use scheduling component (3.2.*)." 152 | }, 153 | "type": "library", 154 | "extra": { 155 | "branch-alias": { 156 | "dev-master": "5.4-dev" 157 | } 158 | }, 159 | "autoload": { 160 | "psr-4": { 161 | "Illuminate\\Console\\": "" 162 | } 163 | }, 164 | "notification-url": "https://packagist.org/downloads/", 165 | "license": [ 166 | "MIT" 167 | ], 168 | "authors": [ 169 | { 170 | "name": "Taylor Otwell", 171 | "email": "taylor@laravel.com" 172 | } 173 | ], 174 | "description": "The Illuminate Console package.", 175 | "homepage": "https://laravel.com", 176 | "time": "2016-09-15 13:52:59" 177 | }, 178 | { 179 | "name": "illuminate/contracts", 180 | "version": "dev-master", 181 | "source": { 182 | "type": "git", 183 | "url": "https://github.com/illuminate/contracts.git", 184 | "reference": "e25f6ca62a6e0daf4a6cbbb80be84b57de74aafd" 185 | }, 186 | "dist": { 187 | "type": "zip", 188 | "url": "https://api.github.com/repos/illuminate/contracts/zipball/e25f6ca62a6e0daf4a6cbbb80be84b57de74aafd", 189 | "reference": "e25f6ca62a6e0daf4a6cbbb80be84b57de74aafd", 190 | "shasum": "" 191 | }, 192 | "require": { 193 | "php": ">=5.6.4" 194 | }, 195 | "type": "library", 196 | "extra": { 197 | "branch-alias": { 198 | "dev-master": "5.4-dev" 199 | } 200 | }, 201 | "autoload": { 202 | "psr-4": { 203 | "Illuminate\\Contracts\\": "" 204 | } 205 | }, 206 | "notification-url": "https://packagist.org/downloads/", 207 | "license": [ 208 | "MIT" 209 | ], 210 | "authors": [ 211 | { 212 | "name": "Taylor Otwell", 213 | "email": "taylor@laravel.com" 214 | } 215 | ], 216 | "description": "The Illuminate Contracts package.", 217 | "homepage": "https://laravel.com", 218 | "time": "2016-09-23 14:53:07" 219 | }, 220 | { 221 | "name": "illuminate/support", 222 | "version": "dev-master", 223 | "source": { 224 | "type": "git", 225 | "url": "https://github.com/illuminate/support.git", 226 | "reference": "096a3e8467cea791cc189b31e8f89742e07fa159" 227 | }, 228 | "dist": { 229 | "type": "zip", 230 | "url": "https://api.github.com/repos/illuminate/support/zipball/096a3e8467cea791cc189b31e8f89742e07fa159", 231 | "reference": "096a3e8467cea791cc189b31e8f89742e07fa159", 232 | "shasum": "" 233 | }, 234 | "require": { 235 | "doctrine/inflector": "~1.0", 236 | "ext-mbstring": "*", 237 | "illuminate/contracts": "5.4.*", 238 | "paragonie/random_compat": "~1.4|~2.0", 239 | "php": ">=5.6.4" 240 | }, 241 | "replace": { 242 | "tightenco/collect": "self.version" 243 | }, 244 | "suggest": { 245 | "illuminate/filesystem": "Required to use the composer class (5.2.*).", 246 | "symfony/process": "Required to use the composer class (3.2.*).", 247 | "symfony/var-dumper": "Required to use the dd function (3.2.*)." 248 | }, 249 | "type": "library", 250 | "extra": { 251 | "branch-alias": { 252 | "dev-master": "5.4-dev" 253 | } 254 | }, 255 | "autoload": { 256 | "psr-4": { 257 | "Illuminate\\Support\\": "" 258 | }, 259 | "files": [ 260 | "helpers.php" 261 | ] 262 | }, 263 | "notification-url": "https://packagist.org/downloads/", 264 | "license": [ 265 | "MIT" 266 | ], 267 | "authors": [ 268 | { 269 | "name": "Taylor Otwell", 270 | "email": "taylor@laravel.com" 271 | } 272 | ], 273 | "description": "The Illuminate Support package.", 274 | "homepage": "https://laravel.com", 275 | "time": "2016-09-21 16:44:56" 276 | }, 277 | { 278 | "name": "nesbot/carbon", 279 | "version": "dev-master", 280 | "source": { 281 | "type": "git", 282 | "url": "https://github.com/briannesbitt/Carbon.git", 283 | "reference": "7a026991092624a245d300685ce09ff5b4d110e0" 284 | }, 285 | "dist": { 286 | "type": "zip", 287 | "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/7a026991092624a245d300685ce09ff5b4d110e0", 288 | "reference": "7a026991092624a245d300685ce09ff5b4d110e0", 289 | "shasum": "" 290 | }, 291 | "require": { 292 | "php": ">=5.3.0", 293 | "symfony/translation": "~2.6|~3.0" 294 | }, 295 | "require-dev": { 296 | "friendsofphp/php-cs-fixer": "~1.11", 297 | "phpunit/phpunit": "~4.0|~5.0" 298 | }, 299 | "type": "library", 300 | "extra": { 301 | "branch-alias": { 302 | "dev-master": "1.22-dev" 303 | } 304 | }, 305 | "autoload": { 306 | "psr-4": { 307 | "Carbon\\": "src/Carbon/" 308 | } 309 | }, 310 | "notification-url": "https://packagist.org/downloads/", 311 | "license": [ 312 | "MIT" 313 | ], 314 | "authors": [ 315 | { 316 | "name": "Brian Nesbitt", 317 | "email": "brian@nesbot.com", 318 | "homepage": "http://nesbot.com" 319 | } 320 | ], 321 | "description": "A simple API extension for DateTime.", 322 | "homepage": "http://carbon.nesbot.com", 323 | "keywords": [ 324 | "date", 325 | "datetime", 326 | "time" 327 | ], 328 | "time": "2016-07-22 14:20:35" 329 | }, 330 | { 331 | "name": "paragonie/random_compat", 332 | "version": "v2.0.2", 333 | "source": { 334 | "type": "git", 335 | "url": "https://github.com/paragonie/random_compat.git", 336 | "reference": "088c04e2f261c33bed6ca5245491cfca69195ccf" 337 | }, 338 | "dist": { 339 | "type": "zip", 340 | "url": "https://api.github.com/repos/paragonie/random_compat/zipball/088c04e2f261c33bed6ca5245491cfca69195ccf", 341 | "reference": "088c04e2f261c33bed6ca5245491cfca69195ccf", 342 | "shasum": "" 343 | }, 344 | "require": { 345 | "php": ">=5.2.0" 346 | }, 347 | "require-dev": { 348 | "phpunit/phpunit": "4.*|5.*" 349 | }, 350 | "suggest": { 351 | "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." 352 | }, 353 | "type": "library", 354 | "autoload": { 355 | "files": [ 356 | "lib/random.php" 357 | ] 358 | }, 359 | "notification-url": "https://packagist.org/downloads/", 360 | "license": [ 361 | "MIT" 362 | ], 363 | "authors": [ 364 | { 365 | "name": "Paragon Initiative Enterprises", 366 | "email": "security@paragonie.com", 367 | "homepage": "https://paragonie.com" 368 | } 369 | ], 370 | "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", 371 | "keywords": [ 372 | "csprng", 373 | "pseudorandom", 374 | "random" 375 | ], 376 | "time": "2016-04-03 06:00:07" 377 | }, 378 | { 379 | "name": "psr/log", 380 | "version": "dev-master", 381 | "source": { 382 | "type": "git", 383 | "url": "https://github.com/php-fig/log.git", 384 | "reference": "607ce1d4005af32dd866c4a402459494c168d555" 385 | }, 386 | "dist": { 387 | "type": "zip", 388 | "url": "https://api.github.com/repos/php-fig/log/zipball/607ce1d4005af32dd866c4a402459494c168d555", 389 | "reference": "607ce1d4005af32dd866c4a402459494c168d555", 390 | "shasum": "" 391 | }, 392 | "require": { 393 | "php": ">=5.3.0" 394 | }, 395 | "type": "library", 396 | "extra": { 397 | "branch-alias": { 398 | "dev-master": "1.0.x-dev" 399 | } 400 | }, 401 | "autoload": { 402 | "psr-4": { 403 | "Psr\\Log\\": "Psr/Log/" 404 | } 405 | }, 406 | "notification-url": "https://packagist.org/downloads/", 407 | "license": [ 408 | "MIT" 409 | ], 410 | "authors": [ 411 | { 412 | "name": "PHP-FIG", 413 | "homepage": "http://www.php-fig.org/" 414 | } 415 | ], 416 | "description": "Common interface for logging libraries", 417 | "homepage": "https://github.com/php-fig/log", 418 | "keywords": [ 419 | "log", 420 | "psr", 421 | "psr-3" 422 | ], 423 | "time": "2016-09-25 13:41:54" 424 | }, 425 | { 426 | "name": "symfony/console", 427 | "version": "dev-master", 428 | "source": { 429 | "type": "git", 430 | "url": "https://github.com/symfony/console.git", 431 | "reference": "03d010b5b2242ce065ffb0f3f15a218f8137eb4c" 432 | }, 433 | "dist": { 434 | "type": "zip", 435 | "url": "https://api.github.com/repos/symfony/console/zipball/03d010b5b2242ce065ffb0f3f15a218f8137eb4c", 436 | "reference": "03d010b5b2242ce065ffb0f3f15a218f8137eb4c", 437 | "shasum": "" 438 | }, 439 | "require": { 440 | "php": ">=5.5.9", 441 | "symfony/debug": "~2.8|~3.0", 442 | "symfony/polyfill-mbstring": "~1.0" 443 | }, 444 | "require-dev": { 445 | "psr/log": "~1.0", 446 | "symfony/event-dispatcher": "~2.8|~3.0", 447 | "symfony/filesystem": "~2.8|~3.0", 448 | "symfony/process": "~2.8|~3.0" 449 | }, 450 | "suggest": { 451 | "psr/log": "For using the console logger", 452 | "symfony/event-dispatcher": "", 