From 8eb5d4578ebb0deb3471df54fea5a475cf365830 Mon Sep 17 00:00:00 2001 From: Jeremys Date: Wed, 25 Oct 2017 16:26:15 +0200 Subject: [PATCH 1/5] Authentication with Role & Permission --- .gitignore | 1 + .../Controllers/Auth/RegisterController.php | 4 +- app/Http/Controllers/HomeController.php | 28 +++++ app/Http/Controllers/PostsController.php | 4 +- app/Http/Kernel.php | 56 +++++++--- app/{ => Model}/Category.php | 8 +- app/Model/Permission.php | 15 +++ app/{ => Model}/Post.php | 6 +- app/Model/Role.php | 15 +++ app/{ => Model}/User.php | 20 ++-- composer.json | 3 +- composer.lock | 70 +++++++++++- config/app.php | 5 +- config/auth.php | 3 +- config/entrust.php | 101 ++++++++++++++++++ config/services.php | 2 +- database/factories/CategoryFactory.php | 2 +- database/factories/PostsFactory.php | 6 +- database/factories/UserFactory.php | 3 +- .../2017_10_21_112415_create_posts_table.php | 6 -- ...10_24_195320_add_avatar_to_users_table.php | 32 ++++++ ...2017_10_25_135107_entrust_setup_tables.php | 77 +++++++++++++ database/seeds/DatabaseSeeder.php | 1 + database/seeds/PostsTableSeeder.php | 2 +- database/seeds/UserTableSeeder.php | 58 ++++++++++ package-lock.json | 18 ++-- resources/views/auth/login.blade.php | 69 ++++++++++++ .../views/auth/passwords/email.blade.php | 47 ++++++++ .../views/auth/passwords/reset.blade.php | 70 ++++++++++++ resources/views/auth/register.blade.php | 77 +++++++++++++ resources/views/home.blade.php | 23 ++++ resources/views/layouts/app.blade.php | 80 ++++++++++++++ routes/web.php | 7 +- 33 files changed, 863 insertions(+), 56 deletions(-) create mode 100644 app/Http/Controllers/HomeController.php rename app/{ => Model}/Category.php (60%) create mode 100644 app/Model/Permission.php rename app/{ => Model}/Post.php (86%) create mode 100644 app/Model/Role.php rename app/{ => Model}/User.php (53%) create mode 100644 config/entrust.php create mode 100644 database/migrations/2017_10_24_195320_add_avatar_to_users_table.php create mode 100644 database/migrations/2017_10_25_135107_entrust_setup_tables.php create mode 100644 database/seeds/UserTableSeeder.php create mode 100644 resources/views/auth/login.blade.php create mode 100644 resources/views/auth/passwords/email.blade.php create mode 100644 resources/views/auth/passwords/reset.blade.php create mode 100644 resources/views/auth/register.blade.php create mode 100644 resources/views/home.blade.php create mode 100644 resources/views/layouts/app.blade.php diff --git a/.gitignore b/.gitignore index b6a4b86..46369c4 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ Homestead.yaml npm-debug.log yarn-error.log .env +/360-dev.iml diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index f77265a..6cf01d6 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -2,7 +2,7 @@ namespace App\Http\Controllers\Auth; -use App\User; +use App\Model\User; use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Validator; use Illuminate\Foundation\Auth\RegistersUsers; @@ -58,7 +58,7 @@ protected function validator(array $data) * Create a new user instance after a valid registration. * * @param array $data - * @return \App\User + * @return \App\Model\User */ protected function create(array $data) { diff --git a/app/Http/Controllers/HomeController.php b/app/Http/Controllers/HomeController.php new file mode 100644 index 0000000..a3af7dd --- /dev/null +++ b/app/Http/Controllers/HomeController.php @@ -0,0 +1,28 @@ +middleware('auth'); + } + + /** + * Show the application dashboard. + * + * @return \Illuminate\Http\Response + */ + public function index() + { + return view('home'); + } +} diff --git a/app/Http/Controllers/PostsController.php b/app/Http/Controllers/PostsController.php index 5ade670..000a73f 100644 --- a/app/Http/Controllers/PostsController.php +++ b/app/Http/Controllers/PostsController.php @@ -1,8 +1,8 @@ [ - \App\Http\Middleware\EncryptCookies::class, - \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, - \Illuminate\Session\Middleware\StartSession::class, + EncryptCookies::class, + AddQueuedCookiesToResponse::class, + StartSession::class, // \Illuminate\Session\Middleware\AuthenticateSession::class, - \Illuminate\View\Middleware\ShareErrorsFromSession::class, - \App\Http\Middleware\VerifyCsrfToken::class, - \Illuminate\Routing\Middleware\SubstituteBindings::class, + ShareErrorsFromSession::class, + VerifyCsrfToken::class, + SubstituteBindings::class, ], 'api' => [ @@ -51,11 +70,14 @@ class Kernel extends HttpKernel * @var array */ protected $routeMiddleware = [ - 'auth' => \Illuminate\Auth\Middleware\Authenticate::class, - 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, - 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, - 'can' => \Illuminate\Auth\Middleware\Authorize::class, - 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, - 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, + 'auth' => Authenticate::class, + 'auth.basic' => AuthenticateWithBasicAuth::class, + 'bindings' => SubstituteBindings::class, + 'can' => Authorize::class, + 'guest' => RedirectIfAuthenticated::class, + 'throttle' => ThrottleRequests::class, + 'role' => EntrustRole::class, + 'permission' => EntrustPermission::class, + 'ability' => EntrustAbility::class ]; } diff --git a/app/Category.php b/app/Model/Category.php similarity index 60% rename from app/Category.php rename to app/Model/Category.php index 52ecfc0..fd07183 100644 --- a/app/Category.php +++ b/app/Model/Category.php @@ -1,10 +1,16 @@ hasMany(Post::class); } diff --git a/composer.json b/composer.json index 0d1b1a8..dcb7975 100644 --- a/composer.json +++ b/composer.json @@ -8,7 +8,8 @@ "php": ">=7.0.0", "fideloper/proxy": "~3.3", "laravel/framework": "5.5.