Last active
June 5, 2024 01:01
-
-
Save dipenparmar12/adfab22505215adbc2541f4e61bd3e0e to your computer and use it in GitHub Desktop.
Laravel spatie cheatsheet, All methods handbook.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$user->assignRole('admin'); | |
$user->getAllPermissions(); | |
// Adding permissions to a user | |
$user->givePermissionTo('edit articles'); | |
// Adding permissions via a role | |
$user->assignRole('writer'); | |
$role->givePermissionTo('edit articles'); | |
$user->can('edit articles'); | |
//Blade directives: | |
@can('edit articles') | |
... | |
@endcan | |
/// A permission can be assigned to a role using 1 of these methods: | |
$role->givePermissionTo($permission); | |
$permission->assignRole($role); | |
/// Multiple permissions can be synced to a role using 1 of these methods: | |
$role->syncPermissions($permissions); | |
$permission->syncRoles($roles); | |
/// A permission can be removed from a role using 1 of these methods: | |
$role->revokePermissionTo($permission); | |
$permission->removeRole($role); | |
/// // get a list of all permissions directly assigned to the user | |
$permissionNames = $user->getPermissionNames(); // collection of name strings | |
$permissions = $user->permissions; // collection of permission objects | |
// get all permissions for the user, either directly, or from roles, or from both | |
$permissions = $user->getDirectPermissions(); | |
$permissions = $user->getPermissionsViaRoles(); | |
$permissions = $user->getAllPermissions(); | |
// get the names of the user's roles | |
$roles = $user->getRoleNames(); // Returns a collection | |
$users = User::role('writer')->get(); // Returns only users with the role 'writer' | |
$users = User::permission('edit articles')->get(); // Returns only users with the permission 'edit articles' (inherited or directly) | |
/// Eloquent | |
Since Role and Permission models are extended from Eloquent models, basic Eloquent calls can be used as well: | |
$all_users_with_all_their_roles = User::with('roles')->get(); | |
$all_users_with_all_direct_permissions = User::with('permissions')->get(); | |
$all_roles_in_database = Role::all()->pluck('name'); | |
/// A permission can be given to any user: | |
$user->givePermissionTo('edit articles'); | |
// You can also give multiple permission at once | |
$user->givePermissionTo('edit articles', 'delete articles'); | |
// You may also pass an array | |
$user->givePermissionTo(['edit articles', 'delete articles']); | |
A permission can be revoked from a user: | |
$user->revokePermissionTo('edit articles'); | |
Or revoke & add new permissions in one go: | |
$user->syncPermissions(['edit articles', 'delete articles']); | |
You can check if a user has a permission: | |
$user->hasPermissionTo('edit articles'); | |
Or you may pass an integer representing the permission id | |
$user->hasPermissionTo('1'); | |
$user->hasPermissionTo(Permission::find(1)->id); | |
$user->hasPermissionTo($somePermission->id); | |
You can check if a user has Any of an array of permissions: | |
$user->hasAnyPermission(['edit articles', 'publish articles', 'unpublish articles']); | |
…or if a user has All of an array of permissions: | |
$user->hasAllPermissions(['edit articles', 'publish articles', 'unpublish articles']); | |
You may also pass integers to lookup by permission id | |
$user->hasAnyPermission(['edit articles', 1, 5]); | |
Saved permissions will be registered with the Illuminate\Auth\Access\Gate class for the default guard. So you can check if a user has a permission with Laravel’s default can function: | |
$user->can('edit articles'); | |
//// A role can be assigned to any user: | |
$user->assignRole('writer'); | |
// You can also assign multiple roles at once | |
$user->assignRole('writer', 'admin'); | |
$user->assignRole(['writer', 'admin']); | |
$user->removeRole('writer'); | |
// All current roles will be removed from the user and replaced by the array given | |
$user->syncRoles(['writer', 'admin']); | |
$user->hasRole('writer'); | |
// or at least one role from an array of roles: | |
$user->hasRole(['editor', 'moderator']); | |
$user->hasAnyRole(['writer', 'reader']); | |
// or | |
$user->hasAnyRole('writer', 'reader'); | |
/// determine if a user has all of a given list of roles: | |
$user->hasAllRoles(Role::all()); | |
/// can be given to a role: | |
$role->givePermissionTo('edit articles'); | |
/// You can determine if a role has a certain permission: | |
$role->hasPermissionTo('edit articles'); | |
/// A permission can be revoked from a role: | |
$role->revokePermissionTo('edit articles'); | |
$role = Role::findByName('writer'); | |
$role->givePermissionTo('edit articles'); | |
$user->assignRole('writer'); | |
$user->givePermissionTo('delete articles'); | |
/// You can list all of these permissions: | |
// Direct permissions | |
$user->getDirectPermissions() // Or $user->permissions; | |
// Permissions inherited from the user's roles | |
$user->getPermissionsViaRoles(); | |
// All permissions which apply on the user (inherited and direct) | |
$user->getAllPermissions(); | |
@can('edit articles') | |
// | |
@endcan | |
or | |
@if(auth()->user()->can('edit articles') && $some_other_condition) | |
// | |
@endif | |
You can use @can, @cannot, @canany, and @guest to test for permission-related access. | |
Blade and Roles | |
Check for a specific role: | |
@role('writer') | |
I am a writer! | |
@else | |
I am not a writer... | |
@endrole | |
is the same as | |
@hasrole('writer') | |
I am a writer! | |
@else | |
I am not a writer... | |
@endhasrole | |
/// Check for any role in a list: | |
@hasanyrole($collectionOfRoles) | |
I have one or more of these roles! | |
@else | |
I have none of these roles... | |
@endhasanyrole | |
// or | |
@hasanyrole('writer|admin') | |
I am either a writer or an admin or both! | |
@else | |
I have none of these roles... | |
@endhasanyrole | |
//// Check for all roles: | |
@hasallroles($collectionOfRoles) | |
I have all of these roles! | |
@else | |
I do not have all of these roles... | |
@endhasallroles | |
// or | |
@hasallroles('writer|admin') | |
I am both a writer and an admin! | |
@else | |
I do not have all of these roles... | |
@endhasallroles | |
//// Alternatively, @unlessrole gives the reverse for checking a singular role, like this: | |
@unlessrole('does not have this role') | |
I do not have the role | |
@else | |
I do have the role | |
@endunlessrole | |
/////////////// | |
using Middlewares (app/Http/Kernel.php) | |
protected $routeMiddleware = [ | |
// ... | |
'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, | |
'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class, | |
'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class, | |
]; | |
Route::group(['middleware' => ['role:super-admin']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['permission:publish articles']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['role:super-admin','permission:publish articles']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['role_or_permission:super-admin|edit articles']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['role_or_permission:publish articles']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['role:super-admin|writer']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['permission:publish articles|edit articles']], function () { | |
// | |
}); | |
Route::group(['middleware' => ['role_or_permission:super-admin|edit articles']], function () { | |
// | |
}); | |
public function __construct() | |
{ | |
$this->middleware(['role:super-admin','permission:publish articles|edit articles']); | |
} | |
public function __construct() | |
{ | |
$this->middleware(['role_or_permission:super-admin|edit articles']); | |
} | |
php artisan permission:create-role writer | |
php artisan permission:create-permission "edit articles" | |
php artisan permission:cache-reset |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
i love it , thank u bro