Home>Article>Backend Development> Laravel permission control Gate Policy

Laravel permission control Gate Policy

不言
不言 Original
2018-06-05 09:46:04 2096browse

This article mainly introduces the Laravel permission control Gate Policy, which has certain reference value. Now I share it with everyone. Friends in need can refer to it

About permissions

The essence is to describe the judgment of whether to start production for an executable logical unit.

Definition There must be a user instance or unique identification parameter, and the usage resource associated with it. Usually a closure or function or method is used

Use to call the permission logical unit handle, parameter permission operation object, user information.

Source

The most basic permission control, ternary operator? :. Obviously conditional judgment, then jump to the corresponding execution logic.

Laravel’s idea is to separate execution logic (production code) and authorization (conditional judgment logic). Focus on the generation of conditions, and generally speaking, strengthen authorization logic (this is very useful for complex authorization). Postulate: All codes are started after the service registration is completed. So the following code will be registered. Its purpose is to find the logical body that truly authorizes judgment.

Gate::define('update articles', 'ArticlePolicy@update')

The first parameter is obviously just an authorization identifier (the handle parameter used to call), and the second parameter is the authorized logical execution body.

laravel authorization definition

Define authorization in thebootmethod ofAuthServiceProvider

Gate::define('update articles', function ($user, $article) { return $user->id == $article->user_id; }); Gate::define('update articles', 'ArticlePolicy@edit');
id == $article->author_id; } }

laravel authorized use

  1. Gate facade:Gate::allows('update articles', $article)andGate::denies('update articles', $article).

  2. Controller introduces

    traitAuthorizesRequests

    $this->authorize('update articles', $article).

  3. Blade template:@can('update articles', $article)and@cannot('update articles', $article)instruction.

  4. User Model Example:$user->can('update articles', $article)and$user->cannot('update articles', $article).

Laravel Policy

In order to easily define and use authorization, Laravel introduces Policy based on Gate. Each method within the policy will be registered with the description of the gate::define method. So this is why after using the policy class registration, even if the authorization logic is not defined with the Gate facade, the form of Gate::allow('strategy class method') can still be used in the controller to make authorization judgments.

First define the authorization mapping relationship in thepoliciesarray attribute ofAuthServiceProvider

/** * The policy mappings for the application. * * @var array */ protected $policies = [ Article::class => ArticlePolicy::class, ];
id == $article->author_id; } public function before($user, $ability) { if($user->isSuperAdmin()){ return true; } } }

Note:

Policy just adds aHandlesAuthorizationtrait based on ordinary PHP classes.

In Policy, it will be called before all methods are executed. It is often used to handle administrator authorization logic.

Related recommendations:

How Laravel uses gulp to build front-end resources

The above is the detailed content of Laravel permission control Gate Policy. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn