Dynamic ACL

Dynamic ACL is a package that handles Access Control Level on your Laravel Application.

It's fast to running and simple to use.

Install and enjoy.

Features

• Check permissions: Check routes dynamically on Admin permissions.
• Simple policy: Check user_id on your entities (if admin has access to this).

Installation

NOTE: you need to make your authentication (session based) system before.

NOTE: you should define name for your routes.

composer require iya30n/dynamic-acl

publish config file

php artisan vendor:publish

migrate roles table

php artisan migrate

Don't worry about relationships, they handled already.

run make:admin command

this command makes your first admin as super admin with fullAccess level.

php artisan make:admin --role

finish

just run your application and visit locahost:8000/admin/roles .

you'll see list of your roles.

you can create new one, edit or delete them.

config

after publish vendor you can change config on config/dynamicACL.php file.

• alignment: you can change UI alignment to rtl or ltr. also when you change your lang, roles CRUD will be changing in (fa, en).
• controllers_path: this is your controllers namespace.
• ignore_list: you can add your routes to be ignore on check permissions.

how to use the ACL?

just add dynamicAcl middleware to your routes.

now you'll see list of the routes with dynamicAcl middleware on localhost:8000/admin/roles/create.

also this middleware will check your admin access to current route.

access to the roles

you can use Role model to write your own queries and get list of the roles.

use Iya30n\DynamicAcl\Models\Role;

sync user roles

$user->roles()->sync([1, 2, 3,...]);
// or
$user->roles()->attach([1, 2, 3,...]);
// or
$user->roles()->dettach([1, 2, 3,...]);

get user roles

$user->roles()->get();

check user access manually

call hasPermission method on user and pass the route name.

$user->hasPermission('admin.articles');

// or

auth()->user()->hasPermission('admin.articles');

how to use dynamic policy?

NOTE: you should use route model binding on your controllers.

it's very simple too.

just add authorize middleware to your routes.

this middleware will check user_id on your entity.