Laravel ACL adds role based permissions to built in Auth System of Laravel 5. ACL middleware protects routes methods.
"psr-4": {
"App\\": "app/",
"Codebank\\Acl\\": "packages/Codebank/Acl/src/"
}
'providers' => [
'Codebank\Acl\AclServiceProvider',
],
protected $routeMiddleware = [
'acl' => 'Codebank\Acl\Middleware\Acl',
];
use Codebank\Acl\Traits\UserPermission;
class User extends Model implements AuthenticatableContract, CanResetPasswordContract {
use Authenticatable, CanResetPassword, UserPermission;
}
Route::group(['middleware' => ['auth', 'acl']], function()
{
Route::get('/contact', [
'uses' => 'ContactController@index',
'permission' => ['module' => 'contact', 'action' => 'view']
]);
Route::get('/contact/show', [
'uses' => 'ContactController@show',
'permission' => ['module' => 'contact', 'action' => 'show']
]);
Route::get('/contact/create', [
'uses' => 'ContactController@create',
'permission' => ['module' => 'contact', 'action' => 'create']
]);
Route::get('/contact/store', [
'uses' => 'ContactController@store',
'permission' => ['module' => 'contact', 'action' => 'store']
]);
Route::get('/contact/edit', [
'uses' => 'ContactController@edit',
'permission' => ['module' => 'contact', 'action' => 'edit']
]);
Route::get('/contact/update', [
'uses' => 'ContactController@update',
'permission' => ['module' => 'contact', 'action' => 'update']
]);
Route::get('/contact/destroy', [
'uses' => 'ContactController@destroy',
'permission' => ['module' => 'contact', 'action' => 'destroy']
]);
});
@if (!Auth::guest())
<ul class='dropdown-menu' role='menu'>
@if(auth()->user()->can('view', 'contact'))
<li><a href="{{ url('contact/show') }}">Show</a></li>
@endif
@if(auth()->user()->can('create', 'contact'))
<li><a href="{{ url('contact/create') }}">Create</a></li>
@endif
@if(auth()->user()->can('save', 'contact'))
<li><a href="{{ url('contact/store') }}">Store</a></li>
@endif
@if(auth()->user()->can('edit', 'contact'))
<li><a href="{{ url('contact/edit') }}">Edit</a></li>
@endif
@if(auth()->user()->can('update', 'contact'))
<li><a href="{{ url('contact/update') }}">Update</a></li>
@endif
@if(auth()->user()->can('delete', 'contact'))
<li><a href="{{ url('contact/destroy') }}">Destroy</a></li>
@endif
</ul>
@endif