*", - "laravel/tinker": "~1.0" + "laravel/tinker": "~1.0", + "zizaco/entrust": "^1.8" }, "require-dev": { "barryvdh/laravel-debugbar": "^3.1", diff --git a/composer.lock b/composer.lock index cd6d2a3..2ab91e1 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "8fcfb7266d5208c06f300886551d7dce", + "content-hash": "6b9096f05e51d68709c2685d83770324", "packages": [ { "name": "dnoegel/php-xdg-base-dir", @@ -2151,6 +2151,74 @@ "environment" ], "time": "2016-09-01T10:05:43+00:00" + }, + { + "name": "zizaco/entrust", + "version": "1.8.0", + "source": { + "type": "git", + "url": "https://github.com/Zizaco/entrust.git", + "reference": "992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Zizaco/entrust/zipball/992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09", + "reference": "992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09", + "shasum": "" + }, + "require": { + "illuminate/cache": "~5.0", + "illuminate/console": "~5.0", + "illuminate/support": "~5.0", + "php": ">=5.5.0" + }, + "require-dev": { + "illuminate/database": "~5.0", + "mockery/mockery": "dev-master", + "phpunit/phpunit": "~4.1", + "sami/sami": "dev-master" + }, + "type": "library", + "autoload": { + "classmap": [ + "src/commands" + ], + "psr-4": { + "Zizaco\\Entrust\\": "src/Entrust/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Andrew Elkins", + "homepage": "http://andrewelkins.com" + }, + { + "name": "Zizaco Zizuini", + "email": "zizaco@gmail.com" + }, + { + "name": "Ben Batschelet", + "homepage": "http://github.com/bbatsche" + }, + { + "name": "Michele Angioni", + "email": "michele.angioni@gmail.com" + } + ], + "description": "This package provides a flexible way to add Role-based Permissions to Laravel", + "keywords": [ + "acl", + "auth", + "illuminate", + "laravel", + "permission", + "roles" + ], + "time": "2016-12-29T06:24:46+00:00" } ], "packages-dev": [ diff --git a/config/app.php b/config/app.php index b81fb73..3bad204 100644 --- a/config/app.php +++ b/config/app.php @@ -168,6 +168,8 @@ * Package Service Providers... */ + Zizaco\Entrust\EntrustServiceProvider::class, + /* * Application Service Providers... */ @@ -228,7 +230,8 @@ 'View' => Illuminate\Support\Facades\View::class, // Project aliases - 'Menu' => \App\Helpers\MenuHelper::class + 'Menu' => \App\Helpers\MenuHelper::class, + 'Entrust' => Zizaco\Entrust\EntrustFacade::class ], ]; diff --git a/config/auth.php b/config/auth.php index 7817501..1d25fe7 100644 --- a/config/auth.php +++ b/config/auth.php @@ -67,7 +67,8 @@ 'providers' => [ 'users' => [ 'driver' => 'eloquent', - 'model' => App\User::class, + 'model' => App\Model\User::class, + 'table' => 'users' ], // 'users' => [ diff --git a/config/entrust.php b/config/entrust.php new file mode 100644 index 0000000..4f00469 --- /dev/null +++ b/config/entrust.php @@ -0,0 +1,101 @@ + 'App\Model\Role', + + /* + |-------------------------------------------------------------------------- + | Entrust Roles Table + |-------------------------------------------------------------------------- + | + | This is the roles table used by Entrust to save roles to the database. + | + */ + 'roles_table' => 'roles', + + /* + |-------------------------------------------------------------------------- + | Application User Model + |-------------------------------------------------------------------------- + | + | This is the User model used by Entrust to create correct relations. + | Update the User if it is in a different namespace. + | + */ + 'user' => 'App\Model\User', + + /* + |-------------------------------------------------------------------------- + | Application Users Table + |-------------------------------------------------------------------------- + | + | This is the users table used by the application to save users to the + | database. + | + */ + 'users_table' => 'users', + + /* + |-------------------------------------------------------------------------- + | Entrust Permission Model + |-------------------------------------------------------------------------- + | + | This is the Permission model used by Entrust to create correct relations. + | Update the permission if it is in a different namespace. + | + */ + 'permission' => 'App\Model\Permission', + + /* + |-------------------------------------------------------------------------- + | Entrust Permissions Table + |-------------------------------------------------------------------------- + | + | This is the permissions table used by Entrust to save permissions to the + | database. + | + */ + 'permissions_table' => 'permissions', + + /* + |-------------------------------------------------------------------------- + | Entrust permission_role Table + |-------------------------------------------------------------------------- + | + | This is the permission_role table used by Entrust to save relationship + | between permissions and roles to the database. + | + */ + 'permission_role_table' => 'permission_role', + + /* + |-------------------------------------------------------------------------- + | Entrust role_user Table + |-------------------------------------------------------------------------- + | + | This is the role_user table used by Entrust to save assigned roles to the + | database. + | + */ + 'role_user_table' => 'role_user', + + +]; diff --git a/config/services.php b/config/services.php index 4460f0e..2a2f05d 100644 --- a/config/services.php +++ b/config/services.php @@ -30,7 +30,7 @@ ], 'stripe' => [ - 'model' => App\User::class, + 'model' => App\Model\User::class, 'key' => env('STRIPE_KEY'), 'secret' => env('STRIPE_SECRET'), ], diff --git a/database/factories/CategoryFactory.php b/database/factories/CategoryFactory.php index f2c0835..e301454 100644 --- a/database/factories/CategoryFactory.php +++ b/database/factories/CategoryFactory.php @@ -13,7 +13,7 @@ | */ -$factory->define(App\Category::class, function (Faker $faker) { +$factory->define(App\Model\Category::class, function (Faker $faker) { return [ 'name' => $faker->name, diff --git a/database/factories/PostsFactory.php b/database/factories/PostsFactory.php index 25a72b4..e899e9d 100644 --- a/database/factories/PostsFactory.php +++ b/database/factories/PostsFactory.php @@ -13,7 +13,7 @@ | */ -$factory->define(App\Post::class, function (Faker $faker) { +$factory->define(App\Model\Post::class, function (Faker $faker) { return [ 'name' => $faker->name, @@ -21,10 +21,10 @@ 'content' => $faker->text(1000), 'image' => $faker->imageUrl(), 'category_id' => function () { - return factory(\App\Category::class)->create()->id; + return factory(\App\Model\Category::class)->create()->id; }, 'user_id' => function () { - return factory(\App\User::class)->create()->id; + return factory(\App\Model\User::class)->create()->id; } ]; }); diff --git a/database/factories/UserFactory.php b/database/factories/UserFactory.php index 008e952..9712f8c 100644 --- a/database/factories/UserFactory.php +++ b/database/factories/UserFactory.php @@ -13,7 +13,7 @@ | */ -$factory->define(App\User::class, function (Faker $faker) { +$factory->define(App\Model\User::class, function (Faker $faker) { static $password; return [ @@ -21,5 +21,6 @@ 'email' => $faker->unique()->safeEmail, 'password' => $password ?: $password = bcrypt('secret'), 'remember_token' => str_random(10), + 'avatar' => $faker->imageUrl() ]; }); diff --git a/database/migrations/2017_10_21_112415_create_posts_table.php b/database/migrations/2017_10_21_112415_create_posts_table.php index b71a62d..7805a8c 100644 --- a/database/migrations/2017_10_21_112415_create_posts_table.php +++ b/database/migrations/2017_10_21_112415_create_posts_table.php @@ -37,11 +37,6 @@ public function up() $table->index(['category_id', 'user_id']); $table->timestamps(); }); - - Schema::create('roles', function(Blueprint $table) { - $table->increments('id'); - $table->string('name'); - }); } /** @@ -53,6 +48,5 @@ public function down() { Schema::dropIfExists('posts'); Schema::dropIfExists('categories'); - Schema::dropIfExists('roles'); } } diff --git a/database/migrations/2017_10_24_195320_add_avatar_to_users_table.php b/database/migrations/2017_10_24_195320_add_avatar_to_users_table.php new file mode 100644 index 0000000..47486e9 --- /dev/null +++ b/database/migrations/2017_10_24_195320_add_avatar_to_users_table.php @@ -0,0 +1,32 @@ +string('avatar')->nullable(); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('users', function (Blueprint $table) { + $table->dropColumn('avatar'); + }); + } +} diff --git a/database/migrations/2017_10_25_135107_entrust_setup_tables.php b/database/migrations/2017_10_25_135107_entrust_setup_tables.php new file mode 100644 index 0000000..5dded60 --- /dev/null +++ b/database/migrations/2017_10_25_135107_entrust_setup_tables.php @@ -0,0 +1,77 @@ +increments('id'); + $table->string('name')->unique(); + $table->string('display_name')->nullable(); + $table->string('description')->nullable(); + $table->timestamps(); + }); + + // Create table for associating roles to users (Many-to-Many) + Schema::create('role_user', function (Blueprint $table) { + $table->integer('user_id')->unsigned(); + $table->integer('role_id')->unsigned(); + + $table->foreign('user_id')->references('id')->on('users') + ->onUpdate('cascade')->onDelete('cascade'); + $table->foreign('role_id')->references('id')->on('roles') + ->onUpdate('cascade')->onDelete('cascade'); + + $table->primary(['user_id', 'role_id']); + }); + + // Create table for storing permissions + Schema::create('permissions', function (Blueprint $table) { + $table->increments('id'); + $table->string('name')->unique(); + $table->string('display_name')->nullable(); + $table->string('description')->nullable(); + $table->timestamps(); + }); + + // Create table for associating permissions to roles (Many-to-Many) + Schema::create('permission_role', function (Blueprint $table) { + $table->integer('permission_id')->unsigned(); + $table->integer('role_id')->unsigned(); + + $table->foreign('permission_id')->references('id')->on('permissions') + ->onUpdate('cascade')->onDelete('cascade'); + $table->foreign('role_id')->references('id')->on('roles') + ->onUpdate('cascade')->onDelete('cascade'); + + $table->primary(['permission_id', 'role_id']); + }); + + DB::commit(); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::drop('permission_role'); + Schema::drop('permissions'); + Schema::drop('role_user'); + Schema::drop('roles'); + } +} diff --git a/database/seeds/DatabaseSeeder.php b/database/seeds/DatabaseSeeder.php index b96ae0a..7dc0dcb 100644 --- a/database/seeds/DatabaseSeeder.php +++ b/database/seeds/DatabaseSeeder.php @@ -12,5 +12,6 @@ class DatabaseSeeder extends Seeder public function run() { $this->call(PostsTableSeeder::class); + $this->call(UserTableSeeder::class); } } diff --git a/database/seeds/PostsTableSeeder.php b/database/seeds/PostsTableSeeder.php index 903637b..e2e630f 100644 --- a/database/seeds/PostsTableSeeder.php +++ b/database/seeds/PostsTableSeeder.php @@ -14,6 +14,6 @@ class PostsTableSeeder extends Seeder */ public function run() { - factory(\App\Post::class, 50)->create(); + factory(\App\Model\Post::class, 50)->create(); } } diff --git a/database/seeds/UserTableSeeder.php b/database/seeds/UserTableSeeder.php new file mode 100644 index 0000000..5781b33 --- /dev/null +++ b/database/seeds/UserTableSeeder.php @@ -0,0 +1,58 @@ +create(); + + //TODO: Exemple d'utilisation du système de role et de permission + $user = new Role(); + $user->name = 'user'; + $user->display_name = 'Classic User'; + $user->description = 'All user registered'; + $user->save(); + + $admin = new Role(); + $admin->name = 'admin'; + $admin->display_name = 'Administrator'; + $admin->description = 'User is allowed to manage and edit users'; + $admin->save(); + + $redactor = new Role(); + $redactor->name = 'redactor'; + $redactor->display_name = 'Redactor'; + $redactor->description = 'User can write a post'; + $redactor->save(); + + $editUser = new Permission(); + $editUser->name = 'edit-user'; + $editUser->display_name = "Edit Users"; + $editUser->description = 'Edit existing users'; + $editUser->save(); + + $createPost = new Permission(); + $createPost->name = 'create-post'; + $createPost->display_name = 'Create Posts'; + $createPost->description = 'Create new post'; + $createPost->save(); + + $redactor->attachPermission($createPost); + $admin->attachPermissions([$createPost, $editUser]); + + $users = User::get(); + $users[0]->attachRole($user); + $users[1]->attachRole($admin); + $users[2]->attachRole($redactor); + } +} diff --git a/package-lock.json b/package-lock.json index 7088372..9789b69 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9670,15 +9670,6 @@ "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=", "dev": true }, - "string_decoder": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", - "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==", - "dev": true, - "requires": { - "safe-buffer": "5.1.1" - } - }, "string-length": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/string-length/-/string-length-1.0.1.tgz", @@ -9699,6 +9690,15 @@ "strip-ansi": "3.0.1" } }, + "string_decoder": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz", + "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==", + "dev": true, + "requires": { + "safe-buffer": "5.1.1" + } + }, "stringstream": { "version": "0.0.5", "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz", diff --git a/resources/views/auth/login.blade.php b/resources/views/auth/login.blade.php new file mode 100644 index 0000000..07924ce --- /dev/null +++ b/resources/views/auth/login.blade.php @@ -0,0 +1,69 @@ +@extends('layouts.app') + +@section('content') +
