1.Install "zizaco/entrust": "5.2.x-dev"
2.add provider and aliases in app.php
3.php artisan vendor:publish
4.php artisan migrate
次に、user.php に追加します
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Zizaco\Entrust\Traits\EntrustUserTrait;
class User extends Model implements AuthenticatableContract, CanResetPasswordContract
{
use Authenticatable, CanResetPassword, EntrustUserTrait;
}
次 Role のモデルを作成する
use Zizaco\Entrust\EntrustRole
class Role extends EntrustRole
{
protected $table = 'roles';
protected $fillable = ['name', 'display_name', 'description']
}
許可のためのモデルを作成します
use Zizaco\Entrust\EntrustPermission;
class Permission extends EntrustPermission
{
protected $table = 'permissions';
protected $fillable = ['name', 'display_name', 'description'];
}
ここで、役割と権限のシード テーブルを作成します
UserTableSeeder.php
<?php
use Illuminate\Database\Seeder;
use App\Permission;
use App\Role;
use App\User;
class UserTableSeeder extends seeder
{
public function run()
{
Permission::truncate();
Role::truncate();
User::truncate();
\DB::table('role_user')->delete();
\DB::table('permission_role')->delete();
//create a user
$veeru = User::create([
'name' => 'veeru',
'email' => 'something@something.com',
'password' => bcrypt('qwerty'),
]);
//create a role of admin
$admin = Role::create([
'name' => 'admin',
'display_name' => 'Admin',
'description' => 'Only one and only admin',
]);
//create a permission for role
$manage_users = Permission::create([
'name' => 'manage-users-roles-and-permissions',
'display_name' => 'Manage Users,Roles and Permissions',
'description' => 'Can manage users,roles and permission"s',
]);
//here attaching permission for admin role
$admin->attachPermission($manage_users);
//here attaching role for user
$veeru->attachRole($admin);
//here iam creating another role and permisssion
$application = Role::create([
'name' => 'appapirequestlogs',
'display_name' => 'AppApiRequestLogs',
'description' => 'This has full control on Application Core Request logs',
]);
$corereq = Permission::create([
'name' => 'appapireqlogindex',
'display_name' => 'AppApiReqLogIndex',
'description' => 'This has control on Application Core Request Logs index only',
]);
here attaching roles and permissions
$application->attachPermission($corereq);
$veeru->attachRole($application);
}
ロールとパーミッションのルート ファイルとコントローラーを作成するシード後
ルート.php
Route::group(['middleware' => 'web'], function () {
Route::group(['prefix' => 'admin'], function () {
Route::controller('roles', 'RolesController');
Route::controller('permissions', 'PermissionsController');
Route::controller('users', 'UsersController');
});
});
RolesController.php
use App\Permission;
use App\Role;
use Illuminate\Http\Request;
use App\Http\Requests;
class RolesController extends Controller
{
function __construct()
{
$this->middleware('auth');
$this->middleware('role:admin');
$this->middleware('permission:manage-users-roles-and-permissions');
}
public function getIndex(Request $request)
{
$roles = Role::with('perms')->get();
return view('roles.index', ['roles' => $roles]);
}
public function getCreate()
{
return view('roles.create');
}
public function postCreate(Request $request)
{
$role = Role::create([
'name' => $request->name,
'display_name' => $request->display_name,
'description' => $request->description
]);
return redirect()->to('admin/roles/index');
}
public function getUpdate($id)
{
$role = Role::findOrFail($id);
return view('roles.update', ['role' => $role]);
}
public function postUpdate(Request $request)
{
$role = Role::findOrFail($request->get('id'));
$role->name = $request->get('name');
$role->display_name = $request->get('display_name');
$role->description = $request->get('description');
$role->save();
return redirect();
}
public function getDelete($id)
{
$role = Role::findOrFail($id);
$role->delete();
return redirect();
}
public function getAttach(Request $request)
{
$role = Role::where('id', '=', $request->id)->with('perms')->first();
$permissions_id = $role->perms->pluck('id')->toArray();
$permissionsNotAttached = Permission::whereNotIn('id', $permissions_id)->get();
return view('roles.attach', compact('role', 'permissionsNotAttached'));
}
public function postAttach(Request $request)
{
$role = Role::findOrFail($request->id);
$permission = Permission::findOrFail($request->permission);
$role->attachPermission($permission);
return redirect();
}
public function getDetach(Request $request)
{
$role = Role::findOrFail($request->role_id);
$permission = Permission::findOrFail($request->permission_id);
$role->detachPermission($permission);
return redirect()->to('/admin/roles/index');
}
}
同様に PermissionsController.php を作成します
use App\Http\Requests\PermissionRequest;
use App\Permission;
use App\Http\Requests;
class PermissionsController extends Controller
{
public function __construct()
{
$this->middleware('auth');
$this->middleware('role:admin');
$this->middleware('permission:manage-users-roles-and-permissions');
}
public function getIndex()
{
$permissions = Permission::all();
return view('permissions.index', ['permissions' => $permissions]);
}
public function getCreate()
{
return view('permissions.create');
}
public function postCreate(Request $request)
{
$permission = Permission::create([
'name' => $request->name,
'display_name' => $request->display_name,
'description' => $request->description
]);
return redirect();
}
public function getUpdate($id)
{
$permission = Permission::findOrFail($id);
return view('permissions.update', ['permission' => $permission]);
}
public function postUpdate(Request $request)
{
$permission = Permission::findOrFail($request->get('id'));
$permission->name = $request->get('name');
$permission->display_name = $request->get('display_name');
$permission->description = $request->get('description');
$permission->save();
return redirect();
}
public function getDelete($id)
{
$permission = Permission::findOrFail($id);
$permission->delete();
return redirect();
}
}