LaRbac - Package for the Laravel framework which provides management with the next data:
- Roles
- Permissions
- Assign roles for users
- laravel 8+ | 9+ | 10+
- Bootstrap 4 for styling
- JQuery
- php >= 7.3.0
- composer
Note!
Version 3.x is for laravel 8+, 9+, 10+.
Version 2.x is for laravel 6 or 7. You can use branch laravel67-rbac with 2.x versions.
Run the composer command:
composer require itstructure/laravel-rbac "~3.0.8"
Add to application config/app.php file to section providers:
Itstructure\LaRbac\RbacServiceProvider::class,Notes:
-
Make sure that a table for the users is already existing in your project.
-
Make sure that a model for the users table is already existing in your project.
Recommendation:
If you don't have any layout yet, it is useful to install for example AdminLTE or you can make your special any layout template. Cause in this package there is no a layout specially. But in config it is necessary to set it (see the next point 2 about a configure).
Let's go:
-
Publish files.
Note:
rbac.phpconfig file and seedersLaRbacDatabaseSeeder,PermissionSeeder,RoleSeedermust be published surely!-
To publish config run command:
php artisan rbac:publish --only=configIt stores config file to
configfolder. -
To publish seeders run command:
php artisan rbac:publish --only=seedersIt stores seeder files to
database/seedersfolder. -
To publish migrations run command:
php artisan rbac:publish --only=migrationsIt stores migration files to
database/migrationsfolder. -
To publish views run command:
php artisan rbac:publish --only=viewsIt stores view files to
resources/views/vendor/rbacfolder. -
To publish translations run command:
php artisan rbac:publish --only=langIt stores translation files to
resources/lang/vendor/rbacfolder. -
To publish all parts run command without
onlyargument:php artisan rbac:publish
Else you can use
--forceargument to rewrite already published files. -
-
Configure published
config/rbac.phpfile:-
set
layout. Example:'layout' => 'adminlte::page' -
change
userModelClassif it is needed to change -
set
adminUserIdwhich you wanted to be with the role of administrator. At least at the beginning stage.It is necessary for the next time system to let you go into the Rbac control panel, after you assigned an administrator role for you (Later see point 4).
-
Most likely you have to change
memberNameAttributeKey.It is to display the user name in control panel by
getMemberNameAttribute()method ofAdministrabletrait. It can be string or a callback:'memberNameAttributeKey' => function ($row) { return $row->first_name . ' ' . $row->last_name; }
-
-
Run command to run migrations and seeders:
php artisan rbac:databaseOr optional:
To run just migrations
php artisan rbac:database --only=migrateTo run just seeds
php artisan rbac:database --only=seed-
Alternative variant for seeders.
You can set published rbac
LaRbacDatabaseSeederseeder class in to a specialDatabaseSeeder:use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder { public function run() { $this->call(LaRbacDatabaseSeeder::class); } }
and run command:
php artisan db:seed.
-
-
Run command to set Admin role for user with identifier
adminUserId, defined in 2 point:php artisan rbac:admin
Notes:
-
Make sure you use a Bootstrap 4 for styling and JQuery in your application.
-
Make sure that a laravel initial factory authorization is already working in your application.
According with the Itstructure\LaRbac\Interfaces\RbacUserInterface use functions from Itstructure\LaRbac\Traits\Administrable trait as in example:
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Itstructure\LaRbac\Interfaces\RbacUserInterface;
use Itstructure\LaRbac\Traits\Administrable;class User extends Authenticatable implements RbacUserInterface
{
use Notifiable, Administrable;
protected $fillable = [
'name', 'email', 'password', 'roles'
];
protected $hidden = [
'password', 'remember_token',
];
}There are already integrated base RBAC routes to manage users, roles and permissions. See in routes.php package file.
They are guarded by the next:
- middleware
auth(editable by config). - permission
can:administrate(editable by config).
This routes allow you to go to the next routes:
-
Users section
For get request method
http://example-domain.com/rbac/usershttp://example-domain.com/rbac/users/show/{id}http://example-domain.com/rbac/users/edit/{id}
For post request method
http://example-domain.com/rbac/users/update/{id}http://example-domain.com/rbac/users/delete
-
Roles section
For get request method
http://example-domain.com/rbac/roleshttp://example-domain.com/rbac/roles/show/{id}http://example-domain.com/rbac/roles/createhttp://example-domain.com/rbac/roles/edit/{role}
For post request method
http://example-domain.com/rbac/roles/storehttp://example-domain.com/rbac/roles/update/{role}http://example-domain.com/rbac/roles/delete
-
Permissions section
For get request method
http://example-domain.com/rbac/permissionshttp://example-domain.com/rbac/permissions/show/{id}http://example-domain.com/rbac/permissions/createhttp://example-domain.com/rbac/permissions/edit/{permission}
For post request method
http://example-domain.com/rbac/permissions/storehttp://example-domain.com/rbac/permissions/update/{permission}http://example-domain.com/rbac/permissions/delete
There are already integrated base RBAC gates to access control in your application to some of the resources. See provider file RbacAuthServiceProvider.php.
It provides the next gate definitions:
administrateassign-roledelete-memberview-recordcreate-recordupdate-recorddelete-recordpublish-record
Read more in Laravel gates
Users
Roles
Permissions
Copyright © 2018-2023 Andrey Girnik [email protected].
Licensed under the MIT license. See LICENSE.txt for details.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent