Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to: implement sentry 2 permissions with Laravel 4?

I'm trying to use cartalyst sentry 2 in my site being built with Laravel 4. Basically I don't understand how to implement permissions.

The examples I've seen for permissions for a group specify the following as an example:

{
    "name" : "Administrator",
    "permissions" : 
    {
        "user.create" : 1,
        "user.delete" : 1,
        "user.view"   : 1,
        "user.update" : 1
    }
}

SO this is setting permissions for the admin group. BUT where are these permissions set?

In the table 'groups' there is a field called permissions which is a text field - are they set there - if so how? Or are these set in a model or controller?

Can anyone point me to s step by step on how to use in a laravel 4 app? I've read the supporting docs which foes through the functions but I'm just not sure how to set the data to get the functions to work.

like image 959
Ray Avatar asked Jun 09 '13 17:06

Ray


2 Answers

Basically you have to..

Create your groups

Sentry::getGroupProvider()->create([
    'name' => 'Super Administrators',
    'permissions' => [
        'system' => 1,
    ],
]);

Sentry::getGroupProvider()->create([
    'name' => 'Managers',
    'permissions' => [
        'system.products' => 1,
        'system.store' => 1,
        'system.profile' => 1,
    ],
]);

Set a group to a particular user, in this case it is setting Managers to the current logged user

Sentry::getUser()->addGroup( Sentry::getGroupProvider()->findByName('Managers') );

Check if a user has a particular access

if ( Sentry::getUser()->hasAnyAccess(['system','system.products']) )
{
    // Will be able to do a thing
}

Check if a user is Super Administrator (only this group has the 'system' access)

if ( Sentry::getUser()->hasAnyAccess(['system']) )
{
    // Will be able to do a thing
}

Get all groups from a particular user

try
{
    // Find the user using the user id
    $user = Sentry::getUserProvider()->findById(1);

    // Get the user groups
    $groups = $user->getGroups();
}
catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
{
    echo 'User was not found.';
}
like image 60
Antonio Carlos Ribeiro Avatar answered Nov 15 '22 12:11

Antonio Carlos Ribeiro


In your groups table you set the permissions using JSON.

I have the following columns:

id | name | permissions

And a row:

1 | admin | {"admin":1, "create_news": 1}

Assign a user to a group using the table users_groups

Now you can use the following example to check if a user have a given permission:

$user = Sentry::getUser();
if ($user->hasAccess('create_news')) {
    echo "You can create a news item";
}
else {
    echo "You can't create a news item";
}
like image 4
Patrick Reck Avatar answered Nov 15 '22 12:11

Patrick Reck