453 | "symfony/filesystem": "", 454 | "symfony/process": "" 455 | }, 456 | "type": "library", 457 | "extra": { 458 | "branch-alias": { 459 | "dev-master": "3.2-dev" 460 | } 461 | }, 462 | "autoload": { 463 | "psr-4": { 464 | "Symfony\\Component\\Console\\": "" 465 | }, 466 | "exclude-from-classmap": [ 467 | "/Tests/" 468 | ] 469 | }, 470 | "notification-url": "https://packagist.org/downloads/", 471 | "license": [ 472 | "MIT" 473 | ], 474 | "authors": [ 475 | { 476 | "name": "Fabien Potencier", 477 | "email": "fabien@symfony.com" 478 | }, 479 | { 480 | "name": "Symfony Community", 481 | "homepage": "https://symfony.com/contributors" 482 | } 483 | ], 484 | "description": "Symfony Console Component", 485 | "homepage": "https://symfony.com", 486 | "time": "2016-09-28 00:11:20" 487 | }, 488 | { 489 | "name": "symfony/debug", 490 | "version": "dev-master", 491 | "source": { 492 | "type": "git", 493 | "url": "https://github.com/symfony/debug.git", 494 | "reference": "767b64d3c3346136403a39fe5bfc037e1a85bee7" 495 | }, 496 | "dist": { 497 | "type": "zip", 498 | "url": "https://api.github.com/repos/symfony/debug/zipball/767b64d3c3346136403a39fe5bfc037e1a85bee7", 499 | "reference": "767b64d3c3346136403a39fe5bfc037e1a85bee7", 500 | "shasum": "" 501 | }, 502 | "require": { 503 | "php": ">=5.5.9", 504 | "psr/log": "~1.0" 505 | }, 506 | "conflict": { 507 | "symfony/http-kernel": ">=2.3,<2.3.24|~2.4.0|>=2.5,<2.5.9|>=2.6,<2.6.2" 508 | }, 509 | "require-dev": { 510 | "symfony/class-loader": "~2.8|~3.0", 511 | "symfony/http-kernel": "~2.8|~3.0" 512 | }, 513 | "type": "library", 514 | "extra": { 515 | "branch-alias": { 516 | "dev-master": "3.2-dev" 517 | } 518 | }, 519 | "autoload": { 520 | "psr-4": { 521 | "Symfony\\Component\\Debug\\": "" 522 | }, 523 | "exclude-from-classmap": [ 524 | "/Tests/" 525 | ] 526 | }, 527 | "notification-url": "https://packagist.org/downloads/", 528 | "license": [ 529 | "MIT" 530 | ], 531 | "authors": [ 532 | { 533 | "name": "Fabien Potencier", 534 | "email": "fabien@symfony.com" 535 | }, 536 | { 537 | "name": "Symfony Community", 538 | "homepage": "https://symfony.com/contributors" 539 | } 540 | ], 541 | "description": "Symfony Debug Component", 542 | "homepage": "https://symfony.com", 543 | "time": "2016-09-16 13:37:46" 544 | }, 545 | { 546 | "name": "symfony/polyfill-mbstring", 547 | "version": "dev-master", 548 | "source": { 549 | "type": "git", 550 | "url": "https://github.com/symfony/polyfill-mbstring.git", 551 | "reference": "53ad9faffe141fbe8f98cd6a7fd9a5e84513f56c" 552 | }, 553 | "dist": { 554 | "type": "zip", 555 | "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/53ad9faffe141fbe8f98cd6a7fd9a5e84513f56c", 556 | "reference": "53ad9faffe141fbe8f98cd6a7fd9a5e84513f56c", 557 | "shasum": "" 558 | }, 559 | "require": { 560 | "php": ">=5.3.3" 561 | }, 562 | "suggest": { 563 | "ext-mbstring": "For best performance" 564 | }, 565 | "type": "library", 566 | "extra": { 567 | "branch-alias": { 568 | "dev-master": "1.2-dev" 569 | } 570 | }, 571 | "autoload": { 572 | "psr-4": { 573 | "Symfony\\Polyfill\\Mbstring\\": "" 574 | }, 575 | "files": [ 576 | "bootstrap.php" 577 | ] 578 | }, 579 | "notification-url": "https://packagist.org/downloads/", 580 | "license": [ 581 | "MIT" 582 | ], 583 | "authors": [ 584 | { 585 | "name": "Nicolas Grekas", 586 | "email": "p@tchwork.com" 587 | }, 588 | { 589 | "name": "Symfony Community", 590 | "homepage": "https://symfony.com/contributors" 591 | } 592 | ], 593 | "description": "Symfony polyfill for the Mbstring extension", 594 | "homepage": "https://symfony.com", 595 | "keywords": [ 596 | "compatibility", 597 | "mbstring", 598 | "polyfill", 599 | "portable", 600 | "shim" 601 | ], 602 | "time": "2016-08-30 17:06:17" 603 | }, 604 | { 605 | "name": "symfony/translation", 606 | "version": "dev-master", 607 | "source": { 608 | "type": "git", 609 | "url": "https://github.com/symfony/translation.git", 610 | "reference": "460390765eb7bb9338a4a323b8a4e815a47541ba" 611 | }, 612 | "dist": { 613 | "type": "zip", 614 | "url": "https://api.github.com/repos/symfony/translation/zipball/460390765eb7bb9338a4a323b8a4e815a47541ba", 615 | "reference": "460390765eb7bb9338a4a323b8a4e815a47541ba", 616 | "shasum": "" 617 | }, 618 | "require": { 619 | "php": ">=5.5.9", 620 | "symfony/polyfill-mbstring": "~1.0" 621 | }, 622 | "conflict": { 623 | "symfony/config": "<2.8" 624 | }, 625 | "require-dev": { 626 | "psr/log": "~1.0", 627 | "symfony/config": "~2.8|~3.0", 628 | "symfony/intl": "~2.8|~3.0", 629 | "symfony/yaml": "~2.8|~3.0" 630 | }, 631 | "suggest": { 632 | "psr/log": "To use logging capability in translator", 633 | "symfony/config": "", 634 | "symfony/yaml": "" 635 | }, 636 | "type": "library", 637 | "extra": { 638 | "branch-alias": { 639 | "dev-master": "3.2-dev" 640 | } 641 | }, 642 | "autoload": { 643 | "psr-4": { 644 | "Symfony\\Component\\Translation\\": "" 645 | }, 646 | "exclude-from-classmap": [ 647 | "/Tests/" 648 | ] 649 | }, 650 | "notification-url": "https://packagist.org/downloads/", 651 | "license": [ 652 | "MIT" 653 | ], 654 | "authors": [ 655 | { 656 | "name": "Fabien Potencier", 657 | "email": "fabien@symfony.com" 658 | }, 659 | { 660 | "name": "Symfony Community", 661 | "homepage": "https://symfony.com/contributors" 662 | } 663 | ], 664 | "description": "Symfony Translation Component", 665 | "homepage": "https://symfony.com", 666 | "time": "2016-09-21 17:16:56" 667 | } 668 | ], 669 | "packages-dev": [], 670 | "aliases": [], 671 | "minimum-stability": "dev", 672 | "stability-flags": [], 673 | "prefer-stable": false, 674 | "prefer-lowest": false, 675 | "platform": [], 676 | "platform-dev": [] 677 | } 678 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | ## NTRUST Multi-User Roles & Permissions (Laravel 5.4) 2 | 3 | Ntrust is a succinct and flexible way to add Role-based Permissions to **Laravel 5.4**. 4 | 5 | **Original Package:** https://github.com/Zizaco/entrust 6 | 7 | ## Contents 8 | 9 | - [Installation](#installation) 10 | - [Configuration](#configuration) 11 | - [User relation to roles](#user-relation-to-roles) 12 | - [Models](#models) 13 | - [Role](#role) 14 | - [Permission](#permission) 15 | - [User](#user) 16 | - [Soft Deleting](#soft-deleting) 17 | - [Usage](#usage) 18 | - [Concepts](#concepts) 19 | - [Checking for Roles & Permissions](#checking-for-roles--permissions) 20 | - [User ability](#user-ability) 21 | - [Blade templates](#blade-templates) 22 | - [Middleware](#middleware) 23 | - [Short syntax route filter](#short-syntax-route-filter) 24 | - [Route filter](#route-filter) 25 | - [Troubleshooting](#troubleshooting) 26 | - [License](#license) 27 | - [Contribution guidelines](#contribution-guidelines) 28 | - [Additional information](#additional-information) 29 | 30 | ## Installation 31 | 32 | In order to install Laravel 5 Ntrust, just add 33 | 34 | "klaravel/ntrust": "1.1.*" 35 | 36 | to your composer.json. Then run `composer install` or `composer update`. 37 | 38 | or you can run the `composer require` command from your terminal: 39 | 40 | composer require klaravel/ntrust 41 | 42 | Then in your `config/app.php` add 43 | ```php 44 | Klaravel\Ntrust\NtrustServiceProvider::class, 45 | ``` 46 | in the `providers` array and 47 | ```php 48 | 'Ntrust' => Klaravel\Ntrust\NtrustFacade::class, 49 | ``` 50 | to the `aliases` array. 51 | 52 | If you are going to use [Middleware](#middleware) (requires Laravel 5.1 or later) you also need to add 53 | ```php 54 | 'role' => \Klaravel\Ntrust\Middleware\NtrustRole::class, 55 | 'permission' => \Klaravel\Ntrust\Middleware\NtrustPermission::class, 56 | 'ability' => \Klaravel\Ntrust\Middleware\NtrustAbility::class, 57 | ``` 58 | to `routeMiddleware` array in `app/Http/Kernel.php`. 59 | 60 | ## Configuration 61 | 62 | Just use `php artisan vendor:publish` and a `ntrust.php` file will be created in your app/config directory. 63 | 64 | See that file to get more detail like how to add multiple users. 65 | Default we added two users example like normal `user` and `admin`. 66 | 67 | ### User relation to roles 68 | 69 | Now generate the Ntrust migration: 70 | 71 | ```bash 72 | php artisan ntrust:migration {name} 73 | ``` 74 | 75 | Profile `{name}` name of profile which you have in file `config/ntrust.php` section `profiles`. 76 | 77 | It will generate the `__ntrust_setup_tables.php` migration. 78 | You may now run it with the artisan migrate command: 79 | 80 | ```bash 81 | php artisan migrate 82 | ``` 83 | 84 | After the migration, four new tables will be present like below or whatever you have entered table name in `config/ntrust.php` configuration file. 85 | - `roles` — stores role records 86 | - `permissions` — stores permission records 87 | - `role_user` — stores [many-to-many](http://laravel.com/docs/4.2/eloquent#many-to-many) relations between roles and users 88 | - `permission_role` — stores [many-to-many](http://laravel.com/docs/4.2/eloquent#many-to-many) relations between roles and permissions 89 | 90 | ### Models 91 | 92 | #### Role 93 | 94 | Create a Role model inside `app/Role.php` using the following example: 95 | 96 | ```php 97 | delete(); // This will work no matter what 191 | 192 | // Force Delete 193 | $role->users()->sync([]); // Delete relationship data 194 | $role->perms()->sync([]); // Delete relationship data 195 | 196 | $role->forceDelete(); // Now force delete will work regardless of whether the pivot table has cascading delete 197 | ``` 198 | 199 | ## Usage 200 | 201 | ### Concepts 202 | Let's start by creating the following `Role`s and `Permission`s: 203 | 204 | ```php 205 | $owner = new Role(); 206 | $owner->name = 'owner'; 207 | $owner->display_name = 'Project Owner'; // optional 208 | $owner->description = 'User is the owner of a given project'; // optional 209 | $owner->save(); 210 | 211 | $admin = new Role(); 212 | $admin->name = 'admin'; 213 | $admin->display_name = 'User Administrator'; // optional 214 | $admin->description = 'User is allowed to manage and edit other users'; // optional 215 | $admin->save(); 216 | ``` 217 | 218 | Next, with both roles created let's assign them to the users. 219 | Thanks to the `HasRole` trait this is as easy as: 220 | 221 | ```php 222 | $user = User::where('username', '=', 'michele')->first(); 223 | 224 | // role attach alias 225 | $user->attachRole($admin); // parameter can be an Role object, array, or id 226 | 227 | // or eloquent's original technique 228 | $user->roles()->attach($admin->id); // id only 229 | ``` 230 | 231 | Now we just need to add permissions to those Roles: 232 | 233 | ```php 234 | $createPost = new Permission(); 235 | $createPost->name = 'create-post'; 236 | $createPost->display_name = 'Create Posts'; // optional 237 | // Allow a user to... 238 | $createPost->description = 'create new blog posts'; // optional 239 | $createPost->save(); 240 | 241 | $editUser = new Permission(); 242 | $editUser->name = 'edit-user'; 243 | $editUser->display_name = 'Edit Users'; // optional 244 | // Allow a user to... 245 | $editUser->description = 'edit existing users'; // optional 246 | $editUser->save(); 247 | 248 | $admin->attachPermission($createPost); 249 | // equivalent to $admin->perms()->sync(array($createPost->id)); 250 | 251 | $owner->attachPermissions(array($createPost, $editUser)); 252 | // equivalent to $owner->perms()->sync(array($createPost->id, $editUser->id)); 253 | ``` 254 | 255 | #### Checking for Roles & Permissions 256 | 257 | Now we can check for roles and permissions simply by doing: 258 | 259 | ```php 260 | $user->hasRole('owner'); // false 261 | $user->hasRole('admin'); // true 262 | $user->can('edit-user'); // false 263 | $user->can('create-post'); // true 264 | ``` 265 | 266 | Both `hasRole()` and `can()` can receive an array of roles & permissions to check: 267 | 268 | ```php 269 | $user->hasRole(['owner', 'admin']); // true 270 | $user->can(['edit-user', 'create-post']); // true 271 | ``` 272 | 273 | By default, if any of the roles or permissions are present for a user then the method will return true. 274 | Passing `true` as a second parameter instructs the method to require **all** of the items: 275 | 276 | ```php 277 | $user->hasRole(['owner', 'admin']); // true 278 | $user->hasRole(['owner', 'admin'], true); // false, user does not have admin role 279 | $user->can(['edit-user', 'create-post']); // true 280 | $user->can(['edit-user', 'create-post'], true); // false, user does not have edit-user permission 281 | ``` 282 | 283 | You can have as many `Role`s as you want for each `User` and vice versa. 284 | 285 | The `Ntrust` class has shortcuts to both `can()` and `hasRole()` for the currently logged in user: 286 | 287 | ```php 288 | Ntrust::hasRole('role-name'); 289 | Ntrust::can('permission-name'); 290 | 291 | // is identical to 292 | 293 | Auth::user()->hasRole('role-name'); 294 | Auth::user()->can('permission-name); 295 | ``` 296 | 297 | You can also use placeholders (wildcards) to check any matching permission by doing: 298 | 299 | ```php 300 | // match any admin permission 301 | $user->can("admin.*"); // true 302 | 303 | // match any permission about users 304 | $user->can("*_users"); // true 305 | ``` 306 | 307 | 308 | #### User ability 309 | 310 | More advanced checking can be done using the awesome `ability` function. 311 | It takes in three parameters (roles, permissions, options): 312 | - `roles` is a set of roles to check. 313 | - `permissions` is a set of permissions to check. 314 | 315 | Either of the roles or permissions variable can be a comma separated string or array: 316 | 317 | ```php 318 | $user->ability(array('admin', 'owner'), array('create-post', 'edit-user')); 319 | 320 | // or 321 | 322 | $user->ability('admin,owner', 'create-post,edit-user'); 323 | ``` 324 | 325 | This will check whether the user has any of the provided roles and permissions. 326 | In this case it will return true since the user is an `admin` and has the `create-post` permission. 327 | 328 | The third parameter is an options array: 329 | 330 | ```php 331 | $options = array( 332 | 'validate_all' => true | false (Default: false), 333 | 'return_type' => boolean | array | both (Default: boolean) 334 | ); 335 | ``` 336 | 337 | - `validate_all` is a boolean flag to set whether to check all the values for true, or to return true if at least one role or permission is matched. 338 | - `return_type` specifies whether to return a boolean, array of checked values, or both in an array. 339 | 340 | Here is an example output: 341 | 342 | ```php 343 | $options = array( 344 | 'validate_all' => true, 345 | 'return_type' => 'both' 346 | ); 347 | 348 | list($validate, $allValidations) = $user->ability( 349 | array('admin', 'owner'), 350 | array('create-post', 'edit-user'), 351 | $options 352 | ); 353 | 354 | var_dump($validate); 355 | // bool(false) 356 | 357 | var_dump($allValidations); 358 | // array(4) { 359 | // ['role'] => bool(true) 360 | // ['role_2'] => bool(false) 361 | // ['create-post'] => bool(true) 362 | // ['edit-user'] => bool(false) 363 | // } 364 | 365 | ``` 366 | The `Ntrust` class has a shortcut to `ability()` for the currently logged in user: 367 | 368 | ```php 369 | Ntrust::ability('admin,owner', 'create-post,edit-user'); 370 | 371 | // is identical to 372 | 373 | Auth::user()->ability('admin,owner', 'create-post,edit-user'); 374 | ``` 375 | 376 | ### Blade templates 377 | 378 | Three directives are available for use within your Blade templates. What you give as the directive arguments will be directly passed to the corresponding `Ntrust` function. 379 | 380 | ```php 381 | @role('admin') 382 |

This is visible to users with the admin role. Gets translated to 383 | \Ntrust::role('admin')

384 | @endrole 385 | 386 | @permission('manage-admins') 387 |

This is visible to users with the given permissions. Gets translated to 388 | \Ntrust::can('manage-admins'). The @can directive is already taken by core 389 | laravel authorization package, hence the @permission directive instead.

390 | @endpermission 391 | 392 | @ability('admin,owner', 'create-post,edit-user') 393 |

This is visible to users with the given abilities. Gets translated to 394 | \Ntrust::ability('admin,owner', 'create-post,edit-user')

395 | @endability 396 | ``` 397 | 398 | ### Middleware 399 | 400 | You can use a middleware to filter routes and route groups by permission or role 401 | ```php 402 | Route::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function() { 403 | Route::get('/', 'AdminController@welcome'); 404 | Route::get('/manage', ['middleware' => ['permission:manage-admins'], 'uses' => 'AdminController@manageAdmins']); 405 | }); 406 | ``` 407 | 408 | It is possible to use pipe symbol as *OR* operator: 409 | ```php 410 | 'middleware' => ['role:admin|root'] 411 | ``` 412 | 413 | To emulate *AND* functionality just use multiple instances of middleware 414 | ```php 415 | 'middleware' => ['permission:owner', 'permission:writer'] 416 | ``` 417 | 418 | For more complex situations use `ability` middleware which accepts 3 parameters: roles, permissions, validate_all 419 | ```php 420 | 'middleware' => ['ability:admin|owner,create-post|edit-user,true'] 421 | ``` 422 | 423 | ### Short syntax route filter 424 | 425 | To filter a route by permission or role you can call the following in your `app/Http/routes.php`: 426 | 427 | ```php 428 | // only users with roles that have the 'manage_posts' permission will be able to access any route within admin/post 429 | Ntrust::routeNeedsPermission('admin/post*', 'create-post'); 430 | 431 | // only owners will have access to routes within admin/advanced 432 | Ntrust::routeNeedsRole('admin/advanced*', 'owner'); 433 | 434 | // optionally the second parameter can be an array of permissions or roles 435 | // user would need to match all roles or permissions for that route 436 | Ntrust::routeNeedsPermission('admin/post*', array('create-post', 'edit-comment')); 437 | Ntrust::routeNeedsRole('admin/advanced*', array('owner','writer')); 438 | ``` 439 | 440 | Both of these methods accept a third parameter. 441 | If the third parameter is null then the return of a prohibited access will be `App::abort(403)`, otherwise the third parameter will be returned. 442 | So you can use it like: 443 | 444 | ```php 445 | Ntrust::routeNeedsRole('admin/advanced*', 'owner', Redirect::to('/home')); 446 | ``` 447 | 448 | Furthermore both of these methods accept a fourth parameter. 449 | It defaults to true and checks all roles/permissions given. 450 | If you set it to false, the function will only fail if all roles/permissions fail for that user. 451 | Useful for admin applications where you want to allow access for multiple groups. 452 | 453 | ```php 454 | // if a user has 'create-post', 'edit-comment', or both they will have access 455 | Ntrust::routeNeedsPermission('admin/post*', array('create-post', 'edit-comment'), null, false); 456 | 457 | // if a user is a member of 'owner', 'writer', or both they will have access 458 | Ntrust::routeNeedsRole('admin/advanced*', array('owner','writer'), null, false); 459 | 460 | // if a user is a member of 'owner', 'writer', or both, or user has 'create-post', 'edit-comment' they will have access 461 | // if the 4th parameter is true then the user must be a member of Role and must have Permission 462 | Ntrust::routeNeedsRoleOrPermission( 463 | 'admin/advanced*', 464 | array('owner', 'writer'), 465 | array('create-post', 'edit-comment'), 466 | null, 467 | false 468 | ); 469 | ``` 470 | 471 | ### Route filter 472 | 473 | Ntrust roles/permissions can be used in filters by simply using the `can` and `hasRole` methods from within the Facade: 474 | 475 | ```php 476 | Route::filter('manage_posts', function() 477 | { 478 | // check the current user 479 | if (!Ntrust::can('create-post')) { 480 | return Redirect::to('admin'); 481 | } 482 | }); 483 | 484 | // only users with roles that have the 'manage_posts' permission will be able to access any admin/post route 485 | Route::when('admin/post*', 'manage_posts'); 486 | ``` 487 | 488 | Using a filter to check for a role: 489 | 490 | ```php 491 | Route::filter('owner_role', function() 492 | { 493 | // check the current user 494 | if (!Ntrust::hasRole('Owner')) { 495 | App::abort(403); 496 | } 497 | }); 498 | 499 | // only owners will have access to routes within admin/advanced 500 | Route::when('admin/advanced*', 'owner_role'); 501 | ``` 502 | 503 | As you can see `Ntrust::hasRole()` and `Ntrust::can()` checks if the user is logged in, and then if he or she has the role or permission. 504 | If the user is not logged the return will also be `false`. 505 | 506 | ## Troubleshooting 507 | 508 | If you encounter an error when doing the migration that looks like: 509 | 510 | ``` 511 | SQLSTATE[HY000]: General error: 1005 Can't create table 'laravelbootstrapstarter.#sql-42c_f8' (errno: 150) 512 | (SQL: alter table `role_user` add constraint role_user_user_id_foreign foreign key (`user_id`) 513 | references `users` (`id`)) (Bindings: array ()) 514 | ``` 515 | 516 | Then it's likely that the `id` column in your user table does not match the `user_id` column in `role_user`. 517 | Make sure both are `INT(10)`. 518 | 519 | When trying to use the NtrustUserTrait methods, you encounter the error which looks like 520 | 521 | Class name must be a valid object or a string 522 | 523 | then probably you don't have published Ntrust assets or something went wrong when you did it. 524 | First of all check that you have the `ntrust.php` file in your `app/config` directory. 525 | If you don't, then try `php artisan vendor:publish` and, if it does not appear, manually copy the `/vendor/klaravel/ntrust/src/config/config.php` file in your config directory and rename it `ntrust.php`. 526 | 527 | ## License 528 | 529 | Ntrust is free software distributed under the terms of the MIT license. 530 | 531 | ## Contribution guidelines 532 | 533 | Support follows PSR-1 and PSR-4 PHP coding standards, and semantic versioning. 534 | 535 | Please report any issue you find in the issues page. 536 | Pull requests are welcome. 537 | -------------------------------------------------------------------------------- /src/Ntrust/Commands/MigrationCommand.php: -------------------------------------------------------------------------------- 1 | profile = $this->argument('profile'); 37 | 38 | // check valid profile 39 | if (!Config::get('ntrust.profiles.' . $this->profile)) 40 | { 41 | $this->error('Invalid profile. Please check profiles in config/ntrust.php'); 42 | return; 43 | } 44 | 45 | $this->line(substr(__DIR__, 0, -8).'views'); 46 | 47 | $this->laravel->view->addNamespace('ntrust', substr(__DIR__, 0, -15).'views'); 48 | 49 | $rolesTable = Config::get('ntrust.profiles.'. $this->profile .'.roles_table'); 50 | $roleUserTable = Config::get('ntrust.profiles.'. $this->profile .'.role_user_table'); 51 | $permissionsTable = Config::get('ntrust.profiles.'. $this->profile .'.permissions_table'); 52 | $permissionRoleTable = Config::get('ntrust.profiles.'. $this->profile .'.permission_role_table'); 53 | 54 | $this->line(''); 55 | $this->info( "Tables: $rolesTable, $roleUserTable, $permissionsTable, $permissionRoleTable" ); 56 | 57 | $message = "A migration that creates '$rolesTable', '$roleUserTable', '$permissionsTable', '$permissionRoleTable'". 58 | " tables will be created in database/migrations directory"; 59 | 60 | $this->comment($message); 61 | $this->line(''); 62 | 63 | if ($this->confirm("Proceed with the migration creation? [Yes|no]", "Yes")) { 64 | 65 | $this->line(''); 66 | 67 | $this->info("Creating migration..."); 68 | if ($this->createMigration($rolesTable, $roleUserTable, $permissionsTable, $permissionRoleTable)) { 69 | 70 | $this->info("Migration successfully created!"); 71 | } else { 72 | $this->error( 73 | "Couldn't create migration.\n Check the write permissions". 74 | " within the database/migrations directory." 75 | ); 76 | } 77 | 78 | $this->line(''); 79 | 80 | } 81 | } 82 | 83 | /** 84 | * Create the migration. 85 | * 86 | * @return bool 87 | */ 88 | protected function createMigration($rolesTable, $roleUserTable, $permissionsTable, $permissionRoleTable) 89 | { 90 | $migrationFile = base_path("/database/migrations")."/".date('Y_m_d_His'). "_" . 91 | $this->profile ."