用这个包:
https://github.com/spatie/laravel-permission
1、安装:
composer require spatie/laravel-permission
在 Laravel 5.5 中 service provider 会自动注册,旧版本的Laravel中你需要像以下这样自行添加到 config/app.php 中:
'providers' => [
// ...
Spatie\Permission\PermissionServiceProvider::class,
];
#生成配置文件:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag="config"
#生成migrations文件
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag="migrations"
#生成数据库表
php artisan migrate
2、修改UserModel
在UserModel里面引入hasRoles这个trait,里面定义了一些关联关系。
D:\phpStudy\WWW\BCCKidAdmin\app\Models\User.php
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
····
3、在控制器里面使用,先引用他的主要文件,你也可以自己重写他的方法,不过他的方法已经非常完善了,直接使用即可。
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
补充的方法:
#判断某个用户是否拥有某个角色
$user->hasRole('writer');
#你也可以判断一个用户是否包含给定角色列表中的一个:
$user->hasAnyRole(Role::all());
#获取所有拥有这个角色的用户:
$users = User::role($role_name)->get();
#校验用户是否有指定 guard(可选参数) 的权限:
$user->hasPermissionTo('publish articles', 'admin');
#去除之前的角色,重新分配新角色
$user->syncRoles(['writer', 'admin']);
$role=Role::find($role_id);
#获取这个角色已经有的权限
$permissions = $role->permissions;
#获取这个角色没有的权限
$diffpermissions = Permission::whereNotIn('id', $permissions->pluck('id'))->get();
#你可以判断一个角色是否包含某个权限:
$role->hasPermissionTo('edit articles');
#清除现有权限及缓存,并重新分配权限,权限可以是数组
$role->syncPermissions($permissions);
#获取一个用户的所有权限,$user是User的一个实例
$permissions = $user->getAllPermissions();
#给用户分配角色,使其继承这个角色的的权限。
$user->assignRole('writer');
#给角色分配权限
$res = $role->givePermissionTo($permissions);
#给用户分配权限,三种方式都可以
$user->givePermissionTo('edit articles');
// You can also give multiple permission at once
$user->givePermissionTo('edit articles', 'delete articles');
// You may also pass an array
$user->givePermissionTo(['edit articles', 'delete articles']);
// 获取所有已定义的角色的集合
$roles = $user->getRoleNames(); // 返回一个集合
#可以使用下面其中一种方法将多个权限同步赋予到一个角色:
$role->syncPermissions($permissions);
$permission->syncRoles($roles);
#可以使用以下其中一种方法通过角色去删除权限:
$role->revokePermissionTo($permission);
$permission->removeRole($role);
role scope 接收一个字符串, \Spatie\Permission\Models\Role 对象或者 \Illuminate\Support\Collection 对象。
这个 trait 还增加了 scope 让你只能获取到具有某个权限的用户。
$users = User::permission('edit articles')->get(); // 只返回有 'edit articles' 权限的用户 (继承角色得来的或者是直接分配的)
在视图中使用:
@hasanyrole('inner-channel-user|super-channel-user')
<span class="iconfont tools-item-btn table-data-add">添加数据</span>
@endhasanyrole
@hasrole('writer')
I am a writer!
@else
I am not a writer...
@endhasrole
@hasallroles($collectionOfRoles)
I have all of these roles!
@else
I do not have all of these roles...
@endhasallroles
// or
@hasallroles('writer|admin')
I am both a writer and an admin!
@else
I do not have all of these roles...
@endhasallroles
@can('edit articles')
//
@endcan
实际使用:
D:\phpStudy\WWW\BCCKidAdmin\database\seeds\RolesAndPermissionsSeeder.php
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
...
public function run()
{
// 重置角色和权限的缓存
app()['cache']->forget('spatie.permission.cache');
\DB::statement('SET FOREIGN_KEY_CHECKS = 0');
Role::truncate();
\DB::table('model_has_permissions')->truncate();
\DB::table('role_has_permissions')->truncate();
Permission::truncate();
\DB::statement('SET FOREIGN_KEY_CHECKS = 1');
// 创建权限
Permission::create(['name' => 'add-customer', 'chinese_name' => '增加用户']);
Permission::create(['name' => 'delete-customer', 'chinese_name' => '删除用户信息']);
Permission::create(['name' => 'edit-customer', 'chinese_name' => '编辑用户详细信息']);
Permission::create(['name' => 'read-customer', 'chinese_name' => '查询,查看用户信息']);
Permission::create(['name' => 'add-intentcustomer', 'chinese_name' => '增加潜在客户']);
Permission::create(['name' => 'delete-intentcustomer', 'chinese_name' => '删除潜在客户信息']);
Permission::create(['name' => 'edit-intentcustomer', 'chinese_name' => '编辑潜在客户详细信息']);
Permission::create(['name' => 'read-intentcustomer', 'chinese_name' => '查询,查看潜在客户信息']);
Permission::create(['name' => 'add-resource', 'chinese_name' => '给用户添加资源']);
Permission::create(['name' => 'delete-resource', 'chinese_name' => '删除资源信息']);
Permission::create(['name' => 'edit-resource', 'chinese_name' => '编辑资源详细信息']);
Permission::create(['name' => 'read-resource', 'chinese_name' => '查询,查看资源信息']);
Permission::create(['name' => 'add-trace', 'chinese_name' => '增加用户跟踪']);
Permission::create(['name' => 'delete-trace', 'chinese_name' => '删除用户跟踪信息']);
Permission::create(['name' => 'edit-trace', 'chinese_name' => '编辑用户跟踪详细信息']);
Permission::create(['name' => 'read-trace', 'chinese_name' => '查询,查看用户跟踪信息']);
Permission::create(['name' => 'add-lesson', 'chinese_name' => '增加课程']);
Permission::create(['name' => 'delete-lesson', 'chinese_name' => '删除课程信息']);
Permission::create(['name' => 'edit-lesson', 'chinese_name' => '编辑课程详细信息']);
Permission::create(['name' => 'read-lesson', 'chinese_name' => '查询,查看课程信息']);
Permission::create(['name' => 'add-courseware', 'chinese_name' => '增加课件']);
Permission::create(['name' => 'delete-courseware', 'chinese_name' => '删除课件信息']);
Permission::create(['name' => 'edit-courseware', 'chinese_name' => '编辑课件详细信息']);
Permission::create(['name' => 'read-courseware', 'chinese_name' => '查询,查看课件信息']);
Permission::create(['name' => 'add-settlement', 'chinese_name' => '增加结算']);
Permission::create(['name' => 'delete-settlement', 'chinese_name' => '删除结算信息']);
Permission::create(['name' => 'edit-settlement', 'chinese_name' => '编辑结算详细信息']);
Permission::create(['name' => 'read-settlement', 'chinese_name' => '查询,查看结算信息']);
Permission::create(['name' => 'add-comment', 'chinese_name' => '增加评论']);
Permission::create(['name' => 'delete-comment', 'chinese_name' => '删除评论信息']);
Permission::create(['name' => 'edit-comment', 'chinese_name' => '编辑评论详细信息']);
Permission::create(['name' => 'read-comment', 'chinese_name' => '查询,查看评论信息']);
Permission::create(['name' => 'add-order', 'chinese_name' => '增加订单']);
Permission::create(['name' => 'delete-order', 'chinese_name' => '删除订单信息']);
Permission::create(['name' => 'edit-order', 'chinese_name' => '编辑订单详细信息']);
Permission::create(['name' => 'read-order', 'chinese_name' => '查询,查看订单信息']);
Permission::create(['name' => 'add-appointment', 'chinese_name' => '增加预约']);
Permission::create(['name' => 'delete-appointment', 'chinese_name' => '删除预约信息']);
Permission::create(['name' => 'edit-appointment', 'chinese_name' => '编辑预约详细信息']);
Permission::create(['name' => 'read-appointment', 'chinese_name' => '查询,查看预约信息']);
Permission::create(['name' => 'add-feedback', 'chinese_name' => '增加工单']);
Permission::create(['name' => 'delete-feedback', 'chinese_name' => '删除工单信息']);
Permission::create(['name' => 'edit-feedback', 'chinese_name' => '编辑工单详细信息']);
Permission::create(['name' => 'read-feedback', 'chinese_name' => '查询,查看工单信息']);
Permission::create(['name' => 'read-homedata', 'chinese_name' => '查询,查看主页信息']);
// 创建角色并赋予已创建的权限
$role = Role::create(['name' => 'super-admin', 'chinese_name' => '超级管理员']);
$role->givePermissionTo(Permission::all());
$role = Role::create(['name' => 'market', 'chinese_name' => '市场人员']);
$role->givePermissionTo(['add-intentcustomer', 'delete-intentcustomer', 'edit-intentcustomer', 'read-intentcustomer']);
$role = Role::create(['name' => 'editor', 'chinese_name' => '编辑']);
$role->givePermissionTo(['add-lesson', 'edit-lesson', 'read-lesson', 'add-courseware', 'delete-courseware', 'edit-courseware']);
$role = Role::create(['name' => 'operator', 'chinese_name' => '运营人员']);
$role->givePermissionTo(['add-customer', 'edit-customer', 'read-customer', 'add-resource', 'edit-resource', 'read-resource', 'add-comment', 'delete-comment', 'edit-comment', 'add-order', 'delete-order', 'edit-order', 'add-appointment', 'delete-appointment', 'edit-appointment', 'add-feedback', 'delete-feedback', 'edit-feedback']);
}
命令行执行:
php artisan tinker
(new RolesAndPermissionsSeeder)->run();
多guards应用参考官网介绍:
https://docs.spatie.be/laravel-permission/v3/basic-usage/basic-usage/