-
Notifications
You must be signed in to change notification settings - Fork 0
Working with roles and permissions
The whole auth and security implementation is done with the help of cartalyst/sentinel. Instead of using the Auth Facade to interact with the current auth session instead use the Sentinel Facade. You can look up all it`s functionality in the Sentinel Docs in the relevant links section of this article.
On top of this Vain provides another ServiceProvider (AuthServiceProvider) inside the user module which registers a sentinel-friendly UserResolver (i.e. to use with a injected request instance $request->user()) and PasswordBroker (handling password reset logic with sentinels Reminder` Facade), to make working with auth and security as convenient as possible.
If your module should provide its own permissions in the application permissions pool it has to register a new config file with only an array of the permission keys. Also, be sure to document it well. Here is an example taken out of the user´s permission.php config file:
<?php
return [
/*
|--------------------------------------------------------------------------
| User Permissions
|--------------------------------------------------------------------------
|
| These permissions handle the access to the user resources. These are
| generally considered static, so if you change them you can not expect
| the app to work properly.
|
*/
'user.users.show',
'user.users.edit',
'user.users.destroy',
...The registration of the config file can normally be done within a ServiceProvider. This code was taken from the ConfigServiceProvider of the user module. The config file itself has to be merged into the permission namespace like so:
public function register()
{
$this->mergeConfigFrom(
__DIR__.'/../Config/permission.php', 'permission'
);
...NOTE: For more information about naming conventions, see the naming conventions article in this wiki.
Any problems? Try our Troubleshooting page!