Download pdf - Simple acl with laravel

Simple ACL with LaravelBased on the tutorial by Ollie Read http://ollieread.com/blog/2014/03/18/a-simplified-laravel-acl/

Migrations

php artisan migrate:make create_acl_groups_table

<?php

use Illuminate\Database\Schema\Blueprint;use Illuminate\Database\Migrations\Migration;

class CreateAclGroupsTable extends Migration {

/** * Run the migrations. * * @return void */public function up(){

//Schema::create('acl_groups', function ($table){

$table->increments('id');$table->string('name', 50);$table->string('description', 255);

});}

/** * Reverse the migrations. * * @return void */public function down(){

//Schema::drop('acl_groups');

}

}

php artisan migrate:make create_acl_permissions_table

<?php


class CreateAclPermissionsTable extends Migration {


//Schema::create('acl_permissions', function($table){

$table->increments('id');$table->string('ident', 255);$table->string('description', 255);

});}


//Schema::drop('acl_permissions');

}

}

php artisan migrate:make create_acl_group_permissions_table

<?php


class CreateAclGroupPermissionsTable extends Migration {

/** * Run the migrations. * * @return void */public function up()

{//Schema::create('acl_group_permissions', function($table){

$table->integer('group_id', false);$table->integer('permission_id', false);

});}


//Schema::drop('acl_group_permissions');

}

}

php artisan migrate:make create acl_user_groups_table

<?php


class CreateAclUserGroupsTable extends Migration {


//Schema::create('acl_user_groups', function($table){

$table->integer('user_id', false);$table->integer('group_id', false);

});}

/** * Reverse the migrations. * * @return void */

public function down(){

//Schema::drop('acl_user_groups');

}

}

Models

AclGroup.php

<?php

class AclGroup extends Eloquent {protected $table = 'acl_groups';protected $fillable = array('name', 'description');

public $timestamps = false;

public function users() {return $this->belongsToMany('User', 'acl_user_groups', 'group_id', 'user_id');

}

public function permissions() {return $this->belongsToMany('AclPermission', 'acl_group_permissions', 'group_id',

'permission_id');}

}

AclPermission.php

<?php

class AclPermission extends Eloquent {protected $table = 'acl_permissions';protected $fillable = array('ident', 'description');public $timestamps = false;

public function groups(){return $this->belongsToMany('AclGroup', 'acl_group_permissions', 'group_id',

'permission_id');}

public function getKey(){

return $this->attributes['ident'];}

}

AclPermitted.php

<?phpclass AclPermittedFilter {

public function filter($route, $request){$user = Auth::user();$user->load('groups', 'groups.permissions');$permitted = false;

foreach($user->groups as $group){if ( $group->permissions->contains($route->getName()) ){

$permitted = true;break;

}}

if (!$permitted) {return Redirect::route('user.denied');

}}

public static function checkPermission($route){

$user = Auth::user();$user->load('groups', 'groups.permissions');$permitted = false;

foreach($user->groups as $group){if ( $group->permissions->contains($route) ){

$permitted = true;break;

}}

return $permitted;}

}

Sample Usage

routes.php

Route::filter('acl.permitted', 'AclPermittedFilter');

Route::group(array('prefix'=>'user'), function () {

Route::get('supersecret', array('before'=> ['auth.ldap', 'acl.permitted'],'as' => 'user.supersecret','uses' => 'UserController@supersecret'));

Route::get('denied', array('as' => 'user.denied','uses' => 'UserController@denied'));

});

From a view

@if ( AclPermittedFilter::checkPermission('user.supersecret') )<h5> You are allowed to view secret stuff</h5>

@endif