Laravel - Gate implements permission management

With respect to permissions, I just want to say it’s complicated, complicated, complicated. But I can handle it after… Let’s take a look at permission management. Look at the picture:

1. So how? First we need to modify the service, specifically the appproviderAuthServiceProvider.php file, to complete the Gate rules.

We’ll use two static methods of Gate here. There’s Gate:: Define (), and Gate:: Denies (). We’ll see. Let’s look at the service file. First, check the boot method

public function boot(a) {
    $this->registerPolicies();  / / register
    // Call this function to get a list of all menu actions like the one above
    $permissions = $this->get_permissions(); I'll write the function down here}public function get_permissions(a) {
    return Permission::with('roles')->get();  // Find the associated user group
}
Copy the code

Let’s print out the $Permissions

It doesn’t matter if you’re not clear, keep looking at the code above

public function boot(a) {
    $this->registerPolicies();  / / register
    // Call this function to get a list of all menu actions like the one above
    $permissions = $this->get_permissions(); Let me write the function down here// Define Gate rules
    foreach($permissions as $permission) {// Perform a traversal to grant authorization rules
        //$user refers to the current user user model instance. Call the has_Permission method
        if(Gate::define($permission->name, function($user) use($permission)) {
            return $user->has_permission($permission);
            // This function is used to determine whether the current user has the permission,
            // Whether the user group corresponding to the current user has an intersection with the user group corresponding to the permission.}}})Copy the code

The problem is Gate::define ().

//Gate::define(arg1, arg2) accepts two parameters arg1, arg2.
//arg1 is the name of the permission to determine.
Arg2 is a Boolean, that is, arg2 must return a bool.
// We're getting all Boolean false with Gate::denies(arg1).
Copy the code

Let’s take a look at the has_permission method in the User model and see that it also passes an $permission.

public function has_permission($permissions) {
    // Get the user group owned by the current user:
    $user_role = $this->roles; // If you have written a many-to-many association belongsToMany
    
    // Get the lookup group of the passed $permission
    $query_role = $permission->roles; // Same as above provided you write the correlation method.

    // Next, we just need to determine whether the two intersect.
    // The current user has the permission as long as one of the user groups is the same as the corresponding user group.
    return!!!!! $query_role->intersect($user_role)->count();// Two exclamation marks can directly convert numbers into Boolean values.
}
Copy the code

Ok, so all permissions are judged, and the Gate:: Define method is documented. Our service is provided in config/app.php, so you don’t need to write it in config/app.php. Next, we write middleware. Let’s call it role-php

PHP artisan make: Middleware Role First you need to know that return $next($request) means permission to access the address. Ok, look at the code.

use Route.URL.Auth.Gate// Take what you need firstusethepublic function handle($request.Closure $next) {// return the variable $from the previous pagepreviousUrl = URL: :previous(a);// Easy to remember, right

    // If the current user is the super administrator, then all permissions are skipped
    if(Auth::user()->roles->contains('name'.'Super Administrator')) {
        return $next($request);
    }
    // Contains is a method of the collection to see if there is any ['name'=>' super administrator '] inside

    // If you want to access the background page, you can also ignore the permission
    if(Route::currentRouteName() == 'admin.index') {
        / / the Route: : currentRouteName () = "current users access the web address of the router alias
        return $next($request);
    }

    // The Gate permission is invoked
    // if the value of the field defined by the rule is false, then the condition is satisfied
    if(Gate::denies(Route::currentRouteName)) {
        // Check whether it is an Ajax request
        if($request->ajax() && ($request->getMethod() ! ='GET')) {
            // All methods that meet these two conditions must be accessed in the background
            return response()->json([
                'status'= >0.'code'= >403.'msg'= >'You do not have permission to perform this operation ~'])}else {
            // Jump to page 403 and you should know the use of this variable on the previous page
             return response()->view('admin.errors.403', compact('previousUrl')); }}}Copy the code

Oh, my god, finally finished with middleware. Register in kernel.php. Then don’t forget to prefix the routing group with the middleware alias. Something like this…

Response () method, contains() method

On the left side of the menu show hide click to follow the highlighted part is still to be continued…

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Laravel — Gate implements permission management

1. So how? First we need to modify the service, specifically the appproviderAuthServiceProvider.php file, to complete the Gate rules.

Laravel — Gate implements permission management

1. So how? First we need to modify the service, specifically the appproviderAuthServiceProvider.php file, to complete the Gate rules.

Related Posts

For everyone to see the “irresponsible” K8s entry document

The difference between pseudo-classes and pseudo-elements

North drift programmer feeling