Happy Coder
Reputation: 4682
Role based ACL in Laravel
I am implementing a role based ACL for an API and I have tables for users, roles, pages, page actions(view, add,edit,delete) and role associations with page actions. Now how can I write a Gate or Policy for Authorizations utilizing these tables and use it in a middleware? Any example is welcome.
I went through the Authorization documentation, but not getting an idea of how to define abilities and check for them in a role based scenario.
Upvotes: 0
Views: 307
Answers (1)
Joeri
Reputation: 151
Have a look at this source code as example: Spatie/Laravel-permission
Also an example for a middleware to check role or permission:
can.php
public function handle($request, Closure $next, $permission)
{
if(!$request->user()->can($permission)){
flash()->warning(trans('alert.noAccess'));
return abort(403);
}
return $next($request);
}
role.php
public function handle($request, Closure $next, $role, $permission = null)
{
if (auth()->guest()) {
return redirect(route('auth.login'));
}
if (!$request->user()->hasRole($role)) {
abort(403);
}
return $next($request);
}
Upvotes: 1
Related Questions
- Role based permission to Laravel
- Laravel 5 role based access control
- Laravel Roles and Permissions based on Role specific Ability
- How to protect admin area from users by role in laravel 5.6?
- How to manage access based role-users without method checking ways using laravel 5.2
- Laravel 5.1 acl roles and permission in frontend
- ACL In Laravel 4.2
- Laravel 5 Auth and ACL
- Creating a laravel ACL section
- Advanced Role-Based Access Control