+
+
+
+
Login
+ +
+
+ {{ csrf_field() }} + +
+ + +
+ + + @if ($errors->has('email')) + + {{ $errors->first('email') }} + + @endif +
+
+ +
+ + +
+ + + @if ($errors->has('password')) + + {{ $errors->first('password') }} + + @endif +
+
+ +
+
+
+ +
+
+
+ +
+
+ + + + Forgot Your Password? + +
+
+
+
+
+
+
+
+@endsection diff --git a/resources/views/auth/passwords/email.blade.php b/resources/views/auth/passwords/email.blade.php new file mode 100644 index 0000000..ad38245 --- /dev/null +++ b/resources/views/auth/passwords/email.blade.php @@ -0,0 +1,47 @@ +@extends('layouts.app') + +@section('content') +
+
+
+
+
Reset Password
+ +
+ @if (session('status')) +
+ {{ session('status') }} +
+ @endif + +
+ {{ csrf_field() }} + +
+ + +
+ + + @if ($errors->has('email')) + + {{ $errors->first('email') }} + + @endif +
+
+ +
+
+ +
+
+
+
+
+
+
+
+@endsection diff --git a/resources/views/auth/passwords/reset.blade.php b/resources/views/auth/passwords/reset.blade.php new file mode 100644 index 0000000..84ec010 --- /dev/null +++ b/resources/views/auth/passwords/reset.blade.php @@ -0,0 +1,70 @@ +@extends('layouts.app') + +@section('content') +
+
+
+
+
Reset Password
+ +
+
+ {{ csrf_field() }} + + + +
+ + +
+ + + @if ($errors->has('email')) + + {{ $errors->first('email') }} + + @endif +
+
+ +
+ + +
+ + + @if ($errors->has('password')) + + {{ $errors->first('password') }} + + @endif +
+
+ +
+ +
+ + + @if ($errors->has('password_confirmation')) + + {{ $errors->first('password_confirmation') }} + + @endif +
+
+ +
+
+ +
+
+
+
+
+
+
+
+@endsection diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php new file mode 100644 index 0000000..38eef83 --- /dev/null +++ b/resources/views/auth/register.blade.php @@ -0,0 +1,77 @@ +@extends('layouts.app') + +@section('content') +
+
+
+
+
Register
+ +
+
+ {{ csrf_field() }} + +
+ + +
+ + + @if ($errors->has('name')) + + {{ $errors->first('name') }} + + @endif +
+
+ +
+ + +
+ + + @if ($errors->has('email')) + + {{ $errors->first('email') }} + + @endif +
+
+ +
+ + +
+ + + @if ($errors->has('password')) + + {{ $errors->first('password') }} + + @endif +
+
+ +
+ + +
+ +
+
+ +
+
+ +
+
+
+
+
+
+
+
+@endsection diff --git a/resources/views/home.blade.php b/resources/views/home.blade.php new file mode 100644 index 0000000..d8437bf --- /dev/null +++ b/resources/views/home.blade.php @@ -0,0 +1,23 @@ +@extends('layouts.app') + +@section('content') +
+
+
+
+
Dashboard
+ +
+ @if (session('status')) +
+ {{ session('status') }} +
+ @endif + + You are logged in! +
+
+
+
+
+@endsection diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php new file mode 100644 index 0000000..6d3bf22 --- /dev/null +++ b/resources/views/layouts/app.blade.php @@ -0,0 +1,80 @@ + + + + + + + + + + + {{ config('app.name', 'Laravel') }} + + + + + +
+ + + @yield('content') +
+ + + + + diff --git a/routes/web.php b/routes/web.php index 2164b9f..c98aff4 100644 --- a/routes/web.php +++ b/routes/web.php @@ -17,4 +17,9 @@ })->name('root'); Route::resource('blog', 'PostsController'); -Route::get('blog/categorie/{slug}', 'PostsController@category')->name('blog.category'); \ No newline at end of file +Route::get('blog/categorie/{slug}', 'PostsController@category')->name('blog.category'); + +// Authentication +Auth::routes(); + +Route::get('/home', 'HomeController@index')->name('home'); From 1017d5517e879a7f7d22a34b42fe06937632360d Mon Sep 17 00:00:00 2001 From: Jeremys Date: Thu, 26 Oct 2017 06:01:01 +0200 Subject: [PATCH 2/5] Add verify mail for registration --- .../Auth/ForgotPasswordController.php | 30 ++++++++- app/Http/Controllers/Auth/LoginController.php | 16 ++++- .../Controllers/Auth/RegisterController.php | 39 +++++++++++- app/Http/Kernel.php | 6 +- app/Notifications/RegisteredUser.php | 61 +++++++++++++++++++ composer.lock | 10 +-- ...035256_add_verify_token_to_users_table.php | 32 ++++++++++ routes/web.php | 1 + 8 files changed, 184 insertions(+), 11 deletions(-) create mode 100644 app/Notifications/RegisteredUser.php create mode 100644 database/migrations/2017_10_26_035256_add_verify_token_to_users_table.php diff --git a/app/Http/Controllers/Auth/ForgotPasswordController.php b/app/Http/Controllers/Auth/ForgotPasswordController.php index 6a247fe..1326cf9 100644 --- a/app/Http/Controllers/Auth/ForgotPasswordController.php +++ b/app/Http/Controllers/Auth/ForgotPasswordController.php @@ -4,6 +4,10 @@ use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\SendsPasswordResetEmails; +use Illuminate\Http\JsonResponse; +use Illuminate\Http\RedirectResponse; +use Illuminate\Http\Request; +use Illuminate\Support\Facades\Password; class ForgotPasswordController extends Controller { @@ -23,10 +27,34 @@ class ForgotPasswordController extends Controller /** * Create a new controller instance. * - * @return void */ public function __construct() { $this->middleware('guest'); } + + /** + * Send a reset link to the given user. + * + * @param Request $request + * @return RedirectResponse|JsonResponse + */ + public function sendResetLinkEmail(Request $request) + { + $this->validateEmail($request); + + // We will send the password reset link to this user. Once we have attempted + // to send the link, we will examine the response then see the message we + // need to show to the user. Finally, we'll send out a proper response. + $response = $this->broker()->sendResetLink( + array_merge( + $request->only('email'), + ['verify_token' => null] + ) + ); + + return $response == Password::RESET_LINK_SENT + ? $this->sendResetLinkResponse($response) + : $this->sendResetLinkFailedResponse($request, $response); + } } diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php index b2ea669..69f2f36 100644 --- a/app/Http/Controllers/Auth/LoginController.php +++ b/app/Http/Controllers/Auth/LoginController.php @@ -4,6 +4,7 @@ use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\AuthenticatesUsers; +use Illuminate\Http\Request; class LoginController extends Controller { @@ -30,10 +31,23 @@ class LoginController extends Controller /** * Create a new controller instance. * - * @return void */ public function __construct() { $this->middleware('guest')->except('logout'); } + + /** + * Get the needed authorization credentials from the request. + * + * @param Request $request + * @return array + */ + protected function credentials(Request $request) + { + return array_merge( + $request->only($this->username(), 'password'), + ['verify_token' => null] + ); + } } diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 6cf01d6..04c32b7 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -4,6 +4,10 @@ use App\Model\User; use App\Http\Controllers\Controller; +use App\Notifications\RegisteredUser; +use Illuminate\Auth\Events\Registered; +use Illuminate\Http\Request; +use Illuminate\Routing\Redirector; use Illuminate\Support\Facades\Validator; use Illuminate\Foundation\Auth\RegistersUsers; @@ -32,13 +36,46 @@ class RegisterController extends Controller /** * Create a new controller instance. * - * @return void */ public function __construct() { $this->middleware('guest'); } + /** + * Handle a registration request for the application. + * + * @param Request $request + * @return \Illuminate\Http\Response + */ + public function register(Request $request) + { + $this->validator($request->all())->validate(); + event(new Registered($user = $this->create($request->all()))); + $user->notify(new RegisteredUser()); + return $this->registered($request, $user) + ?: redirect($this->redirectPath()); + } + + /** + * Verify the email adress with token + * + * @param int $id + * @param string $token + * @return Redirector + */ + public function confirm(int $id, string $token) + { + $user = User::where([['id', $id], ['verify_token', $token]])->first(); + if ($user) { + $user->update(['veriffy_token' => null]); + $this->guard()->login($user); + return redirect($this->redirectPath()); + } else { + return redirect('/login')->with('error', 'Ce lien n\'est pas valide'); + } + } + /** * Get a validator for an incoming registration request. * diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index cccb424..ff7e5d1 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -19,9 +19,9 @@ use Illuminate\Routing\Middleware\ThrottleRequests; use Illuminate\Session\Middleware\StartSession; use Illuminate\View\Middleware\ShareErrorsFromSession; -use Zizaco\Entrust\Middleware\{ - EntrustAbility, EntrustPermission, EntrustRole -}; +use Zizaco\Entrust\Middleware\EntrustAbility; +use Zizaco\Entrust\Middleware\EntrustPermission; +use Zizaco\Entrust\Middleware\EntrustRole; class Kernel extends HttpKernel { diff --git a/app/Notifications/RegisteredUser.php b/app/Notifications/RegisteredUser.php new file mode 100644 index 0000000..2d8e2d0 --- /dev/null +++ b/app/Notifications/RegisteredUser.php @@ -0,0 +1,61 @@ +success() + ->subject('Inscription sur ' . env('APP_NAME')) + ->line('Votre compte à bien été créé, merci de confirmer votre adresse mail en cliquant sur le bouton suivant') + ->action('Confirmer mon adresse mail', route('auth.confirm', [$notifiable->id, urlencode($notifiable->verify_token)])) + ->line('Merci de votre inscrption'); + } + + /** + * Get the array representation of the notification + * + * @param mixed $notifiable + * @return array + */ + public function toArray($notifiable): array + { + return [ + // + ]; + } +} diff --git a/composer.lock b/composer.lock index 2ab91e1..696b519 100644 --- a/composer.lock +++ b/composer.lock @@ -405,16 +405,16 @@ }, { "name": "laravel/framework", - "version": "v5.5.18", + "version": "v5.5.19", "source": { "type": "git", "url": "https://github.com/laravel/framework.git", - "reference": "1cc21baac11551377734b8c17ead17db4c34fe21" + "reference": "c678100e84934ec85c9f8bc26bd0a60222682719" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/laravel/framework/zipball/1cc21baac11551377734b8c17ead17db4c34fe21", - "reference": "1cc21baac11551377734b8c17ead17db4c34fe21", + "url": "https://api.github.com/repos/laravel/framework/zipball/c678100e84934ec85c9f8bc26bd0a60222682719", + "reference": "c678100e84934ec85c9f8bc26bd0a60222682719", "shasum": "" }, "require": { @@ -532,7 +532,7 @@ "framework", "laravel" ], - "time": "2017-10-19T12:50:26+00:00" + "time": "2017-10-25T19:10:45+00:00" }, { "name": "laravel/tinker", diff --git a/database/migrations/2017_10_26_035256_add_verify_token_to_users_table.php b/database/migrations/2017_10_26_035256_add_verify_token_to_users_table.php new file mode 100644 index 0000000..1174dd7 --- /dev/null +++ b/database/migrations/2017_10_26_035256_add_verify_token_to_users_table.php @@ -0,0 +1,32 @@ +string('verify_token')->nullable(); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('users', function (Blueprint $table) { + $table->dropColumn('verify_token'); + }); + } +} diff --git a/routes/web.php b/routes/web.php index c98aff4..93d2f50 100644 --- a/routes/web.php +++ b/routes/web.php @@ -21,5 +21,6 @@ // Authentication Auth::routes(); +Route::get('/verify/{id}/{token}', 'Auth/RegisterController@confirm')->name('auth.confirm'); Route::get('/home', 'HomeController@index')->name('home'); From f226368059cdd7f44e95175519b3ab277ee5ca42 Mon Sep 17 00:00:00 2001 From: Jeremys Date: Sat, 28 Oct 2017 22:35:21 +0200 Subject: [PATCH 3/5] Ajout d'un front-end Admin pour tester les permissions/roles --- app/Concern/Admin/TraitAdminController.php | 108 ++++++++++++++++++ .../Admin/PermissionController.php | 15 +++ app/Http/Controllers/Admin/PostController.php | 15 +++ app/Http/Controllers/Admin/RoleController.php | 15 +++ app/Http/Controllers/Admin/UserController.php | 27 +++++ .../Controllers/Auth/RegisterController.php | 11 ++ app/Notifications/RegisteredUser.php | 10 +- .../views/admin/permission/form.blade.php | 11 ++ .../views/admin/permission/index.blade.php | 53 +++++++++ .../views/admin/permission/show.blade.php | 8 ++ resources/views/admin/role/form.blade.php | 11 ++ resources/views/admin/role/index.blade.php | 53 +++++++++ resources/views/admin/role/show.blade.php | 8 ++ resources/views/admin/user/form.blade.php | 11 ++ resources/views/admin/user/index.blade.php | 59 ++++++++++ resources/views/admin/user/show.blade.php | 8 ++ resources/views/auth/login.blade.php | 4 +- .../views/auth/passwords/email.blade.php | 4 +- .../views/auth/passwords/reset.blade.php | 4 +- resources/views/auth/register.blade.php | 4 +- resources/views/partials/navbar.blade.php | 39 ++++++- routes/web.php | 31 ++++- 22 files changed, 494 insertions(+), 15 deletions(-) create mode 100644 app/Concern/Admin/TraitAdminController.php create mode 100644 app/Http/Controllers/Admin/PermissionController.php create mode 100644 app/Http/Controllers/Admin/PostController.php create mode 100644 app/Http/Controllers/Admin/RoleController.php create mode 100644 app/Http/Controllers/Admin/UserController.php create mode 100644 resources/views/admin/permission/form.blade.php create mode 100644 resources/views/admin/permission/index.blade.php create mode 100644 resources/views/admin/permission/show.blade.php create mode 100644 resources/views/admin/role/form.blade.php create mode 100644 resources/views/admin/role/index.blade.php create mode 100644 resources/views/admin/role/show.blade.php create mode 100644 resources/views/admin/user/form.blade.php create mode 100644 resources/views/admin/user/index.blade.php create mode 100644 resources/views/admin/user/show.blade.php diff --git a/app/Concern/Admin/TraitAdminController.php b/app/Concern/Admin/TraitAdminController.php new file mode 100644 index 0000000..031d332 --- /dev/null +++ b/app/Concern/Admin/TraitAdminController.php @@ -0,0 +1,108 @@ +model = self::__MODEL; + } + + /** + * Display a listing of the resource. + * + * @return \Illuminate\Http\Response + */ + public function index() + { + $items = $this->model::all(); + return view('admin.' . $this->view . '.index', compact('items')); + } + + /** + * Show the form for creating a new resource. + * + * @return \Illuminate\Http\Response + */ + public function create() + { + $item = new $this->model; + return view('admin.' . $this->view . '.form', compact('item')); + } + + /** + * Store a newly created resource in storage. + * + * @param \Illuminate\Http\Request $request + * @return \Illuminate\Http\Response + */ + public function store(Request $request) + { + $this->model::create($request->all()); + return $this->index()->with('success', 'Nouvel entité créé'); + } + + /** + * Display the specified resource. + * + * @param $id + * @return \Illuminate\Http\Response + */ + public function show($id) + { + $item = $this->model::where('id', $id)->first(); + return view('admin.' . $this->view . '.show', compact('item')); + } + + /** + * Show the form for editing the specified resource. + * + * @param $id + * @return \Illuminate\Http\Response + */ + public function edit($id) + { + $item = $this->model::where('id', $id)->first(); + return view('admin.' . $this->view . '.form', compact('item')); + } + + /** + * Update the specified resource in storage. + * + * @param \Illuminate\Http\Request $request + * @param $id + * @return \Illuminate\Http\Response + */ + public function update(Request $request, $id) + { + $item = $this->model::where('id', $id)->first(); + $item->update($request->all()); + return $this->index()->with('success', 'Entité modifié avec succès'); + } + + /** + * Remove the specified resource from storage. + * + * @param $id + * @return \Illuminate\Http\Response + */ + public function destroy($id) + { + $item = $this->model::where('id', $id)->first(); + $item->delete(); + return $this->index()->with('success', 'Entité supprimé'); + } +} diff --git a/app/Http/Controllers/Admin/PermissionController.php b/app/Http/Controllers/Admin/PermissionController.php new file mode 100644 index 0000000..1f69a06 --- /dev/null +++ b/app/Http/Controllers/Admin/PermissionController.php @@ -0,0 +1,15 @@ +get(); + return view('admin.' . $this->view . '.index', compact('items')); + } +} diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 04c32b7..b62dc06 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -99,10 +99,21 @@ protected function validator(array $data) */ protected function create(array $data) { + $default = null; + $size = 40; + $avatar = "https://www.gravatar.com/avatar/"; + $avatar .= md5(strtolower(trim($data['email']))); + $avatar .= "?d="; + $avatar .= urlencode($default); + $avatar .= "&s="; + $avatar .= $size; + return User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password']), + 'verify_token' => str_replace('/', '', bcrypt(str_random(16))), + 'avatar' => $avatar ]); } } diff --git a/app/Notifications/RegisteredUser.php b/app/Notifications/RegisteredUser.php index 2d8e2d0..595f6f2 100644 --- a/app/Notifications/RegisteredUser.php +++ b/app/Notifications/RegisteredUser.php @@ -41,8 +41,14 @@ public function toMail($notifiable): MailMessage return (new MailMessage) ->success() ->subject('Inscription sur ' . env('APP_NAME')) - ->line('Votre compte à bien été créé, merci de confirmer votre adresse mail en cliquant sur le bouton suivant') - ->action('Confirmer mon adresse mail', route('auth.confirm', [$notifiable->id, urlencode($notifiable->verify_token)])) + ->line( + 'Votre compte à bien été créé, ' . + 'merci de confirmer votre adresse mail en cliquant sur le bouton suivant' + ) + ->action( + 'Confirmer mon adresse mail', + route('auth.confirm', [$notifiable->id, urlencode($notifiable->verify_token)]) + ) ->line('Merci de votre inscrption'); } diff --git a/resources/views/admin/permission/form.blade.php b/resources/views/admin/permission/form.blade.php new file mode 100644 index 0000000..61a26eb --- /dev/null +++ b/resources/views/admin/permission/form.blade.php @@ -0,0 +1,11 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+ @if($item->id) +

