Création des migrations
php artisan make:migration permissions
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class Permissions extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('permissions', function (Blueprint $table) {
$table->increments('id');
$table->string('permission', 32);
$table->unique('permission');
$table->string('name', 32);
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('permissions');
}
}
php artisan make:migration users_permissions
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class UsersPermissions extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('users_permissions', function (Blueprint $table) {
$table->integer('user_id')->unsigned()->index();
$table->integer('permission_id')->unsigned()->index();
$table->foreign('user_id')->references('id')->on('users')->onUpdate('cascade')->onDelete('cascade');
$table->foreign('permission_id')->references('id')->on('permissions')->onUpdate('cascade')->onDelete('cascade');
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('users_permissions');
}
}
On déploie avec
php artisan migrate
Création du middleware
php artisan make:middleware PermissionAuthorize
<?php
namespace App\Http\Middleware;
use Closure;
class PermissionAuthorize
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$permissions = $this->getRequiredRoleForRoute($request->route());
if($request->user()->hasPermission($permissions) || !$permissions)
{
return $next($request);
}
return abort(401);
}
private function getRequiredRoleForRoute($route)
{
$actions = $route->getAction();
return isset($actions['permissions']) ? $actions['permissions'] : null;
}
}
Modifier le Kernel: app/Http/Kernel.php
Ajouter 'permissions' => \App\Http\Middleware\PermissionAuthorize::class, dans les routeMiddleware
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'permissions' => \App\Http\Middleware\PermissionAuthorize::class,
];
}
Maintenant vous pouvez utiliser les permissions dans les routes.
Route::group(['middleware' => ['permissions'], 'permissions' => ['perm1']], function ()
{
Route::get('/url', 'Controller@index')->name('index');
}
Route::group(['middleware' => ['permissions'], 'permissions' => ['perm2']], function ()
{
Route::get('/url', 'Controller@index')->name('index');
}
Route::group(['middleware' => ['permissions'], 'permissions' => ['perm1', 'perm2', 'perm3', 'perm4']], function ()
{
Route::get('/url', 'Controller@index')->name('index');
}