Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Authorization no Laravel 5.1

Zizaco
September 30, 2015

Authorization no Laravel 5.1

Authorization no Laravel 5.1

Vídeo da Apresentação (2015/09/30): https://www.youtube.com/watch?v=hJRt0BDF0Do

Luiz Fernando / Zizaco
http://zizaco.net
Leroy Merlin

ACL

308 mil
Instalações do Entrust
449 mil
Instalações do Sentry
12%
Do total de instalações do Laravel

Taylor Otwell

O que é Laravel?
"A framework is a set of classes (code) that embodies an abstract design for solutions to a family of related problems."
- Brian Foote

O que é Laravel?

Laravel's (5.1.11)
Authorization
https://laravel-news.com/2015/08/laravel-5-1-11-released-now-with-authorization/

Gate
(Portão)

Gate::allows('edit-post', $post);
// true | false

@can('edit-post', $post)
...
@else
...
@endcan

Gate::forUser($user)->denies('edit-post', $post);
// true | false

$gate->allows('edit-post', $post);
// true | false

$user->can('edit-post', $post);
// true | false

Ability (Capacidade)
Gate (Portão)
Polices (Política)

( Live Coding )

Roles & Permissions ?

An Ability that check the Database

Role (Papel)
Permission (Permissão)

( Live Coding )

Ability
Gate
Polices
Role (custom)
Permission (custom)

Role (package)
Permission (package)
Entrust v2.0?

Perguntas?

Zizaco

September 30, 2015
Tweet

More Decks by Zizaco

Other Decks in Technology

Transcript

  1. Authorization
    no Laravel 5.1

    View Slide

  2. Hello!
    Programador
    Desenvolvedor web
    WebDesigner wannabe
    Leroy Merlin (Laravel)
    Sempre mais
    http://zizaco.net
    Luiz Fernando / Zizaco

    View Slide

  3. ACL

    View Slide

  4. 308 mil
    Instalações do Entrust

    View Slide

  5. 308 mil
    Instalações do Entrust
    449 mil
    Instalações do Sentry
    12%
    Do total de instalações do
    Laravel

    View Slide

  6. Taylor
    Otwell

    View Slide

  7. O que é Laravel?
    "A framework is a set of classes (code)
    that embodies an abstract design for
    solutions to a family of related
    problems."
    - Brian Foote

    View Slide

  8. O que é Laravel?
    A B
    C

    View Slide

  9. O que é Laravel?
    A B
    C

    View Slide

  10. https://laravel-news.com/2015/08/laravel-5-1-11-released-now-with-authorization/

    View Slide

  11. Laravel's (5.1.11)
    Authorization

    View Slide

  12. Gate (Portão)

    View Slide

  13. Gate::allows('edit-post', $post);
    // true | false
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan
    Gate::forUser($user)->denies('edit-post', $post);
    // true | false

    View Slide

  14. $gate->allows('edit-post', $post);
    // true | false
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan
    $user->can('edit-post', $post);
    // true | false

    View Slide

  15. Ability
    Gate
    Polices
    (Capacidade)
    (Política)
    (Portão)

    View Slide

  16. ( Live Coding )

    View Slide

  17. Ability
    Gate
    Polices

    View Slide

  18. ( Live Coding )

    View Slide

  19. ...
    protected $abilities = [];
    protected $policies = [];
    function ($user, ...$params) { }
    Ability
    Gate
    class FooBarPolicy {
    public function ability($user, ...$params)
    Polices

    View Slide

  20. Ability
    Gate
    Polices
    $gate->define('edit-post', function ($user, $post) {
    return $post->user_id === $user->id;
    });
    $gate->policy('App\Post', 'App\Policies\PostPolicy');
    class PostPolicy {
    public function edit($user, $post) {
    return $post->user_id === $user->id;

    View Slide

  21. Gate
    Gate::allows('edit-post', $post);
    // true | false
    Gate::allows('edit', $post);
    // true | false
    @can('edit', $post);
    ...
    @can('edit-post', $post)
    ...
    @else
    ...
    @endcan

    View Slide

  22. Mr. John Doe
    { Super Admin }
    [email protected]

    View Slide

  23. Mr. John Doe
    { Super Admin }
    [email protected]
    Roles &
    Permissions ?

    View Slide

  24. Mr. John Doe
    { Super Admin }
    [email protected]
    An Ability that
    check the Database

    View Slide

  25. Ability
    Gate
    Polices
    Role (custom)
    Permission
    (custom)
    (Papel)
    (Permissão)

    View Slide

  26. ( Live Coding )

    View Slide

  27. Ability
    Gate
    Polices
    Role (custom)
    Permission
    (custom)

    View Slide

  28. Ability
    Gate
    Polices
    Role (package)
    Permission
    (package)
    Entrust v2.0?

    View Slide

  29. Mr. John Doe
    { Super Admin }
    [email protected]
    Perguntas?

    View Slide