laravel-persources expands on spatie/laravel-permission by connecting permissions with resources (models) and automagically generating and handling CRUD routes.
Let's say you have a model called Car
that you want to expose in your frontend:
php artisan make:persource Car list view create update delete
to generate the following:
Permissions, Routes and Views
Permission | Route | Views |
---|---|---|
cars.list | GET /cars | resources/persources/cars/list.blade.html |
cars.view | GET /cars/{id} | resources/persources/cars/view.blade.html |
cars.create | POST /cars/{id} | |
cars.update | PATCH /cars/{id} | |
cars.delete | DELETE /cars/{id} |
If a user who visits https://yourapp/cars
has the permission cars.list
either directly or indirectly via a role then the .../cars/list.blade.html
will be rendered. Otherwise, a 403 error will be returned.
Note that permissions are not created directly in the DB but a migration file is created that will add/remove the permissions. If you do not want a migration, then use the --noMigration
option.
Views are generated from stubs. You can override the stubs directory and use your own stubs by setting the config variable view_stubs_path
.
The package also recognizes permissions ending in
.read
to mean both list
and view
,
and permissions ending in
.write
to mean all of the following: list
, view
, create
, update
.
Resource
App\Persources\CarResource
This is the glue between your Car
model and the routes & views.
It allows you to fine tune what attributes of your model are passed to the views, which attributes can be edited, which views to use and much more.
Routes are generated at runtime. This means you will only have those routes that correspond to your resource's $permissions
attribute.
What if I already have permissions?
In this case, run:
php artisan make:persource Car none -Pmy.cars.read -Pmy.cars.update
Here, my.cars.read
and my.cars.update
are the existing permissions. Multiple permissions are possible.
Note: You can always add existing permissions to the resource's $permissions
attribute.
Prefixing permissions
If you want to prefix generated permissions, you can use the ´--prefix´ option:
php artisan make:persource User read write --prefix=admin
This will generate the permissions: admin.users.read
and admin.users.write
as well as the corresponding routes under admin/users/
.
You can install the package via composer:
composer require koellich/laravel-persources
You can publish the config file with:
php artisan vendor:publish --tag="persources-config"
This is the contents of the published config file:
return [
/*
|--------------------------------------------------------------------------
| Namespace
|--------------------------------------------------------------------------
|
| This is the namespace under which the Resources are generated.
|
*/
'resources_namespace' => env('PERSOURCES_RESOURCES_NAMESPACE', 'App\\Persources'),
/*
|--------------------------------------------------------------------------
| Route Root Path
|--------------------------------------------------------------------------
|
| This is the root path under which all persources routes will be generated.
| Change this to avoid collisions with your other routes.
|
*/
'route_root' => env('PERSOURCES_ROOT', ''),
/*
|--------------------------------------------------------------------------
| View Root Path
|--------------------------------------------------------------------------
|
| This is the path under which the view templates are generated in the
| resources path.
|
*/
'view_root' => env('PERSOURCES_VIEWS_ROOT', 'views/persources'),
/*
|--------------------------------------------------------------------------
| View Stubs Path
|--------------------------------------------------------------------------
|
| This is the path under which the view template stubs are located.
| If null, then the stubs from the persources package will be used.
|
| Set this to e.g.: base_path('stubs') and make sure the following
| files exist there: list.blade.php, view.blade.php
|
*/
'view_stubs_path' => env('PERSOURCES_VIEW_STUBS', null),
/*
|--------------------------------------------------------------------------
| Middleware Group
|--------------------------------------------------------------------------
|
| This is the middleware group that is used for the generated routes
|
*/
'middleware_group' => env('PERSOURCES_MIDDLEWARE_GROUP', 'web'),
/*
|--------------------------------------------------------------------------
| Admin Role
|--------------------------------------------------------------------------
|
| This is the Role which can access all resources regardless of permissions.
| Set this to null if you do not want to have an admin role.
|
*/
'admin_role' => env('PERSOURCES_ADMIN_PERMISSION', 'admin'),
];
composer test
Please see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see License File for more information.