Editer

+ @else +

Créer

+ @endif +@endsection \ No newline at end of file diff --git a/resources/views/admin/permission/index.blade.php b/resources/views/admin/permission/index.blade.php new file mode 100644 index 0000000..6bca689 --- /dev/null +++ b/resources/views/admin/permission/index.blade.php @@ -0,0 +1,53 @@ +@extends('layout') + +@section('content') +
+

Administration

+
+

Permissions

+

+ Créer une nouvel permission +

+ + + + + + + + + + + + + + @foreach($items as $item) + + + + + + + + + + + @endforeach + +
IDNameDisplay NameDescriptionCreated AtUpdated AtAction
{{ $item->id }}{{ $item->name }}{{ $item->display_name }} + + {{ $item->description }} + + {{ $item->created_at }}{{ $item->updated_at }} + + Editer + + +
+ {{ csrf_field() }} + {{ method_field('DELETE') }} + +
+
+
+@endsection \ No newline at end of file diff --git a/resources/views/admin/permission/show.blade.php b/resources/views/admin/permission/show.blade.php new file mode 100644 index 0000000..405a0b7 --- /dev/null +++ b/resources/views/admin/permission/show.blade.php @@ -0,0 +1,8 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+

{{ $item->name }}

+

{{ $item->description }}

+@endsection \ No newline at end of file diff --git a/resources/views/admin/role/form.blade.php b/resources/views/admin/role/form.blade.php new file mode 100644 index 0000000..61a26eb --- /dev/null +++ b/resources/views/admin/role/form.blade.php @@ -0,0 +1,11 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+ @if($item->id) +

Editer

+ @else +

Créer

+ @endif +@endsection \ No newline at end of file diff --git a/resources/views/admin/role/index.blade.php b/resources/views/admin/role/index.blade.php new file mode 100644 index 0000000..1af9ec5 --- /dev/null +++ b/resources/views/admin/role/index.blade.php @@ -0,0 +1,53 @@ +@extends('layout') + +@section('content') +
+

Administration

+
+

Roles

+

+ Créer un nouveau role +

+ + + + + + + + + + + + + + @foreach($items as $item) + + + + + + + + + + + @endforeach + +
IDNameDisplay NameDescriptionCreated AtUpdated AtAction
{{ $item->id }}{{ $item->name }}{{ $item->display_name }} + + {{ $item->description }} + + {{ $item->created_at }}{{ $item->updated_at }} + + Editer + + +
+ {{ csrf_field() }} + {{ method_field('DELETE') }} + +
+
+
+@endsection \ No newline at end of file diff --git a/resources/views/admin/role/show.blade.php b/resources/views/admin/role/show.blade.php new file mode 100644 index 0000000..405a0b7 --- /dev/null +++ b/resources/views/admin/role/show.blade.php @@ -0,0 +1,8 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+

{{ $item->name }}

+

{{ $item->description }}

+@endsection \ No newline at end of file diff --git a/resources/views/admin/user/form.blade.php b/resources/views/admin/user/form.blade.php new file mode 100644 index 0000000..61a26eb --- /dev/null +++ b/resources/views/admin/user/form.blade.php @@ -0,0 +1,11 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+ @if($item->id) +

Editer

+ @else +

Créer

+ @endif +@endsection \ No newline at end of file diff --git a/resources/views/admin/user/index.blade.php b/resources/views/admin/user/index.blade.php new file mode 100644 index 0000000..56dcf36 --- /dev/null +++ b/resources/views/admin/user/index.blade.php @@ -0,0 +1,59 @@ +@extends('layout') + +@section('content') +
+

Administration

+
+

Users

+

+ Créer un nouveau user +

+ + + + + + + + + + + + + + + @foreach($items as $item) + + + + + + + + + + + + @endforeach + +
IDNameEmailAvatarCreated AtUpdated AtRoleAction
{{ $item->id }}{{ $item->name }}{{ $item->email }} + + Avatar de {{ $item->name }} + + {{ $item->created_at }}{{ $item->updated_at }} + @foreach($item->roles as $role) + {{ ucfirst($role->name) }} + @endforeach + + + Editer + + +
+ {{ csrf_field() }} + {{ method_field('DELETE') }} + +
+
+
+@endsection \ No newline at end of file diff --git a/resources/views/admin/user/show.blade.php b/resources/views/admin/user/show.blade.php new file mode 100644 index 0000000..405a0b7 --- /dev/null +++ b/resources/views/admin/user/show.blade.php @@ -0,0 +1,8 @@ +@extends('layout') + +@section('content') +

