Home >PHP Framework >Laravel >laravel installation permission management

laravel installation permission management

WBOY
WBOYOriginal
2023-05-26 14:27:371550browse

Laravel is a very popular PHP development framework. It provides many convenient tools and components that can greatly improve development efficiency. In the process of developing applications, user rights management is often required. Laravel provides a very convenient permission management function that can help us implement permission control quickly and safely.

This article will introduce the installation and configuration of Laravel permission management from the following aspects:

  1. Installing Laravel permission management components
  2. Database migration
  3. User authentication
  4. Role and permission management
  5. Middleware
  6. Route protection

1. Install Laravel permission management component

In Laravel, we can install the spatie/laravel-permission component through composer to implement permission management functions. We can execute the following command in the root directory of the project to install this component:

composer require spatie/laravel-permission

After the installation is complete, we need to add the service provider of this component in the config/app.php file:

'providers' => [
    // ...
    SpatiePermissionPermissionServiceProvider::class,
],

At the same time, add the facade of this component in the same file:

'aliases' => [
    // ...
    'Permission' => SpatiePermissionFacadesPermission::class,
    'Role' => SpatiePermissionFacadesRole::class,
],

2. Database migration

After installing the component, we need to run database migration to create permission-related tables. We can use the artisan command to generate the database migration file:

php artisan make:migration create_permission_tables

Then, open the generated migration file and add the following code:

class CreatePermissionTables extends Migration
{
    public function up()
    {
        Schema::create('permissions', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('guard_name');
            $table->timestamps();
        });

        Schema::create('roles', function (Blueprint $table) {
            $table->increments('id');
            $table->string('name');
            $table->string('guard_name');
            $table->timestamps();
        });

        Schema::create('model_has_roles', function (Blueprint $table) {
            $table->integer('role_id')->unsigned();
            $table->morphs('model');
            $table->string('model_type')->nullable();
            $table->string('guard_name');
            $table->foreign('role_id')->references('id')->on('roles')
                  ->onDelete('cascade');
            $table->primary(['role_id', 'model_id', 'model_type']);
        });

        Schema::create('model_has_permissions', function (Blueprint $table) {
            $table->integer('permission_id')->unsigned();
            $table->morphs('model');
            $table->string('model_type')->nullable();
            $table->string('guard_name');
            $table->foreign('permission_id')->references('id')->on('permissions')
                  ->onDelete('cascade');
            $table->primary(['permission_id', 'model_id', 'model_type']);
        });

        Schema::create('role_has_permissions', function (Blueprint $table) {
            $table->integer('permission_id')->unsigned();
            $table->integer('role_id')->unsigned();
            $table->string('guard_name');
            $table->foreign('permission_id')->references('id')->on('permissions')
                  ->onDelete('cascade');
            $table->foreign('role_id')->references('id')->on('roles')
                  ->onDelete('cascade');
            $table->primary(['permission_id', 'role_id']);
        });
    }

    public function down()
    {
        Schema::dropIfExists('permissions');
        Schema::dropIfExists('roles');
        Schema::dropIfExists('model_has_roles');
        Schema::dropIfExists('model_has_permissions');
        Schema::dropIfExists('role_has_permissions');
    }
}

Then, we can run the migration command:

php artisan migrate

In this way, the related tables will be created in the database.

3. User Authentication

Next, we need to implement the user authentication function in the application. Laravel has provided us with a very convenient user authentication system. We only need to run the following command:

php artisan make:auth

This command will generate a page containing user login, registration, password change and other functions. We can create and manage users through these operations.

4. Role and permission management

In Laravel permission management, roles and permissions are very important concepts. We can define user access control rules through roles and permissions.

  1. Creating roles

We can use the Role facade to create roles. For example:

use SpatiePermissionModelsRole;

$role = Role::create(['name' => 'admin']);

The above code will create a role named "admin".

  1. Create permissions

Similarly, we can use the Permission facade to create permissions:

use SpatiePermissionModelsPermission;

$permission = Permission::create(['name' => 'create posts']);

The above code will create a file called "create posts "permission.

  1. Grant permissions to roles

Now that we have roles and permissions, we also need to grant permissions to roles. We can do this using the givePermissionTo method of the role:

$role = Role::findByName('admin');
$permission = Permission::findByName('create posts');
$role->givePermissionTo($permission);
  1. Check if the user has the permission

Now that we have the role and permissions defined, we can use the Laravel permission management provided can method to check if the user has permissions. For example:

$user->can('create posts');

The above code will return a Boolean value indicating whether the current user has the "create posts" permission.

  1. Check whether the user has a role

Similarly, we can also use the hasRole method to check whether the user has a certain role. For example:

$user->hasRole('admin');

The above code will return a Boolean value indicating whether the current user has the "admin" role.

5. Middleware

We can use Laravel's middleware to protect our routes and controllers to achieve permission control. Here is the sample code:

Route::group([
    'middleware' => ['role:admin'],
], function () {
    Route::get('/admin', function () {
        //
    });
});

Route::group([
    'middleware' => ['permission:create posts'],
], function () {
    Route::get('/new-post', function () {
        //
    });
});

The above code will protect the "/admin" and "/new-post" routes and only allow access to users with the "admin" role and the "create posts" permission.

6. Route protection

Finally, we need to protect our routes and controllers. We can use the can and authorize methods to achieve this.

public function store(Request $request)
{
    $this->authorize('create', Post::class);

    // ...
}

public function edit(Request $request, Post $post)
{
    if (! $request->user()->can('edit', $post)) {
        abort(403);
    }

    // ...
}

The above code will protect the store and edit methods and only allow access to users with "create" and "edit" permissions.

Summary

In general, Laravel's permission management is very convenient and safe. We can implement permission control by installing the spatie/laravel-permission component, and use the many methods and functions provided by Laravel to manage roles and permissions. Through middleware and route protection, we can easily protect our applications and restrict user access.

The above is the detailed content of laravel installation permission management. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn