Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Access Control in Laravel
Search
Fareez Ahamed
February 27, 2016
Programming
4
260
Access Control in Laravel
Introduction to Access Control in Laravel
Fareez Ahamed
February 27, 2016
Tweet
Share
More Decks by Fareez Ahamed
See All by Fareez Ahamed
Laravel Integration Testing
fareez
3
140
Other Decks in Programming
See All in Programming
All About Angular's New Signal Forms
manfredsteyer
PRO
0
190
SwiftDataを使って10万件のデータを読み書きする
akidon0000
0
230
Range on Rails ―「多重範囲型」という新たな選択肢が、複雑ロジックを劇的にシンプルにしたワケ
rizap_tech
0
6.7k
理論と実務のギャップを超える
eycjur
0
170
ソフトウェア設計の実践的な考え方
masuda220
PRO
4
620
Things You Thought You Didn’t Need To Care About That Have a Big Impact On Your Job
hollycummins
0
240
bootcamp2025_バックエンド研修_WebAPIサーバ作成.pdf
geniee_inc
0
120
Server Side Kotlin Meetup vol.16: 内部動作を理解して ハイパフォーマンスなサーバサイド Kotlin アプリケーションを書こう
ternbusty
3
220
ALL CODE BASE ARE BELONG TO STUDY
uzulla
25
6.4k
『毎日の移動』を支えるGoバックエンド内製開発
yutautsugi
2
260
株式会社 Sun terras カンパニーデック
sunterras
0
370
Google Opalで使える37のライブラリ
mickey_kubo
2
110
Featured
See All Featured
Designing for Performance
lara
610
69k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
The Cost Of JavaScript in 2023
addyosmani
55
9k
Rebuilding a faster, lazier Slack
samanthasiow
84
9.2k
YesSQL, Process and Tooling at Scale
rocio
173
14k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
620
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.5k
Making the Leap to Tech Lead
cromwellryan
135
9.6k
Side Projects
sachag
455
43k
How to train your dragon (web standard)
notwaldorf
97
6.3k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.1k
A better future with KSS
kneath
239
18k
Transcript
Access Control in Laravel
Access Control in Laravel
What is Access Control?
ACL 403 200
How to do that in Laravel?
public function index() { //check access if(Gate::denies('view-post-list')) { abort(403); }
$posts = Post::all(); return response()->json($posts); } denies allows check
But, where do I define the 'ability'?
class AuthServiceProvider extends ServiceProvider { ... public function boot(GateContract $gate)
{ $this->registerPolicies($gate); //Definition of access control $gate->define('view-post-list', function ($user) { return $user->isModerator(); }); } }
But I wan't to give access selectively
public function edit(Request $req, $id) { $post = Post::findOrFail($id); //check
access if(Gate::denies('edit-post',$post)) { abort(403); } return response()->json($post); }
Now, How to define this?!
$gate->define('edit-post', function ($user, $post){ return $user->id === $post->user_id; });
What if I'm a Super Admin?
$gate->before(function ($user, $ability){ if ($user->isSuperAdmin()) { return true; } });
How to log failed Gate checks?
$gate->after( function ($user, $ability, $result, $arguments){ if (!$result) { //Log
here } });
Cleaner way to define abilities
$gate->define('update-post', 'Class@method'); Defining in classes
php artisan make:policy PostPolicy Defining Policies
protected $policies = [ Post::class => PostPolicy::class, ]; Advantages Cleaner
Code Implicitly identifies Policy to use
Blade 'can'!
@can('edit-post', $post) <a href='{{ url('post.edit',$post->id) }}'>Edit Post</a> @else <a class='disabled'
href='{{ url('post.edit',$post->id) }}'> Edit Post </a> @endcan
Simple Implementation
Schema::create('users', function (Blueprint $table) { $table->increments('id'); $table->string('name'); $table->string('email')->unique(); $table->string('password'); $table->string('roles');
$table->rememberToken(); $table->timestamps(); }); Add roles to user
class User extends Authenticatable { ... protected $casts = [
'roles' => 'collection' ]; } Cast roles to Collection
$gate->define('create-post', function($user){ return $user->roles->contains('author'); }); Define the abilities
Now 'Gate!!!' public function create(Request $req) { //check access if(Gate::denies('create-post'))
{ abort(403); } return view('post.create'); }
Thank you! www.fareez.info
[email protected]