{"_id":"563c21fd19ae7b0d0050d45b","parentDoc":null,"user":"563b65409e3f2225009fd2b9","version":{"_id":"563b65bd9e3f2225009fd2bf","project":"563b65bd9e3f2225009fd2bc","__v":4,"createdAt":"2015-11-05T14:20:45.639Z","releaseDate":"2015-11-05T14:20:45.639Z","categories":["563b65be9e3f2225009fd2c0","563b6b25e951f60d000b4513","563c239e260dde0d00c5e890","563c2440260dde0d00c5e891"],"is_deprecated":false,"is_hidden":false,"is_beta":true,"is_stable":true,"codename":"","version_clean":"4.0.0","version":"4.0"},"__v":31,"category":{"_id":"563b6b25e951f60d000b4513","version":"563b65bd9e3f2225009fd2bf","__v":6,"pages":["563c21fd19ae7b0d0050d45b","563c220c7539dd0d00dbee87","563c2218ac77910d00279fe7","563c2233d8f2d20d00448b4f","563c2376913e650d00b65dbd","563c907319ae7b0d0050d528"],"project":"563b65bd9e3f2225009fd2bc","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-11-05T14:43:49.565Z","from_sync":false,"order":1,"slug":"the-basics","title":"The Basics"},"project":"563b65bd9e3f2225009fd2bc","updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-11-06T03:43:57.599Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"settings":"","results":{"codes":[]},"auth":"required","params":[],"url":""},"isReference":false,"order":10,"body":"[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"USER MIDDLEWARES\"\n}\n[/block]\nIf you have to control the access User provides middlewares to protect your routes. If you have to control the access through the Laravel routes, the User has some built-in middlewares for the trivial tasks. \n\nTo utilize them, just put it in your ***app/Http/Kernel.php*** file.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nprotected $routeMiddleware = [\\n    'auth'            => \\\\App\\\\Http\\\\Middleware\\\\Authenticate::class,\\n    'auth.basic'      => \\\\Illuminate\\\\Auth\\\\Middleware\\\\AuthenticateWithBasicAuth::class,\\n    'guest'           => \\\\App\\\\Http\\\\Middleware\\\\RedirectIfAuthenticated::class,\\n\\n    // Simpler access control, uses only the groups\\n    'auth.role'       => \\\\Litepie\\\\User\\\\Middlewares\\\\NeedsRoleMiddleware::class\\n];\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nYou can further study how to work with the middlewares below.\n\n## Create your own middleware\n\nIf the built-in middlewares doesn't fit your needs, you can make your own by using User's API to control the access.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"USAGE\"\n}\n[/block]\nThe User handles only access control. \n\nThe authentication is still made by Laravel's Auth.\n\n## Create roles and permissions\n\n## With admin interface\n\nYou can create roles and permissions by login to the admin as super user for you application.\n\n## With the seeder or artisan tinker\n\nYou can also use the User's API. You can create a Laravel Seeder or use ***php artisan tinker***.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nuse App\\\\User;\\n\\n$roleAdmin = User::createRole('admin');\\n\\n// The first parameter is the permission name\\n// The second is the \\\"friendly\\\" version of the name. (usually for you to show it in your application).\\n$permission =  User::createPermission('user.create', 'Create Users');\\n\\n// You can assign permission directly to a user.\\n$user = User::find(1);\\n$user->attachPermission($permission);\\n\\n// or you can add the user to a group and that group has the power to rule create users.\\n$roleAdmin->attachPermission($permission);\\n\\n// Now this user is in the Administrators group.\\n$user->attachRole($roleAdmin);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n## Using the middleware\n\nYou can protect your routes, through the use of the built-in middlewares.\n\nUser requires Laravel's Auth, so, use the auth middleware before the User's middleware that you intend to use.\n\n##Checking Permissions: needsPermissionMiddleware\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => 'user.create', function()\\n{\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nIf you're using Laravel 5.1 it's possible to use Middleware Parameters.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index'], function() {\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWith this syntax it's also possible to use the middlewaren within your controllers.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsPermission:user.index');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nYou can pass an array of permissions to check on.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => ['user.index', 'user.create'], function()\\n{\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWhen using middleware parameters, use a | to separate multiple permissions.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index|user.create'], function() {\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr within controllers:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsPermission:user.index|user.create');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWhen you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add ***'any' => true***.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => ['user.index', 'user.create'], 'any' => true, function()\\n{\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr, with middleware parameters, pass it as the 2nd parameter\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index|user.create,true'], function() {\\n    return 'Yes I can!