_ntrust_setup_tables.php"; 92 | 93 | $usersTable = Config::get('ntrust.profiles.' . $this->profile . '.table'); 94 | $userModel = Config::get('ntrust.profiles.' . $this->profile . '.model'); 95 | $userKeyName = (new $userModel())->getKeyName(); 96 | $profile = $this->profile; 97 | 98 | $data = compact('rolesTable', 'roleUserTable', 'permissionsTable', 'permissionRoleTable', 'usersTable', 'userKeyName', 'profile'); 99 | 100 | $output = $this->laravel->view->make('ntrust::generators.migration')->with($data)->render(); 101 | 102 | if (!file_exists($migrationFile) && $fs = fopen($migrationFile, 'x')) { 103 | fwrite($fs, $output); 104 | fclose($fs); 105 | return true; 106 | } 107 | 108 | return false; 109 | } 110 | } -------------------------------------------------------------------------------- /src/Ntrust/Middleware/NtrustAbility.php: -------------------------------------------------------------------------------- 1 | guest() || !$request->user()->ability(explode('|', $roles), explode('|', $permissions), array('validate_all' => $validateAll))) { 21 | abort(403); 22 | } 23 | return $next($request); 24 | } 25 | } -------------------------------------------------------------------------------- /src/Ntrust/Middleware/NtrustPermission.php: -------------------------------------------------------------------------------- 1 | guest() || !$request->user()->can(explode('|', $permissions))) { 19 | abort(403); 20 | } 21 | return $next($request); 22 | } 23 | } -------------------------------------------------------------------------------- /src/Ntrust/Middleware/NtrustRole.php: -------------------------------------------------------------------------------- 1 | guest() || !$request->user()->hasRole(explode('|', $roles))) { 19 | abort(403); 20 | } 21 | return $next($request); 22 | } 23 | } -------------------------------------------------------------------------------- /src/Ntrust/Ntrust.php: -------------------------------------------------------------------------------- 1 | app = $app; 24 | } 25 | 26 | /** 27 | * Checks if the current user has a role by its name 28 | * 29 | * @param string $name Role name. 30 | * 31 | * @return bool 32 | */ 33 | public function hasRole($role, $requireAll = false) 34 | { 35 | if ($user = $this->user()) { 36 | return $user->hasRole($role, $requireAll); 37 | } 38 | return false; 39 | } 40 | 41 | /** 42 | * Check if the current user has a permission by its name 43 | * 44 | * @param string $permission Permission string. 45 | * 46 | * @return bool 47 | */ 48 | public function can($permission, $requireAll = false) 49 | { 50 | if ($user = $this->user()) { 51 | return $user->can($permission, $requireAll); 52 | } 53 | return false; 54 | } 55 | 56 | /** 57 | * Check if the current user has a role or permission by its name 58 | * 59 | * @param array|string $roles The role(s) needed. 60 | * @param array|string $permissions The permission(s) needed. 61 | * @param array $options The Options. 62 | * 63 | * @return bool 64 | */ 65 | public function ability($roles, $permissions, $options = []) 66 | { 67 | if ($user = $this->user()) { 68 | return $user->ability($roles, $permissions, $options); 69 | } 70 | return false; 71 | } 72 | 73 | /** 74 | * Get the currently authenticated user or null. 75 | * 76 | * @return Illuminate\Auth\UserInterface|null 77 | */ 78 | public function user() 79 | { 80 | return $this->app->auth->user(); 81 | } 82 | 83 | /** 84 | * Filters a route for a role or set of roles. 85 | * 86 | * If the third parameter is null then abort with status code 403. 87 | * Otherwise the $result is returned. 88 | * 89 | * @param string $route Route pattern. i.e: "admin/*" 90 | * @param array|string $roles The role(s) needed 91 | * @param mixed $result i.e: Redirect::to('/') 92 | * @param bool $requireAll User must have all roles 93 | * 94 | * @return mixed 95 | */ 96 | public function routeNeedsRole($route, $roles, $result = null, $requireAll = true) 97 | { 98 | $filterName = is_array($roles) ? implode('_', $roles) : $roles; 99 | $filterName .= '_'.substr(md5($route), 0, 6); 100 | $closure = function () use ($roles, $result, $requireAll) { 101 | $hasRole = $this->hasRole($roles, $requireAll); 102 | if (!$hasRole) { 103 | return empty($result) ? $this->app->abort(403) : $result; 104 | } 105 | }; 106 | // Same as Route::filter, registers a new filter 107 | $this->app->router->filter($filterName, $closure); 108 | // Same as Route::when, assigns a route pattern to the 109 | // previously created filter. 110 | $this->app->router->when($route, $filterName); 111 | } 112 | 113 | /** 114 | * Filters a route for a permission or set of permissions. 115 | * 116 | * If the third parameter is null then abort with status code 403. 117 | * Otherwise the $result is returned. 118 | * 119 | * @param string $route Route pattern. i.e: "admin/*" 120 | * @param array|string $permissions The permission(s) needed 121 | * @param mixed $result i.e: Redirect::to('/') 122 | * @param bool $requireAll User must have all permissions 123 | * 124 | * @return mixed 125 | */ 126 | public function routeNeedsPermission($route, $permissions, $result = null, $requireAll = true) 127 | { 128 | $filterName = is_array($permissions) ? implode('_', $permissions) : $permissions; 129 | $filterName .= '_'.substr(md5($route), 0, 6); 130 | $closure = function () use ($permissions, $result, $requireAll) { 131 | $hasPerm = $this->can($permissions, $requireAll); 132 | if (!$hasPerm) { 133 | return empty($result) ? $this->app->abort(403) : $result; 134 | } 135 | }; 136 | // Same as Route::filter, registers a new filter 137 | $this->app->router->filter($filterName, $closure); 138 | // Same as Route::when, assigns a route pattern to the 139 | // previously created filter. 140 | $this->app->router->when($route, $filterName); 141 | } 142 | 143 | /** 144 | * Filters a route for role(s) and/or permission(s). 145 | * 146 | * If the third parameter is null then abort with status code 403. 147 | * Otherwise the $result is returned. 148 | * 149 | * @param string $route Route pattern. i.e: "admin/*" 150 | * @param array|string $roles The role(s) needed 151 | * @param array|string $permissions The permission(s) needed 152 | * @param mixed $result i.e: Redirect::to('/') 153 | * @param bool $requireAll User must have all roles and permissions 154 | * 155 | * @return void 156 | */ 157 | public function routeNeedsRoleOrPermission($route, $roles, $permissions, $result = null, $requireAll = false) 158 | { 159 | $filterName = is_array($roles) ? implode('_', $roles) : $roles; 160 | $filterName .= '_'.(is_array($permissions) ? implode('_', $permissions) : $permissions); 161 | $filterName .= '_'.substr(md5($route), 0, 6); 162 | $closure = function () use ($roles, $permissions, $result, $requireAll) { 163 | $hasRole = $this->hasRole($roles, $requireAll); 164 | $hasPerms = $this->can($permissions, $requireAll); 165 | if ($requireAll) { 166 | $hasRolePerm = $hasRole && $hasPerms; 167 | } else { 168 | $hasRolePerm = $hasRole || $hasPerms; 169 | } 170 | if (!$hasRolePerm) { 171 | return empty($result) ? $this->app->abort(403) : $result; 172 | } 173 | }; 174 | // Same as Route::filter, registers a new filter 175 | $this->app->router->filter($filterName, $closure); 176 | // Same as Route::when, assigns a route pattern to the 177 | // previously created filter. 178 | $this->app->router->when($route, $filterName); 179 | } 180 | } 181 | 182 | -------------------------------------------------------------------------------- /src/Ntrust/NtrustFacade.php: -------------------------------------------------------------------------------- 1 | publishes($this->getPublished()); 29 | 30 | // Register blade directives 31 | $this->bladeDirectives(); 32 | } 33 | 34 | /** 35 | * Register the service provider. 36 | * 37 | * @return void 38 | */ 39 | public function register() 40 | { 41 | $this->registerNtrust(); 42 | 43 | $this->commands($this->commands); 44 | 45 | $this->mergeConfig(); 46 | } 47 | 48 | /** 49 | * Register the application bindings. 50 | * 51 | * @return void 52 | */ 53 | private function registerNtrust() 54 | { 55 | $this->app->bind('ntrust', function ($app) { 56 | return new Ntrust($app); 57 | }); 58 | 59 | $this->app->alias('ntrust', 'Klaravel\Ntrust'); 60 | } 61 | 62 | protected $commands = [ 63 | 'Klaravel\Ntrust\Commands\MigrationCommand', 64 | ]; 65 | 66 | /** 67 | * Register the blade directives 68 | * 69 | * @return void 70 | */ 71 | private function bladeDirectives() 72 | { 73 | // Call to Ntrust::hasRole 74 | \Blade::directive('role', function($expression) { 75 | return ""; 76 | }); 77 | \Blade::directive('endrole', function($expression) { 78 | return ""; 79 | }); 80 | // Call to Ntrust::can 81 | \Blade::directive('permission', function($expression) { 82 | return ""; 83 | }); 84 | \Blade::directive('endpermission', function($expression) { 85 | return ""; 86 | }); 87 | // Call to Ntrust::ability 88 | \Blade::directive('ability', function($expression) { 89 | return ""; 90 | }); 91 | \Blade::directive('endability', function($expression) { 92 | return ""; 93 | }); 94 | } 95 | 96 | /** 97 | * Get files to be published 98 | * 99 | * @return array 100 | */ 101 | protected function getPublished() 102 | { 103 | return [ 104 | realpath(__DIR__ . 105 | '/../config/ntrust.php') => 106 | (function_exists('config_path') ? 107 | config_path('ntrust.php') : 108 | base_path('config/ntrust.php')), 109 | ]; 110 | } 111 | 112 | /** 113 | * Merges user's and ntrust's configs. 114 | * 115 | * @return void 116 | */ 117 | private function mergeConfig() 118 | { 119 | $this->mergeConfigFrom( 120 | __DIR__.'/../config/ntrust.php', 'ntrust' 121 | ); 122 | } 123 | } -------------------------------------------------------------------------------- /src/Ntrust/Traits/NtrustPermissionTrait.php: -------------------------------------------------------------------------------- 1 | belongsToMany(Config::get('ntrust.profiles.' . self::$roleProfile . '.role'), 17 | Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_role_table'), 18 | Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_foreign_key'), 19 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_foreign_key') 20 | ); 21 | } 22 | 23 | /** 24 | * Trait boot method 25 | * 26 | * @return void 27 | */ 28 | protected static function bootNtrustPermissionTrait() 29 | { 30 | /** 31 | * Attach event listener to remove the many-to-many records when trying to delete 32 | * Will NOT delete any records if the permission model uses soft deletes. 33 | */ 34 | static::deleted(function($permission) 35 | { 36 | if(Cache::getStore() instanceof TaggableStore) { 37 | Cache::tags(Config::get('ntrust.profiles.' . self::$roleProfile . '.permission')) 38 | ->flush(); 39 | 40 | $permission->roles()->sync([]); 41 | } 42 | }); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/Ntrust/Traits/NtrustRoleTrait.php: -------------------------------------------------------------------------------- 1 | primaryKey; 13 | $cacheKey = 'ntrust_permissions_for_role_'.$this->$rolePrimaryKey; 14 | 15 | if (Cache::getStore() instanceof TaggableStore) { 16 | return Cache::tags(Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_role_table')) 17 | ->remember($cacheKey, Config::get('cache.ttl', 1440), function () { 18 | return $this->perms()->get(); 19 | }); 20 | } 21 | else 22 | return $this->perms()->get(); 23 | } 24 | 25 | /** 26 | * Many-to-Many relations with the user model. 27 | * 28 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 29 | */ 30 | public function users() 31 | { 32 | return $this->belongsToMany( 33 | Config::get('ntrust.profiles.' . self::$roleProfile . '.model'), 34 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_user_table'), 35 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_foreign_key'), 36 | Config::get('ntrust.profiles.' . self::$roleProfile . '.user_foreign_key')); 37 | } 38 | 39 | /** 40 | * Many-to-Many relations with the permission model. 41 | * Named "perms" for backwards compatibility. Also because "perms" is short and sweet. 42 | * 43 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 44 | */ 45 | public function perms() 46 | { 47 | return $this->belongsToMany( 48 | Config::get('ntrust.profiles.' . self::$roleProfile . '.permission'), 49 | Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_role_table'), 50 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_foreign_key'), 51 | Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_foreign_key')); 52 | } 53 | 54 | /** 55 | * Trait boot method 56 | * 57 | * @return void 58 | */ 59 | protected static function bootNtrustRoleTrait() 60 | { 61 | static::saved(function() { 62 | self::clearCache(); 63 | }); 64 | 65 | static::deleted(function($role) { 66 | self::clearCache($role); 67 | }); 68 | 69 | if(method_exists(self::class, 'restored')) { 70 | static::restored(function($role) { 71 | self::clearCache($role); 72 | }); 73 | } 74 | } 75 | 76 | /** 77 | * Checks if the role has a permission by its name. 78 | * 79 | * @param string|array $name Permission name or array of permission names. 80 | * @param bool $requireAll All permissions in the array are required. 81 | * 82 | * @return bool 83 | */ 84 | public function hasPermission($name, $requireAll = false) 85 | { 86 | if (is_array($name)) { 87 | foreach ($name as $permissionName) { 88 | $hasPermission = $this->hasPermission($permissionName); 89 | 90 | if ($hasPermission && !$requireAll) { 91 | return true; 92 | } elseif (!$hasPermission && $requireAll) { 93 | return false; 94 | } 95 | } 96 | 97 | // If we've made it this far and $requireAll is FALSE, then NONE of the permissions were found 98 | // If we've made it this far and $requireAll is TRUE, then ALL of the permissions were found. 99 | // Return the value of $requireAll; 100 | return $requireAll; 101 | } else { 102 | foreach ($this->cachedPermissions() as $permission) { 103 | if ($permission->name == $name) { 104 | return true; 105 | } 106 | } 107 | } 108 | 109 | return false; 110 | } 111 | 112 | /** 113 | * Save the inputted permissions. 114 | * 115 | * @param mixed $inputPermissions 116 | * 117 | * @return void 118 | */ 119 | public function savePermissions($inputPermissions) 120 | { 121 | if (!empty($inputPermissions)) { 122 | $this->perms()->sync($inputPermissions); 123 | } else { 124 | $this->perms()->detach(); 125 | } 126 | } 127 | 128 | /** 129 | * Attach permission to current role. 130 | * 131 | * @param object|array $permission 132 | * 133 | * @return void 134 | */ 135 | public function attachPermission($permission) 136 | { 137 | if (is_object($permission)) { 138 | $permission = $permission->getKey(); 139 | } 140 | 141 | if (is_array($permission)) { 142 | $permission = $permission['id']; 143 | } 144 | 145 | $this->perms()->attach($permission); 146 | 147 | self::clearCache(); 148 | } 149 | 150 | /** 151 | * Detach permission from current role. 152 | * 153 | * @param object|array $permission 154 | * 155 | * @return void 156 | */ 157 | public function detachPermission($permission) 158 | { 159 | if (is_object($permission)) 160 | $permission = $permission->getKey(); 161 | 162 | if (is_array($permission)) 163 | $permission = $permission['id']; 164 | 165 | $this->perms()->detach($permission); 166 | 167 | self::clearCache(); 168 | } 169 | 170 | /** 171 | * Attach multiple permissions to current role. 172 | * 173 | * @param mixed $permissions 174 | * 175 | * @return void 176 | */ 177 | public function attachPermissions($permissions) 178 | { 179 | foreach ($permissions as $permission) { 180 | $this->attachPermission($permission); 181 | } 182 | } 183 | 184 | /** 185 | * Detach multiple permissions from current role 186 | * 187 | * @param mixed $permissions 188 | * 189 | * @return void 190 | */ 191 | public function detachPermissions($permissions = null) 192 | { 193 | if (!$permissions) $permissions = $this->perms()->get(); 194 | 195 | foreach ($permissions as $permission) { 196 | $this->detachPermission($permission); 197 | } 198 | } 199 | 200 | /** 201 | * Clear cache 202 | */ 203 | public static function clearCache($role = null) 204 | { 205 | if(Cache::getStore() instanceof TaggableStore) { 206 | Cache::tags(Config::get('ntrust.profiles.' . self::$roleProfile . '.permission_role_table')) 207 | ->flush(); 208 | 209 | if ($role) { 210 | $role->users()->sync([]); 211 | $role->perms()->sync([]); 212 | } 213 | } 214 | } 215 | } 216 | 217 | -------------------------------------------------------------------------------- /src/Ntrust/Traits/NtrustUserTrait.php: -------------------------------------------------------------------------------- 1 | primaryKey; 14 | $cacheKey = 'ntrust_roles_for_' . self::$roleProfile . '_'.$this->$userPrimaryKey; 15 | 16 | if (Cache::getStore() instanceof TaggableStore) { 17 | return Cache::tags(Config::get('ntrust.profiles.' . self::$roleProfile . '.role_user_table')) 18 | ->remember($cacheKey, Config::get('cache.ttl', 1440), function () { 19 | return $this->roles()->get(); 20 | }); 21 | } 22 | else 23 | return $this->roles()->get(); 24 | } 25 | 26 | /** 27 | * Many-to-Many relations with Role. 28 | * 29 | * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany 30 | */ 31 | public function roles() 32 | { 33 | return $this->belongsToMany( 34 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role'), 35 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_user_table'), 36 | Config::get('ntrust.profiles.' . self::$roleProfile . '.user_foreign_key'), 37 | Config::get('ntrust.profiles.' . self::$roleProfile . '.role_foreign_key')); 38 | } 39 | 40 | /** 41 | * Trait boot method 42 | * 43 | * @return void 44 | */ 45 | protected static function bootNtrustUserTrait() 46 | { 47 | static::saved(function() 48 | { 49 | self::clearCache(); 50 | }); 51 | 52 | static::deleted(function($user) 53 | { 54 | self::clearCache($user); 55 | }); 56 | 57 | if(method_exists(self::class, 'restored')) { 58 | static::restored(function($user) 59 | { 60 | self::clearCache($user); 61 | }); 62 | } 63 | } 64 | 65 | /** 66 | * Checks if the user has a role by its name. 67 | * 68 | * @param string|array $name Role name or array of role names. 