graphene-ict/nova-permissions
Composer 安装命令:
composer require graphene-ict/nova-permissions
包简介
Nova Permissions tool based on spatie permissions
README 文档
README
Nova Permissions tool based on spatie permissions
We have a Migration, Seed, Policy and Resource ready for a good Authorization Experience.
Installation
You can install the package in to a Laravel app that uses Nova via composer:
composer require graphene-ict/nova-permissions
Database Migration
Publish the Migration with the following command:
php artisan vendor:publish --provider="GrapheneICT\NovaPermissions\ToolServiceProvider" --tag="migrations"
Migrate the Database:
php artisan migrate
Configuration
You must register the tool with Nova. This is typically done in the tools method of the NovaServiceProvider.
// in app/Providers/NovaServiceProvider.php // ... public function tools() { return [ // ... new \GrapheneICT\NovaPermissions\NovaPermissions(), ]; }
Finally, add MorphToMany fields to you app/Nova/User resource:
// ... use Laravel\Nova\Fields\MorphToMany; public function fields(Request $request) { return [ // ... MorphToMany::make('Roles', 'roles', \GrapheneICT\NovaPermissions\Nova\Role::class), MorphToMany::make('Permissions', 'permissions', \GrapheneICT\NovaPermissions\Nova\Permission::class), ]; }
Add the Spatie\Permission\Traits\HasRoles trait to your User model(s):
use Illuminate\Foundation\Auth\User as Authenticatable; use Spatie\Permission\Traits\HasRoles; class User extends Authenticatable { use HasRoles; // ... }
Database Seeding
Publish our Seeder with the following command:
php artisan vendor:publish --provider="GrapheneICT\NovaPermissions\ToolServiceProvider" --tag="seeds"
Before you do any seeding admin email parametar in your env
NOVA_PERMISSION_ADMIN_EMAIL = your@email.com
This is just an example on how you could seed your Database with Roles and Permissions. Modify RolesAndPermissionsSeeder.php in database/seeds. List all your Models you want to have Permissions for in the $collection Array.
Create a role and attach permissions to it:
class RolesAndPermissionsSeeder extends Seeder { /** * Run the database seeds. * * @return void */ public function run() { // Reset cached roles and permissions app()[PermissionRegistrar::class]->forgetCachedPermissions(); $collection = collect([ User::class, Role::class, Permission::class, // ... // List all your Models you want to have Permissions for. ]); $adminEmail = env('NOVA_PERMISSION_ADMIN_EMAIL', null); if (is_null($adminEmail)) { throw new \InvalidArgumentException('Email parameter must be provided!'); } // Create an Admin Role and assign all Permissions $role = Role::create(['name' => 'admin']); $role->givePermissionTo(Permission::all()); // Give User Admin Role $user = User::whereEmail($adminEmail)->first(); // Change this to your email. $user->assignRole('admin'); } }
Now you can seed the Database. Add $this->call(RolesAndPermissionsSeeder::class); to the DatabaseSeeder.
Note: If this doesn't work, run
composer dumpautoloadto autoload the Seeder.
Permissions
Detail View
Edit View
Create a Model Policy
You can extend GrapheneICT\NovaPermissions\Policies\Policy and have a very clean Model Policy that works with Nova.
For Example: Create a new User Policy with php artisan make:policy UserPolicy with the following code:
class UserPolicy extends Policy { /** * The Permission key the Policy corresponds to. * * @var string */ public static $key = 'users'; }
It should now work as exptected. Just create a Role, modify its Permissions and the Policy should take care of the rest.
Note: Don't forget to add your Policy to your
$policiesinApp\Providers\AuthServiceProvider.
Note: Only extend the Policy if you have created your Permissions according to our Seeding Example. Otherwise, make sure to have
view users, view own users, manage users, manage own users, restore users, forceDelete usersas Permissions in your Table in order to extend our Policy.
view own usersis superior toview usersand allows the User to only view his own Users.
manage own usersis superior tomanage usersand allows the User to only manage his own Users.
Scope Resource for User
If you use our Policy and Seeder, the user will still be able to see other Entries. In order to only allow a User to view his own Entries and no others, you can extens our GrapheneICT\NovaPermissions\Nova\ResourceForUser Class like this:
class User extends ResourceForUser { //... }
Note: ResourceForUser assumes the Resource has a
user_idcolumn in the Database. If you are using another column, feel free to copy the contents of the Resource and modify it.
Customization
Use your own Resources
If you want to use your own resource classes, you can define them when you register the tool:
// in app/Providers/NovaServiceProvider.php // ... public function tools() { return [ // ... \GrapheneICT\NovaPermissions\NovaPermissionTool::make() ->roleResource(Role::class) ->permissionResource(Permission::class), ]; }
Credits
This Package is inspired by eminiarts/nova-permission
graphene-ict/nova-permissions 适用场景与选型建议
graphene-ict/nova-permissions 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 5.51k 次下载、GitHub Stars 达 9, 最近一次更新时间为 2020 年 06 月 30 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 graphene-ict/nova-permissions 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 graphene-ict/nova-permissions 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 5.51k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 9
- 点击次数: 24
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2020-06-30