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr within controllers:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsPermission:user.index|user.create,true');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Checking Roles: needsRoleMiddleware\"\n}\n[/block]\nThis is similar to the previous middleware, but only the roles are checked, it means that it doesn't check the permissions.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'is' => 'admin', function()\\n{\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nIf you're using Laravel 5.1 it's possible to use Middleware Parameters.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin'], function() {\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWith this syntax it's also possible to use the middlewaren within your controllers.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsRole:admin');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nYou can pass an array of permissions to check on.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'shield' => ['admin', 'member'], function()\\n{\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWhen using middleware parameters, use a **|** to separate multiple roles.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin|editor'], function() {\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr within controllers:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsRole:admin|editor');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nWhen you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add ***'any' => true***.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'is' => ['admin', 'member'], 'any' => true, function()\\n{\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr, with middleware parameters, pass it as the 2nd parameter\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin|editor,true'], function() {\\n    return 'Yes I am!';\\n}]);\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\nOr within controllers:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\n$this->middleware('needsRole:admin|editor,true');\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"USING IN VIEWS\"\n}\n[/block]\nThe Laravel's Blade extension for using User.\n\n**:::at:::shield**\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"@shield('user.index')\\n    shows your protected stuff\\n@endshield\\n@shield('user.index')\\n    shows your protected stuff\\n@else\\n    shows the data for those who doesn't have the user.index permission\\n@endshield\",\n      \"language\": \"html\"\n    }\n  ]\n}\n[/block]\n**@is**\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"@is('admin')\\n    Shows data for the logged user and that belongs to the admin role\\n@endis\\n@is('admin')\\n    Shows data for the logged user and that belongs to the admin role\\n@else\\n    shows the data for those who doesn't have the admin permission\\n@endis\\n@is(['role1', 'role2'])\\n    Shows data for the logged user and that belongs to the admin role\\n@else\\n    shows the data for those who doesn't have the admin permission\\n@endis\",\n      \"language\": \"html\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"USING THE FACADE\"\n}\n[/block]\nWith the User's Facade you can access the API and use it at any part of your application.\n\n**User::hasPermission($permission)**:\n\nCheck if the logged user has the ***$permission***.\n\n**User::canDo($permission)**:\n\nCheck if the logged user has the ***$permission***. If the role ***superuser*** returns true\n\n**User::roleHasPermission($permission)**:\n\nCheck if the logged user has the ***$permission*** checking only the role permissions.\n\n**User::hasRole($roleName)**:\n\nCheck if the logged user belongs to the role ***$roleName***.\n\n**User::roleExists($roleName)**:\n\nCheck if the role ***$roleName*** exists in the database.\n\n**User::permissionExists($permissionName)**:\n\nCheck if the permission ***$permissionName*** exists in the database.\n\n**User::findRole($roleName)**:\n\nFind the role in the database by the name ***$roleName***.\n\n**User::findRoleById($roleId)**:\n\nFind the role in the database by the role ID roleId.\n\n**User::findPermission($permissionName)**:\n\nFind the permission in the database by the name ***$permissionName***.\n\n**User::findPermissionById($permissionId)**:\n\nFind the permission in the database by the ID ***$permissionId***.\n\n**User::createRole($roleName)**:\n\nCreate a new role in the database.\n\n**User::createPermission($permissionName)**:\n\nCreate a new permission in the database.\n\n**User::is($roleName)**:\n\nCheck whether the current user belongs to the role.\n\n**User::javascript()->render()**:\n\nReturns a javascript script with a list of all roles and permissions of the current user. The variable name can be modified.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"USING THE TRAIT\"\n}\n[/block]\nTo add the User's features, you need to add the trait ***HasUser*** in you User model (usually ***App\\User***).\n\n**public function hasPermission($permission)**:\n\nThis method checks if the logged user has the permission ***$permission***\n\nIn User, there are 2 kind of permissions: ***User permissions*** and ***Role permissions***. By default, the permissions that the user inherits, are permissions of the roles that it belongs to. However, always that a user pemission is set, it will take precedence of role permission.