69 | * @param bool $requireAll All roles in the array are required. 70 | * 71 | * @return bool 72 | */ 73 | public function hasRole($name, $requireAll = false) 74 | { 75 | if (is_array($name)) { 76 | foreach ($name as $roleName) { 77 | $hasRole = $this->hasRole($roleName); 78 | 79 | if ($hasRole && !$requireAll) { 80 | return true; 81 | } elseif (!$hasRole && $requireAll) { 82 | return false; 83 | } 84 | } 85 | 86 | // If we've made it this far and $requireAll is FALSE, then NONE of the roles were found 87 | // If we've made it this far and $requireAll is TRUE, then ALL of the roles were found. 88 | // Return the value of $requireAll; 89 | return $requireAll; 90 | } else { 91 | foreach ($this->cachedRoles() as $role) { 92 | if ($role->name == $name) { 93 | return true; 94 | } 95 | } 96 | } 97 | 98 | return false; 99 | } 100 | 101 | /** 102 | * Check if user has a permission by its name. 103 | * 104 | * @param string|array $permission Permission string or array of permissions. 105 | * @param bool $requireAll All permissions in the array are required. 106 | * 107 | * @return bool 108 | */ 109 | public function can($permission, $requireAll = false) 110 | { 111 | if (is_array($permission)) { 112 | foreach ($permission as $permName) { 113 | $hasPerm = $this->can($permName); 114 | 115 | if ($hasPerm && !$requireAll) { 116 | return true; 117 | } elseif (!$hasPerm && $requireAll) { 118 | return false; 119 | } 120 | } 121 | 122 | // If we've made it this far and $requireAll is FALSE, then NONE of the perms were found 123 | // If we've made it this far and $requireAll is TRUE, then ALL of the perms were found. 124 | // Return the value of $requireAll; 125 | return $requireAll; 126 | } else { 127 | foreach ($this->cachedRoles() as $role) { 128 | // Validate against the Permission table 129 | foreach ($role->cachedPermissions() as $perm) { 130 | if (str_is( $permission, $perm->name) ) { 131 | return true; 132 | } 133 | } 134 | } 135 | } 136 | 137 | return false; 138 | } 139 | 140 | /** 141 | * Checks role(s) and permission(s). 142 | * 143 | * @param string|array $roles Array of roles or comma separated string 144 | * @param string|array $permissions Array of permissions or comma separated string. 145 | * @param array $options validate_all (true|false) or return_type (boolean|array|both) 146 | * 147 | * @throws \InvalidArgumentException 148 | * 149 | * @return array|bool 150 | */ 151 | public function ability($roles, $permissions, $options = []) 152 | { 153 | // Convert string to array if that's what is passed in. 154 | if (!is_array($roles)) { 155 | $roles = explode(',', $roles); 156 | } 157 | if (!is_array($permissions)) { 158 | $permissions = explode(',', $permissions); 159 | } 160 | 161 | // Set up default values and validate options. 162 | if (!isset($options['validate_all'])) { 163 | $options['validate_all'] = false; 164 | } else { 165 | if ($options['validate_all'] !== true && $options['validate_all'] !== false) { 166 | throw new InvalidArgumentException(); 167 | } 168 | } 169 | if (!isset($options['return_type'])) { 170 | $options['return_type'] = 'boolean'; 171 | } else { 172 | if ($options['return_type'] != 'boolean' && 173 | $options['return_type'] != 'array' && 174 | $options['return_type'] != 'both') { 175 | throw new InvalidArgumentException(); 176 | } 177 | } 178 | 179 | // Loop through roles and permissions and check each. 180 | $checkedRoles = []; 181 | $checkedPermissions = []; 182 | foreach ($roles as $role) { 183 | $checkedRoles[$role] = $this->hasRole($role); 184 | } 185 | foreach ($permissions as $permission) { 186 | $checkedPermissions[$permission] = $this->can($permission); 187 | } 188 | 189 | // If validate all and there is a false in either 190 | // Check that if validate all, then there should not be any false. 191 | // Check that if not validate all, there must be at least one true. 192 | if(($options['validate_all'] && !(in_array(false,$checkedRoles) || in_array(false,$checkedPermissions))) || 193 | (!$options['validate_all'] && (in_array(true,$checkedRoles) || in_array(true,$checkedPermissions)))) { 194 | $validateAll = true; 195 | } else { 196 | $validateAll = false; 197 | } 198 | 199 | // Return based on option 200 | if ($options['return_type'] == 'boolean') { 201 | return $validateAll; 202 | } elseif ($options['return_type'] == 'array') { 203 | return ['roles' => $checkedRoles, 'permissions' => $checkedPermissions]; 204 | } else { 205 | return [$validateAll, ['roles' => $checkedRoles, 'permissions' => $checkedPermissions]]; 206 | } 207 | 208 | } 209 | 210 | /** 211 | * Alias to eloquent many-to-many relation's attach() method. 212 | * 213 | * @param mixed $role 214 | */ 215 | public function attachRole($role) 216 | { 217 | if(is_object($role)) { 218 | $role = $role->getKey(); 219 | } 220 | 221 | if(is_array($role)) { 222 | $role = $role['id']; 223 | } 224 | 225 | $this->roles()->attach($role); 226 | 227 | self::clearCache(); 228 | } 229 | 230 | /** 231 | * Alias to eloquent many-to-many relation's detach() method. 232 | * 233 | * @param mixed $role 234 | */ 235 | public function detachRole($role) 236 | { 237 | if (is_object($role)) { 238 | $role = $role->getKey(); 239 | } 240 | 241 | if (is_array($role)) { 242 | $role = $role['id']; 243 | } 244 | 245 | $this->roles()->detach($role); 246 | 247 | self::clearCache(); 248 | } 249 | 250 | /** 251 | * Attach multiple roles to a user 252 | * 253 | * @param mixed $roles 254 | */ 255 | public function attachRoles($roles) 256 | { 257 | foreach ($roles as $role) { 258 | $this->attachRole($role); 259 | } 260 | } 261 | 262 | /** 263 | * Detach multiple roles from a user 264 | * 265 | * @param mixed $roles 266 | */ 267 | public function detachRoles($roles=null) 268 | { 269 | if (!$roles) $roles = $this->roles()->get(); 270 | 271 | foreach ($roles as $role) { 272 | $this->detachRole($role); 273 | } 274 | } 275 | 276 | /** 277 | * Clear cache 278 | */ 279 | public static function clearCache($user = null) 280 | { 281 | if(Cache::getStore() instanceof TaggableStore) { 282 | Cache::tags(Config::get('ntrust.profiles.' . self::$roleProfile . '.role_user_table')) 283 | ->flush(); 284 | 285 | if ($user) 286 | $user->roles()->sync([]); 287 | } 288 | } 289 | 290 | } 291 | -------------------------------------------------------------------------------- /src/config/ntrust.php: -------------------------------------------------------------------------------- 1 | [ 15 | 'profile' => 'user', 16 | ], 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Role permission profiles 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Set multiple profiles for your multiple type user profile and diffrent 24 | | role and permission for each users 25 | | 26 | | Profile name should be singular name of user/admin table name 27 | | 28 | | Example: "user", "admin" 29 | | 30 | */ 31 | 32 | 'profiles' => [ 33 | 34 | 'user' => [ 35 | 36 | /* 37 | |-------------------------------------------------------------------------- 38 | | User table name 39 | |-------------------------------------------------------------------------- 40 | */ 41 | 'table' => 'users', 42 | 43 | /* 44 | |-------------------------------------------------------------------------- 45 | | User model 46 | |-------------------------------------------------------------------------- 47 | */ 48 | 'model' => 'App\User', 49 | 50 | /* 51 | |-------------------------------------------------------------------------- 52 | | Ntrust Role Model 53 | |-------------------------------------------------------------------------- 54 | | 55 | | This is the Role model used by Ntrust to create correct relations. Update 56 | | the role if it is in a different namespace. 57 | | 58 | */ 59 | 'role' => 'App\Role', 60 | 61 | /* 62 | |-------------------------------------------------------------------------- 63 | | Ntrust Roles Table 64 | |-------------------------------------------------------------------------- 65 | | 66 | | This is the roles table used by Ntrust to save roles to the database. 67 | | 68 | */ 69 | 'roles_table' => 'roles', 70 | 71 | /* 72 | |-------------------------------------------------------------------------- 73 | | Ntrust Permission Model 74 | |-------------------------------------------------------------------------- 75 | | 76 | | This is the Permission model used by Ntrust to create correct relations. 