Permission Manager

Codacy BadgeStyleCILicenseTotal DownloadsLatest Stable Version

Permission Manager dependency for Laravel Enso

Screenshot

Features

  • permissions are managed based on the user role
  • allows creating, updating and deleting of permissions for each route
  • has the access-route policy which can be used to check if the a user is authorized on a given route
  • comes with the VerifyRouteAccess middleware that checks against unauthorized access

Under the Hood

  • inside web.php there is a route for each action within the application, and each route has the name attribute defined
  • for each route where we need to have authorization checks, we must define a permission, permission which needs to have the same name as the route
  • routes are nested, the resulting name looking something like group1.group2...route
  • for each request we check the existence of the link between the user's role and the permission for the request's route
  • permissions' attributes:
    • name: see above
    • description - is human readable and is used when displaying a user's action history (on his profile page)
    • type - may be read or write and is an informative flag
    • is_default - flag which lets us know if a permission needs to be automatically allotted to any new role we create
  • for routes where we don't need to have authorization checks, permissions are not mandatory, BUT
  • if we want to log and display the users' actions, permissions become necessary, as they're used when displaying statistics
  • permissions are automatically grouped together, based on their segments, in the UI, for presentation and functional purposes, so administrators can easily configure roles

Notes

The Laravel Enso Core package comes with this package included.

Depends on:

Last Updated: 11/12/2018, 4:35:32 PM