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    if ($user->hasPermission('user.create'));\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function attachRole($role)**:\n\nAttach the user to the role ***$role***. The ***$role*** variable might be an object of the type ***Litepie\\User\\Role*** or an array containing the ***ids*** of the roles.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $role = User::findRole('admin'); // Returns an Litepie\\\\User\\\\Role\\n    $user->attachRole($role);\\n\\n    // or\\n\\n    $roles = [1, 2, 3]; // Using an array of ids\\n    $user->attachRole($roles);\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function detachRole($role)**:\n\nDeatach the role ***$role*** from the user (inverse to ***attachRole()***).\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $role = User::findRole('admin'); // Returns an Litepie\\\\User\\\\Role\\n    $user->detachRole($role);\\n\\n    // ou\\n\\n    $roles = [1, 2, 3]; // Using an array of ids\\n    $user->detachRole($roles);\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function syncRoles(array $roles = array())**:\n\nThis is like the attachRole() method, but only the roles in the array $roles will be on the relationship after the method runs. $roles it's an array of ids for the needed roles.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $roles = [1, 2, 3]; // Using an array of ids\\n\\n    $user->syncRoles($roles);\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function attachPermission($permission, array $options = array())**:\n\nAttach the user to the permission ***$permission***. The ***$permission*** variable is an instance of the ***Litepie\\User\\Permission*** class.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $permission = User::findPermission('user.create');\\n\\n    $user->attachPermission($permission, [\\n        'value' => true // true = has the permission, false = doesn't have the permission,\\n    ]);\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function detachPermission($permission)**:\n\nRemove the permission ***$permission*** from the user. The ***$permission*** variable might be an instance of the ***Litepie\\User\\Permission*** class or an array of ids with the ***ids*** of the permissions to be removed.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $permission = User::findPermission('user.create');\\n    $user->detachPermission($permission);\\n\\n    // or\\n\\n    $permissions = [1, 3];\\n    $user->detachPermission($permissions);\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function syncPermissions(array $permissions)**:\n\nThis is like the method ***syncRoles***. but only the roles in the array ***$permissions*** be on the relationship after the method runs.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"public function foo(Authenticable $user)\\n{\\n    $permissions = [\\n        1 => ['value' => false],\\n        2 => ['value' => true,\\n        3 => ['value' => true]\\n    ];\\n\\n    $user->syncPermissions($permissions);\\n}\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]\n**public function revokePermissions()**:\n\nThis removes all the user permissions.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $user->revokePermissions();\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]\n**public function revokeExpiredPermissions()**:\n\nRemove all the temporary expired pemissions from the user. More about temporary permissions below.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"<?\\n\\npublic function foo(Authenticable $user)\\n{\\n    $user->revokeExpiredPermissions();\\n}\",\n      \"language\": \"php\"\n    }\n  ]\n}\n[/block]","excerpt":"Manages Access Control List and Users","slug":"user","type":"basic","title":"User"}

User

Manages Access Control List and Users

[block:api-header] { "type": "basic", "title": "USER MIDDLEWARES" } [/block] If you have to control the access User provides middlewares to protect your routes. If you have to control the access through the Laravel routes, the User has some built-in middlewares for the trivial tasks. To utilize them, just put it in your ***app/Http/Kernel.php*** file. [block:code] { "codes": [ { "code": "<?\n\nprotected $routeMiddleware = [\n 'auth' => \\App\\Http\\Middleware\\Authenticate::class,\n 'auth.basic' => \\Illuminate\\Auth\\Middleware\\AuthenticateWithBasicAuth::class,\n 'guest' => \\App\\Http\\Middleware\\RedirectIfAuthenticated::class,\n\n // Simpler access control, uses only the groups\n 'auth.role' => \\Litepie\\User\\Middlewares\\NeedsRoleMiddleware::class\n];", "language": "php" } ] } [/block] You can further study how to work with the middlewares below. ## Create your own middleware If the built-in middlewares doesn't fit your needs, you can make your own by using User's API to control the access. [block:api-header] { "type": "basic", "title": "USAGE" } [/block] The User handles only access control. The authentication is still made by Laravel's Auth. ## Create roles and permissions ## With admin interface You can create roles and permissions by login to the admin as super user for you application. ## With the seeder or artisan tinker You can also use the User's API. You can create a Laravel Seeder or use ***php artisan tinker***. [block:code] { "codes": [ { "code": "<?\n\nuse App\\User;\n\n$roleAdmin = User::createRole('admin');\n\n// The first parameter is the permission name\n// The second is the \"friendly\" version of the name. (usually for you to show it in your application).\n$permission = User::createPermission('user.create', 'Create Users');\n\n// You can assign permission directly to a user.