77 | | Update the permission if it is in a different namespace. 78 | | 79 | */ 80 | 'permission' => 'App\Permission', 81 | 82 | /* 83 | |-------------------------------------------------------------------------- 84 | | Ntrust Permissions Table 85 | |-------------------------------------------------------------------------- 86 | | 87 | | This is the permissions table used by Ntrust to save permissions to the 88 | | database. 89 | | 90 | */ 91 | 'permissions_table' => 'permissions', 92 | 93 | /* 94 | |-------------------------------------------------------------------------- 95 | | Ntrust permission_role Table 96 | |-------------------------------------------------------------------------- 97 | | 98 | | This is the permission_role table used by Ntrust to save relationship 99 | | between permissions and roles to the database. 100 | | 101 | */ 102 | 'permission_role_table' => 'permission_role', 103 | 104 | /* 105 | |-------------------------------------------------------------------------- 106 | | Ntrust role_user Table 107 | |-------------------------------------------------------------------------- 108 | | 109 | | This is the role_user table used by Ntrust to save assigned roles to the 110 | | database. 111 | | 112 | */ 113 | 'role_user_table' => 'role_user', 114 | 115 | /* 116 | |-------------------------------------------------------------------------- 117 | | User Foreign key on Ntrust's role_user Table (Pivot) 118 | |-------------------------------------------------------------------------- 119 | */ 120 | 'user_foreign_key' => 'user_id', 121 | 122 | /* 123 | |-------------------------------------------------------------------------- 124 | | Role Foreign key on Ntrust's role_user and permission_role Tables (Pivot) 125 | |-------------------------------------------------------------------------- 126 | */ 127 | 'role_foreign_key' => 'role_id', 128 | 129 | /* 130 | |-------------------------------------------------------------------------- 131 | | Permission Foreign key on Ntrust's permission_role Table (Pivot) 132 | |-------------------------------------------------------------------------- 133 | */ 134 | 'permission_foreign_key' => 'permission_id', 135 | 136 | ], 137 | 138 | 'admin' => [ 139 | 140 | /* 141 | |-------------------------------------------------------------------------- 142 | | User table name 143 | |-------------------------------------------------------------------------- 144 | */ 145 | 'table' => 'admins', 146 | 147 | /* 148 | |-------------------------------------------------------------------------- 149 | | User model 150 | |-------------------------------------------------------------------------- 151 | */ 152 | 'model' => 'App\Admin', 153 | 154 | /* 155 | |-------------------------------------------------------------------------- 156 | | Ntrust Role Model 157 | |-------------------------------------------------------------------------- 158 | | 159 | | This is the Role model used by Ntrust to create correct relations. Update 160 | | the role if it is in a different namespace. 161 | | 162 | */ 163 | 'role' => 'App\AdminRole', 164 | 165 | /* 166 | |-------------------------------------------------------------------------- 167 | | Ntrust Roles Table 168 | |-------------------------------------------------------------------------- 169 | | 170 | | This is the roles table used by Ntrust to save roles to the database. 171 | | 172 | */ 173 | 'roles_table' => 'admin_roles', 174 | 175 | /* 176 | |-------------------------------------------------------------------------- 177 | | Ntrust Permission Model 178 | |-------------------------------------------------------------------------- 179 | | 180 | | This is the Permission model used by Ntrust to create correct relations. 181 | | Update the permission if it is in a different namespace. 182 | | 183 | */ 184 | 'permission' => 'App\AdminPermission', 185 | 186 | /* 187 | |-------------------------------------------------------------------------- 188 | | Ntrust Permissions Table 189 | |-------------------------------------------------------------------------- 190 | | 191 | | This is the permissions table used by Ntrust to save permissions to the 192 | | database. 193 | | 194 | */ 195 | 'permissions_table' => 'admin_permissions', 196 | 197 | /* 198 | |-------------------------------------------------------------------------- 199 | | Ntrust permission_role Table 200 | |-------------------------------------------------------------------------- 201 | | 202 | | This is the permission_role table used by Ntrust to save relationship 203 | | between permissions and roles to the database. 204 | | 205 | */ 206 | 'permission_role_table' => 'admin_permission_role', 207 | 208 | /* 209 | |-------------------------------------------------------------------------- 210 | | Ntrust role_user Table 211 | |-------------------------------------------------------------------------- 212 | | 213 | | This is the role_user table used by Ntrust to save assigned roles to the 214 | | database. 215 | | 216 | */ 217 | 'role_user_table' => 'admin_role_user', 218 | 219 | /* 220 | |-------------------------------------------------------------------------- 221 | | User Foreign key on Ntrust's role_user Table (Pivot) 222 | |-------------------------------------------------------------------------- 223 | */ 224 | 'user_foreign_key' => 'user_id', 225 | 226 | /* 227 | |-------------------------------------------------------------------------- 228 | | Role Foreign key on Ntrust's role_user and permission_role Tables (Pivot) 229 | |-------------------------------------------------------------------------- 230 | */ 231 | 'role_foreign_key' => 'role_id', 232 | 233 | /* 234 | |-------------------------------------------------------------------------- 235 | | Permission Foreign key on Ntrust's permission_role Table (Pivot) 236 | |-------------------------------------------------------------------------- 237 | */ 238 | 'permission_foreign_key' => 'permission_id', 239 | 240 | ], 241 | 242 | ], 243 | 244 | ]; -------------------------------------------------------------------------------- /src/views/generators/migration.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | use Illuminate\Database\Migrations\Migration; 4 | use Illuminate\Database\Schema\Blueprint; 5 | 6 | class {{title_case($profile)}}NtrustSetupTables extends Migration 7 | { 8 | /** 9 | * Run the migrations. 10 | * 11 | * @return void 12 | */ 13 | public function up() 14 | { 15 | // Create table for storing roles 16 | Schema::create('{{ $rolesTable }}', function (Blueprint $table) { 17 | $table->increments('id'); 18 | $table->string('name')->unique(); 19 | $table->string('display_name')->nullable(); 20 | $table->string('description')->nullable(); 21 | $table->timestamps(); 22 | }); 23 | 24 | // Create table for associating roles to users (Many-to-Many) 25 | Schema::create('{{ $roleUserTable }}', function (Blueprint $table) { 26 | $table->integer('user_id')->unsigned(); 27 | $table->integer('role_id')->unsigned(); 28 | 29 | $table->foreign('user_id')->references('{{ $userKeyName }}')->on('{{ $usersTable }}') 30 | ->onUpdate('cascade')->onDelete('cascade'); 31 | $table->foreign('role_id')->references('id')->on('{{ $rolesTable }}') 32 | ->onUpdate('cascade')->onDelete('cascade'); 33 | 34 | $table->primary(['user_id', 'role_id']); 35 | }); 36 | 37 | // Create table for storing permissions 38 | Schema::create('{{ $permissionsTable }}', function (Blueprint $table) { 39 | $table->increments('id'); 40 | $table->string('name')->unique(); 41 | $table->string('display_name')->nullable(); 42 | $table->string('description')->nullable(); 43 | $table->timestamps(); 44 | }); 45 | 46 | // Create table for associating permissions to roles (Many-to-Many) 47 | Schema::create('{{ $permissionRoleTable }}', function (Blueprint $table) { 48 | $table->integer('permission_id')->unsigned(); 49 | $table->integer('role_id')->unsigned(); 50 | 51 | $table->foreign('permission_id')->references('id')->on('{{ $permissionsTable }}') 52 | ->onUpdate('cascade')->onDelete('cascade'); 53 | $table->foreign('role_id')->references('id')->on('{{ $rolesTable }}') 54 | ->onUpdate('cascade')->onDelete('cascade'); 55 | 56 | $table->primary(['permission_id', 'role_id']); 57 | }); 58 | } 59 | 60 | /** 61 | * Reverse the migrations. 62 | * 63 | * @return void 64 | */ 65 | public function down() 66 | { 67 | Schema::drop('{{ $permissionRoleTable }}'); 68 | Schema::drop('{{ $permissionsTable }}'); 69 | Schema::drop('{{ $roleUserTable }}'); 70 | Schema::drop('{{ $rolesTable }}'); 71 | } 72 | } --------------------------------------------------------------------------------