Authorization no Laravel 5.1

Transcript

1. Authorization
   no Laravel 5.1
   

   View Slide

2. Hello!
   Programador
   Desenvolvedor web
   WebDesigner wannabe
   Leroy Merlin (Laravel)
   Sempre mais
   http://zizaco.net
   Luiz Fernando / Zizaco
   

   View Slide

3. ACL
   

   View Slide

4. 308 mil
   Instalações do Entrust
   

   View Slide

5. 308 mil
   Instalações do Entrust
   449 mil
   Instalações do Sentry
   12%
   Do total de instalações do
   Laravel
   

   View Slide

6. Taylor
   Otwell
   

   View Slide

7. O que é Laravel?
   "A framework is a set of classes (code)
   that embodies an abstract design for
   solutions to a family of related
   problems."
   - Brian Foote
   

   View Slide

8. O que é Laravel?
   A B
   C
   

   View Slide

9. O que é Laravel?
   A B
   C
   

   View Slide

10. https://laravel-news.com/2015/08/laravel-5-1-11-released-now-with-authorization/
    

    View Slide

11. Laravel's (5.1.11)
    Authorization
    

    View Slide

12. Gate (Portão)
    

    View Slide

13. Gate::allows('edit-post', $post);
    // true | false
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan
    Gate::forUser($user)->denies('edit-post', $post);
    // true | false
    

    View Slide

14. $gate->allows('edit-post', $post);
    // true | false
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan
    $user->can('edit-post', $post);
    // true | false
    

    View Slide

15. Ability
    Gate
    Polices
    (Capacidade)
    (Política)
    (Portão)
    

    View Slide

16. ( Live Coding )
    

    View Slide

17. Ability
    Gate
    Polices
    

    View Slide

18. ( Live Coding )
    

    View Slide

19. ...
    protected $abilities = [];
    protected $policies = [];
    function ($user, ...$params) { }
    Ability
    Gate
    class FooBarPolicy {
    public function ability($user, ...$params)
    Polices
    

    View Slide

20. Ability
    Gate
    Polices
    $gate->define('edit-post', function ($user, $post) {
    return $post->user_id === $user->id;
    });
    $gate->policy('App\Post', 'App\Policies\PostPolicy');
    class PostPolicy {
    public function edit($user, $post) {
    return $post->user_id === $user->id;
    

    View Slide

21. Gate
    Gate::allows('edit-post', $post);
    // true | false
    Gate::allows('edit', $post);
    // true | false
    @can('edit', $post);
    ...
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan
    

    View Slide

22. Mr. John Doe
    { Super Admin }
    [email protected]
    

    View Slide

23. Mr. John Doe
    { Super Admin }
    [email protected]
    Roles &
    Permissions ?
    

    View Slide

24. Mr. John Doe
    { Super Admin }
    [email protected]
    An Ability that
    check the Database
    

    View Slide

25. Ability
    Gate
    Polices
    Role (custom)
    Permission
    (custom)
    (Papel)
    (Permissão)
    

    View Slide

26. ( Live Coding )
    

    View Slide

27. Ability
    Gate
    Polices
    Role (custom)
    Permission
    (custom)
    

    View Slide

28. Ability
    Gate
    Polices
    Role (package)
    Permission
    (package)
    Entrust v2.0?
    

    View Slide

29. Mr. John Doe
    { Super Admin }
    [email protected]
    Perguntas?
    

    View Slide