Home > PHP Framework > Laravel > How to implement access control list (ACL) permission control in Laravel

How to implement access control list (ACL) permission control in Laravel

PHPz
Release: 2023-11-02 10:25:54
Original
1286 people have browsed it

How to implement access control list (ACL) permission control in Laravel

How to implement access control list (ACL) permission control in Laravel

Abstract:
Access control list (ACL) is a commonly used permission control mechanism , which can also be easily implemented in the Laravel framework. This article will introduce how to use the authentication and authorization functions and extension packages that come with the Laravel framework to implement ACL permission control, and provide specific code examples.

1. Use the authentication and authorization functions that come with Laravel
The authentication and authorization functions that come with the Laravel framework are the basis for implementing ACL permission control. Before you begin, make sure you have correctly set up the Laravel framework and configured your database connection.

  1. Create user table and role table
    Use the command line tool Artisan that comes with the Laravel framework to create the user table and role table.

    php artisan make:migration create_users_table --create=users
    php artisan make:migration create_roles_table --create=roles
    Copy after login

    Then define the table structure in the generated migration file and run the migration command to generate the table.

    php artisan migrate
    Copy after login
    Copy after login
  2. Create user model and role model
    Use Artisan, the command line tool that comes with the Laravel framework, to create user models and role models.

    php artisan make:model User
    php artisan make:model Role
    Copy after login

    Define model associations and methods in the generated model file.

  3. Implement authentication
    Set the authentication driver as the database driver in the config/auth.php configuration file.

    'defaults' => [
     'guard' => 'web',
     'passwords' => 'users',
    ],
    Copy after login

    Then use the command line tool Artisan that comes with the Laravel framework to create authentication-related controllers and views.

    php artisan make:auth
    Copy after login

    In the generated authentication-related controller, you can find login, registration and other related methods.

  4. Implement authorization
    Register the authorization policy in the app/Providers/AuthServiceProvider.php file.

    use AppPoliciesRolePolicy;
    
    protected $policies = [
     Role::class => RolePolicy::class,
    ];
    Copy after login

    Then use the command line tool Artisan that comes with the Laravel framework to create the authorization policy.

    php artisan make:policy RolePolicy --model=Role
    Copy after login

    In the generated authorization policy file, related authorization methods can be defined.

2. Use the extension package laravel-permission to implement ACL permission control
laravel-permission is a popular extension package that can easily implement ACL permission control.

  1. Install the laravel-permission extension package
    Use Composer to install the laravel-permission extension package.

    composer require spatie/laravel-permission
    Copy after login
  2. Configure laravel-permission extension package
    Add ServiceProvider in the providers array in the config/app.php configuration file.

    SpatiePermissionPermissionServiceProvider::class,
    Copy after login

    Then use Artisan, the command line tool that comes with the Laravel framework, to publish the configuration files and migration files of the expansion package.

    php artisan vendor:publish --provider="SpatiePermissionPermissionServiceProvider" --tag="config"
    php artisan vendor:publish --provider="SpatiePermissionPermissionServiceProvider" --tag="migrations"
    Copy after login

    The permission model and role model can be set in the generated configuration file.

  3. Create permission table and role table
    Use Artisan, the command line tool that comes with the Laravel framework, to generate migration files for the permission table and role table.

    php artisan make:migration create_permissions_table --create=permissions
    php artisan make:migration create_roles_table --create=roles
    Copy after login

    Define the table structure in the generated migration file and run the migration command to generate the table.

    php artisan migrate
    Copy after login
    Copy after login
  4. Use laravel-permission extension package
    Introduce the SpatiePermissionTraitsHasRoles trait in the user model and role model.

    use SpatiePermissionTraitsHasRoles;
    Copy after login

    Then use the HasRoles trait to define the associations and methods of the user model and role model.

You can use the authorize method in the controller to perform authorization judgment.

use IlluminateSupportFacadesGate;

if (Gate::denies('edit', $post)) {
    abort(403, 'Unauthorized action.');
}
Copy after login

You can also use the @can directive in the view file to determine permissions.

@can('edit', $post)
    {{-- Edit button --}}
@endcan
Copy after login

Conclusion:
This article introduces how to implement access control list (ACL) permission control in the Laravel framework. First, use Laravel's own authentication and authorization functions to define the user table and role table and implement authentication and authorization. Then use the laravel-permission extension package to further implement ACL permission control. I hope this article can help you implement ACL permission control in Laravel.

The above is the detailed content of How to implement access control list (ACL) permission control in Laravel. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template