fereydooni/laravel-user-management
最新稳定版本:v1.1.0
Composer 安装命令:
composer require fereydooni/laravel-user-management
包简介
Dynamic user management for Laravel with attribute-based field and role definitions
README 文档
README
A comprehensive user management package for Laravel with Spatie's role-permission integration and attribute-based authorization.
Features
- User management with authentication
- Role and permission management using Spatie's package
- Attribute-based authorization with support for:
- Permission-based authorization
- Role-based authorization
- User type-based authorization
- Easy to use and configure
- Extensible architecture
Installation
composer require fereydooni/laravel-user-management
Publish the configuration file:
php artisan vendor:publish --tag=user-management-config
Configuration
The package configuration can be found in config/user-management.php. Here you can customize:
- Default roles
- Default permissions
- User model
- Attribute-based authorization settings
- Default user type
Usage
Basic User Management
use Fereydooni\LaravelUserManagement\Traits\HasPermissions; class User extends Authenticatable { use HasPermissions; // Set custom user type (optional) protected string $userType = 'admin'; }
Role and Permission Management
// Create a role $role = Role::create(['name' => 'writer']); // Create a permission $permission = Permission::create(['name' => 'edit articles']); // Assign permission to role $role->givePermissionTo($permission); // Assign role to user $user->assignRole('writer');
Attribute-Based Authorization
You can use attributes to protect your controller methods with various combinations of permissions, roles, and user types:
use Fereydooni\LaravelUserManagement\Attributes\Authorize; class ArticleController extends Controller { // Permission-based authorization #[Authorize(permission: 'view-articles')] public function index() { // Only users with 'view-articles' permission can access this } // Role-based authorization #[Authorize(role: 'editor')] public function create() { // Only users with 'editor' role can access this } // User type-based authorization #[Authorize(userType: 'manager')] public function manage() { // Only users of type 'manager' can access this } // Combined authorization #[Authorize(permission: 'edit-articles', role: 'editor', userType: 'manager')] public function edit() { // Only manager-type users with editor role and edit-articles permission can access this } }
Middleware
Register the middleware in your app/Http/Kernel.php:
protected $routeMiddleware = [ // ... 'authorize' => \Fereydooni\LaravelUserManagement\Middleware\AuthorizeAttribute::class, ];
Then use it in your routes:
Route::middleware('authorize')->group(function () { Route::get('/articles', [ArticleController::class, 'index']); Route::post('/articles', [ArticleController::class, 'store']); });
Examples
Checking Permissions
// Check if user has permission if ($user->hasPermissionTo('edit articles')) { // User can edit articles } // Check if user has specific role if ($user->hasRole('editor')) { // User has editor role } // Check if user is of specific type if ($user->getUserType() === 'manager') { // User is of type manager } // Check combined authorization if ($user->hasPermissionThroughAttribute('edit-articles', 'editor', 'manager')) { // User has all required permissions, roles, and type }
Registering Attribute Gates
// Register gates for attribute-based authorization User::registerAttributeGates();
Security
If you discover any security related issues, please email behnamfe76@gmail.com instead of using the issue tracker.
License
The MIT License (MIT). Please see License File for more information.
统计信息
- 总下载量: 6
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-04-24