2017 © Pedro Peláez
 

library propauth-provider

A Laravel provider for adding PropAuth checking to Blade templates

image

psecio/propauth-provider

A Laravel provider for adding PropAuth checking to Blade templates

  • Tuesday, March 22, 2016
  • by enygma
  • Repository
  • 1 Watchers
  • 0 Stars
  • 5 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 2 Versions
  • 0 % Grown

The README.md

Policy Template (Blade) Service Provider for PropAuth

This service provider, for Laravel 5+ based applications, introduces the ability to perform PropAuth evaluation checks on the current user against pre-defined policies., (*1)

Usage

To use this provider, update your Laravel app's app.php configuration's "providers" section to pull in this provider:, (*2)

<?php
'providers' => [
    /* other providers */
    \Psecio\PropAuth\PolicyTemplateServiceProvider::class,
]
?>

What else is required

This library requires two things:, (*3)

Essentially, the requirement is that there's another service provider (in the example it's the PolicyServiceProvider) that defines your policies in a singleton named "policies" and returns an enforcer object. For example, you could put this in app/providers/PolicyServiceProvider.php:, (*4)

app->singleton('policies', function($app) {
            $set = PolicySet::instance()
                ->add('can-edit', Policy::instance()->hasUsername('ccornutt'))
            );

            return Enforcer::instance($set);
        });
    }
}
?>

This just defines the one policy, can-edit, where it checks the current user (pulled via \Auth::user()) to see if they have a username property of "ccornutt". With this in place, you can then use the service provider in this repo to add checks to your Blade templates., (*5)

For example, to use the can-edit check above you could use something like this:, (*6)

@allows('can-edit')
they can edit!
@endallows

@denies('can-edit')
they're denied being able to edit
@enddenies

The two methods exposed are @allows and @denies with a required first parameter. You can also pass in optional parmeters if your PropAuth checks are more complex and use the closures handling. So, if your policy is defined like this:, (*7)

app->singleton('policies', function($app) {
    $set = PolicySet::instance()
        ->add('can-delete', Policy::instance()->can(function($subject, $post) {
            return $post->author == 'ccornutt';
        })
    );

    return Enforcer::instance($set);
});
?>

You need to pass in a value/object for $post in the can-delete closure. You can do this by giving the @allows/@denies more optional parameters:, (*8)

@allows('can-delete', $post)
Can delete this post because the username on the post is "ccornutt"
@endallows

The Versions

22/03 2016

dev-master

9999999-dev https://github.com/psecio/propauth-provider.git

A Laravel provider for adding PropAuth checking to Blade templates

  Sources   Download

MIT

The Requires

 

The Development Requires

by Chris Cornutt

laravel authorization blade property policy

22/10 2015

0.1

0.1.0.0 https://github.com/psecio/propauth-provider.git

A Laravel provider for adding PropAuth checking to Blade templates

  Sources   Download

MIT

The Requires

 

The Development Requires

by Chris Cornutt

laravel authorization blade property policy