\n$user = User::find(1);\n$user->attachPermission($permission);\n\n// or you can add the user to a group and that group has the power to rule create users.\n$roleAdmin->attachPermission($permission);\n\n// Now this user is in the Administrators group.\n$user->attachRole($roleAdmin);", "language": "php" } ] } [/block] ## Using the middleware You can protect your routes, through the use of the built-in middlewares. User requires Laravel's Auth, so, use the auth middleware before the User's middleware that you intend to use. ##Checking Permissions: needsPermissionMiddleware [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => 'user.create', function()\n{\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] If you're using Laravel 5.1 it's possible to use Middleware Parameters. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index'], function() {\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] With this syntax it's also possible to use the middlewaren within your controllers. [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsPermission:user.index');", "language": "php" } ] } [/block] You can pass an array of permissions to check on. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => ['user.index', 'user.create'], function()\n{\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] When using middleware parameters, use a | to separate multiple permissions. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index|user.create'], function() {\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] Or within controllers: [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsPermission:user.index|user.create');", "language": "php" } ] } [/block] When you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add ***'any' => true***. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission'], 'shield' => ['user.index', 'user.create'], 'any' => true, function()\n{\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] Or, with middleware parameters, pass it as the 2nd parameter [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsPermission:user.index|user.create,true'], function() {\n return 'Yes I can!';\n}]);", "language": "php" } ] } [/block] Or within controllers: [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsPermission:user.index|user.create,true');", "language": "php" } ] } [/block] [block:api-header] { "type": "basic", "title": "Checking Roles: needsRoleMiddleware" } [/block] This is similar to the previous middleware, but only the roles are checked, it means that it doesn't check the permissions. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'is' => 'admin', function()\n{\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] If you're using Laravel 5.1 it's possible to use Middleware Parameters. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin'], function() {\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] With this syntax it's also possible to use the middlewaren within your controllers. [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsRole:admin');", "language": "php" } ] } [/block] You can pass an array of permissions to check on. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'shield' => ['admin', 'member'], function()\n{\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] When using middleware parameters, use a **|** to separate multiple roles. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin|editor'], function() {\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] Or within controllers: [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsRole:admin|editor');", "language": "php" } ] } [/block] When you pass an array of permissions, the route will be fired only if the user has all the permissions. However, if you want to allow the access to the route when the user has at least one of the permissions, just add ***'any' => true***. [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole'], 'is' => ['admin', 'member'], 'any' => true, function()\n{\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] Or, with middleware parameters, pass it as the 2nd parameter [block:code] { "codes": [ { "code": "<?\n\nRoute::get('foo', ['middleware' => ['auth', 'needsRole:admin|editor,true'], function() {\n return 'Yes I am!';\n}]);", "language": "php" } ] } [/block] Or within controllers: [block:code] { "codes": [ { "code": "<?\n\n$this->middleware('needsRole:admin|editor,true');", "language": "php" } ] } [/block] [block:api-header] { "type": "basic", "title": "USING IN VIEWS" } [/block] The Laravel's Blade extension for using User. **@shield** [block:code] { "codes": [ { "code": "@shield('user.index')\n shows your protected stuff\n@endshield\n@shield('user.index')\n shows your protected stuff\n@else\n shows the data for those who doesn't have the user.index permission\n@endshield", "language": "html" } ] } [/block] **@is** [block:code] { "codes": [ { "code": "@is('admin')\n Shows data for the logged user and that belongs to the admin role\n@endis\n@is('admin')\n Shows data for the logged user and that belongs to the admin role\n@else\n shows the data for those who doesn't have the admin permission\n@endis\n@is(['role1', 'role2'])\n Shows data for the logged user and that belongs to the admin role\n@else\n shows the data for those who doesn't have the admin permission\n@endis", "language": "html" } ] } [/block] [block:api-header] { "type": "basic", "title": "USING THE FACADE" } [/block] With the