Laravel 5 user groups management

You can look at the implementation of Sentry and see how they did it? I know there is a package called Entrust which does a good thing on role management and this is compatable with Laravel 5

Hi, Thanks for the response :)

Entrust database tables are different, concept is also different Sentry is also compatible with laravel 5 now but i want to get rid of sentry

1. in favor of easy auth
2. sentry runs too many queries, has too many exceptions
3. they don't want to maintain it anymore

Thanks.

Then you need to make your own implementation... Nobody is gonna make it for you ;) Unless Sentry will maintain it again

Hahaha

I am sure many people are in the same boat, so i am just trying to know if anyone else started making any progress towards it.

thanks though

@lorvent are you looking for permissions, roles management using L5's builtin auth?

I built my own and most of the development time was spent creating the necessary user facing options to control the roles. In my case I wanted to do this all based on route names so I created a middleware like this:

if ( ! $request->user()->hasRoute($action['as']))
 {
    return response('Unauthorized.', 401);
}
 return $next($request);

Then you can just make a new function hasRoute or a new trait would work as well depending on how you want to design it. In my case one user has many roles and one role has many actions. If you're wondering about how to do the database structure of this then this topic explains it quite well: https://laracasts.com/discuss/channels/requests/role-based-resources-management . Obviously modifying it to meet your use case.

Just a quick question: is response() = Response::json()? Does it return json?

@Ruffles no, the status code can still be utilized on the client side though.

Form other threads about more or less the same topic, i collected some links. Maybe there's something useful for you:

https://gist.github.com/drawmyattention/8cb599ee5dc0af5f4246

http://heera.it/laravel-5-0-acl-using-middleware#.VOefly6PNLl

https://github.com/caffeinated/shinobi/

https://github.com/cgrossde/Laraguard

in combo with:

https://github.com/romanbican/roles

@kodeine Yes, i want to manage user roles using l5 built in auth system.

thanks @frenzo for all the links.

Thanks all others for taking your time to reply me.

I'll second this link: http://heera.it/laravel-5-0-acl-using-middleware#.VOjMD1PF_CY

I've not tried it myself, but it's a very thorough post.

There's Lock too.

I've used https://github.com/efficiently/authority-controller based on https://github.com/machuga/authority-l4 by Machuga.

Good package if you like CanCan from Ruby On Rails.

@lorvent i am in a process of writing permissions/roles based on l5 built in auth. Middleware allows you to protect crud methods too.

ill try to finish and upload on github today.

@kodeine wow i am waiting :)

I do like http://heera.it/laravel-5-0-acl-using-middleware#.VOjMD1PF_CY solution, pretty self-explanatory

@lorvent i have uploaded laravel-acl at github. Let me know if you need anything changed. Feel free to give suggestions/improvements.

wow thats so fast!

You Rock @kodeine

only one change i am looking is database table names, you are using roles etc where as sentry uses groups etc https://github.com/cartalyst/sentry/tree/2.1/src/migrations

logic is also bit different

since mine is existing project...i want to use same names but we can run migrations to change table names aswell.

I have starred the repo.

@lorvent Just change migration file when you publish it.

no, we need to change many other things ex: internally it may used roles table somewhere....i need to edit all those files/code as well.

@lorvent i've pushed a commit so now you can define your own role/permission models and extend them to acl's. define models in config/acl.php. Also added migration publishing.

Does that help solve your issue? feel free and give any suggestions.

Updated wiki

@kodeine wow you are awesome :) Great work!

Much appreciated.

@lorvent thanks bud.

@kodeine nice work. Been working on a large attribute permission engine as well. Pain the ass. One thing that Laravel is missing is a well integrated comprehensive permission engine. Again nice work.

@nolros, you are right, it should have been built into L5. Well it was a nice experience to write permission engine. Thank you for your compliments. Really appreciate.

@kodeine mate, you are just in time with your solution. Well done!

@lorvent I though have a question for you. What exactly you did not like in approach by Entrust / Lock?

@rzimin, thanks bud. :)

@rzimin nothing like i don't like Entrust,

I already have a laravel 4 application using sentry and i have ported it to laravel 5

if i use anything other than sentry...i need to change database table names, logic aswell.

https://github.com/caffeinated/shinobi/

is good