User's Facade you can access the API and use it at any part of your application. **User::hasPermission($permission)**: Check if the logged user has the ***$permission***. **User::canDo($permission)**: Check if the logged user has the ***$permission***. If the role ***superuser*** returns true **User::roleHasPermission($permission)**: Check if the logged user has the ***$permission*** checking only the role permissions. **User::hasRole($roleName)**: Check if the logged user belongs to the role ***$roleName***. **User::roleExists($roleName)**: Check if the role ***$roleName*** exists in the database. **User::permissionExists($permissionName)**: Check if the permission ***$permissionName*** exists in the database. **User::findRole($roleName)**: Find the role in the database by the name ***$roleName***. **User::findRoleById($roleId)**: Find the role in the database by the role ID roleId. **User::findPermission($permissionName)**: Find the permission in the database by the name ***$permissionName***. **User::findPermissionById($permissionId)**: Find the permission in the database by the ID ***$permissionId***. **User::createRole($roleName)**: Create a new role in the database. **User::createPermission($permissionName)**: Create a new permission in the database. **User::is($roleName)**: Check whether the current user belongs to the role. **User::javascript()->render()**: Returns a javascript script with a list of all roles and permissions of the current user. The variable name can be modified. [block:api-header] { "type": "basic", "title": "USING THE TRAIT" } [/block] To add the User's features, you need to add the trait ***HasUser*** in you User model (usually ***App\User***). **public function hasPermission($permission)**: This method checks if the logged user has the permission ***$permission*** In User, there are 2 kind of permissions: ***User permissions*** and ***Role permissions***. By default, the permissions that the user inherits, are permissions of the roles that it belongs to. However, always that a user pemission is set, it will take precedence of role permission. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n if ($user->hasPermission('user.create'));\n}", "language": "php" } ] } [/block] **public function attachRole($role)**: Attach the user to the role ***$role***. The ***$role*** variable might be an object of the type ***Litepie\User\Role*** or an array containing the ***ids*** of the roles. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $role = User::findRole('admin'); // Returns an Litepie\\User\\Role\n $user->attachRole($role);\n\n // or\n\n $roles = [1, 2, 3]; // Using an array of ids\n $user->attachRole($roles);\n}", "language": "php" } ] } [/block] **public function detachRole($role)**: Deatach the role ***$role*** from the user (inverse to ***attachRole()***). [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $role = User::findRole('admin'); // Returns an Litepie\\User\\Role\n $user->detachRole($role);\n\n // ou\n\n $roles = [1, 2, 3]; // Using an array of ids\n $user->detachRole($roles);\n}", "language": "php" } ] } [/block] **public function syncRoles(array $roles = array())**: This is like the attachRole() method, but only the roles in the array $roles will be on the relationship after the method runs. $roles it's an array of ids for the needed roles. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $roles = [1, 2, 3]; // Using an array of ids\n\n $user->syncRoles($roles);\n}", "language": "php" } ] } [/block] **public function attachPermission($permission, array $options = array())**: Attach the user to the permission ***$permission***. The ***$permission*** variable is an instance of the ***Litepie\User\Permission*** class. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $permission = User::findPermission('user.create');\n\n $user->attachPermission($permission, [\n 'value' => true // true = has the permission, false = doesn't have the permission,\n ]);\n}", "language": "php" } ] } [/block] **public function detachPermission($permission)**: Remove the permission ***$permission*** from the user. The ***$permission*** variable might be an instance of the ***Litepie\User\Permission*** class or an array of ids with the ***ids*** of the permissions to be removed. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $permission = User::findPermission('user.create');\n $user->detachPermission($permission);\n\n // or\n\n $permissions = [1, 3];\n $user->detachPermission($permissions);\n}", "language": "php" } ] } [/block] **public function syncPermissions(array $permissions)**: This is like the method ***syncRoles***. but only the roles in the array ***$permissions*** be on the relationship after the method runs. [block:code] { "codes": [ { "code": "public function foo(Authenticable $user)\n{\n $permissions = [\n 1 => ['value' => false],\n 2 => ['value' => true,\n 3 => ['value' => true]\n ];\n\n $user->syncPermissions($permissions);\n}", "language": "text" } ] } [/block] **public function revokePermissions()**: This removes all the user permissions. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $user->revokePermissions();\n}", "language": "php" } ] } [/block] **public function revokeExpiredPermissions()**: Remove all the temporary expired pemissions from the user. More about temporary permissions below. [block:code] { "codes": [ { "code": "<?\n\npublic function foo(Authenticable $user)\n{\n $user->revokeExpiredPermissions();\n}", "language": "php" } ] } [/block]