Administration

+

Les roles

+

{{ $item->name }}

+

{{ $item->description }}

+@endsection \ No newline at end of file diff --git a/resources/views/auth/login.blade.php b/resources/views/auth/login.blade.php index 07924ce..1831af5 100644 --- a/resources/views/auth/login.blade.php +++ b/resources/views/auth/login.blade.php @@ -1,5 +1,5 @@ -@extends('layouts.app') - +@extends('layout') +{{-- TODO: Transformer le style en bootstrap4 --}} @section('content')
diff --git a/resources/views/auth/passwords/email.blade.php b/resources/views/auth/passwords/email.blade.php index ad38245..33a265f 100644 --- a/resources/views/auth/passwords/email.blade.php +++ b/resources/views/auth/passwords/email.blade.php @@ -1,5 +1,5 @@ -@extends('layouts.app') - +@extends('layout') +{{-- TODO: Transformer le style en bootstrap4 --}} @section('content')
diff --git a/resources/views/auth/passwords/reset.blade.php b/resources/views/auth/passwords/reset.blade.php index 84ec010..b4621f1 100644 --- a/resources/views/auth/passwords/reset.blade.php +++ b/resources/views/auth/passwords/reset.blade.php @@ -1,5 +1,5 @@ -@extends('layouts.app') - +@extends('layout') +{{-- TODO: Transformer le style en bootstrap4 --}} @section('content')
diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php index 38eef83..170e476 100644 --- a/resources/views/auth/register.blade.php +++ b/resources/views/auth/register.blade.php @@ -1,5 +1,5 @@ -@extends('layouts.app') - +@extends('layout') +{{-- TODO: Transformer le style en bootstrap4 --}} @section('content')
diff --git a/resources/views/partials/navbar.blade.php b/resources/views/partials/navbar.blade.php index 3bd1e29..d391406 100644 --- a/resources/views/partials/navbar.blade.php +++ b/resources/views/partials/navbar.blade.php @@ -10,9 +10,40 @@ Blog -
- - -
+
\ No newline at end of file diff --git a/routes/web.php b/routes/web.php index 93d2f50..843b732 100644 --- a/routes/web.php +++ b/routes/web.php @@ -11,6 +11,22 @@ | */ +use Illuminate\Support\Facades\Auth; +use Illuminate\Support\Facades\Route; + +function namesRouteRessource (string $name): array +{ + return ['names' => [ + 'index' => 'admin.' . $name . '.index', + 'edit' => 'admin.' . $name . '.edit', + 'update' => 'admin.' . $name . '.update', + 'show' => 'admin.' . $name . '.show', + 'create' => 'admin.' . $name . '.create', + 'store' => 'admin.' . $name . '.store', + 'destroy' => 'admin.' . $name . '.destroy' + ]]; +} + Route::get('/', function () { // TODO Create home controller return view('welcome'); @@ -21,6 +37,19 @@ // Authentication Auth::routes(); -Route::get('/verify/{id}/{token}', 'Auth/RegisterController@confirm')->name('auth.confirm'); +Route::get('/verify/{id}/{token}', 'Auth\RegisterController@confirm')->name('auth.confirm'); Route::get('/home', 'HomeController@index')->name('home'); + +Route::group(['prefix' => 'admin', 'namespace' => 'Admin'], function () { + Route::resource('blog', 'PostController', namesRouteRessource('blog')); + Route::resource('role', 'RoleController', namesRouteRessource('role')); + Route::resource('permission', 'PermissionController', namesRouteRessource('permission')); + Route::resource('user', 'UserController', namesRouteRessource('user')); + /*Route::resources([ + 'blog' => 'PostController', + 'role' => 'RoleController', + 'permission' => 'PermissionController', + 'user' => 'UserController' + ]);*/ +}); From dda79a4e8a284a457c5033aacfbccfb3767684cc Mon Sep 17 00:00:00 2001 From: Jeremys Date: Sun, 29 Oct 2017 12:57:39 +0100 Subject: [PATCH 4/5] 10-Authentification : End --- app/Concern/Admin/TraitAdminController.php | 25 ++++++ app/Http/Controllers/Admin/UserController.php | 4 + database/seeds/UserTableSeeder.php | 3 +- resources/assets/js/app.js | 2 +- resources/views/home.blade.php | 2 +- resources/views/layout.blade.php | 11 ++- resources/views/layouts/app.blade.php | 80 ------------------- resources/views/partials/navbar.blade.php | 38 ++++++--- 8 files changed, 67 insertions(+), 98 deletions(-) delete mode 100644 resources/views/layouts/app.blade.php diff --git a/app/Concern/Admin/TraitAdminController.php b/app/Concern/Admin/TraitAdminController.php index 031d332..2c4a5d6 100644 --- a/app/Concern/Admin/TraitAdminController.php +++ b/app/Concern/Admin/TraitAdminController.php @@ -3,12 +3,16 @@ namespace App\Concern\Admin; use Illuminate\Http\Request; +use Illuminate\Support\Facades\Auth; /** * Trait TraitAdminController * * Basic CRUD controller * + * ## L'idée de base étant d'avoir un Trait qui reprend le CRUD. + * ## Ainsi il suffira soit de ne pas toucher soit de réécrire les fonctions pour les controllers particuliés. + * * @package App\Concern\Admin */ trait TraitAdminController @@ -28,6 +32,9 @@ public function __construct() */ public function index() { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $items = $this->model::all(); return view('admin.' . $this->view . '.index', compact('items')); } @@ -39,6 +46,9 @@ public function index() */ public function create() { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $item = new $this->model; return view('admin.' . $this->view . '.form', compact('item')); } @@ -51,6 +61,9 @@ public function create() */ public function store(Request $request) { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $this->model::create($request->all()); return $this->index()->with('success', 'Nouvel entité créé'); } @@ -63,6 +76,9 @@ public function store(Request $request) */ public function show($id) { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $item = $this->model::where('id', $id)->first(); return view('admin.' . $this->view . '.show', compact('item')); } @@ -75,6 +91,9 @@ public function show($id) */ public function edit($id) { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $item = $this->model::where('id', $id)->first(); return view('admin.' . $this->view . '.form', compact('item')); } @@ -88,6 +107,9 @@ public function edit($id) */ public function update(Request $request, $id) { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $item = $this->model::where('id', $id)->first(); $item->update($request->all()); return $this->index()->with('success', 'Entité modifié avec succès'); @@ -101,6 +123,9 @@ public function update(Request $request, $id) */ public function destroy($id) { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $item = $this->model::where('id', $id)->first(); $item->delete(); return $this->index()->with('success', 'Entité supprimé'); diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php index df76067..680e3de 100644 --- a/app/Http/Controllers/Admin/UserController.php +++ b/app/Http/Controllers/Admin/UserController.php @@ -5,6 +5,7 @@ use App\Concern\Admin\TraitAdminController; use App\Http\Controllers\Controller; use App\Model\User; +use Illuminate\Support\Facades\Auth; class UserController extends Controller { @@ -21,6 +22,9 @@ class UserController extends Controller */ public function index() { + if (! Auth::user()->hasRole('admin')) { + return redirect()->back(); + } $items = User::with('roles')->get(); return view('admin.' . $this->view . '.index', compact('items')); } diff --git a/database/seeds/UserTableSeeder.php b/database/seeds/UserTableSeeder.php index 5781b33..67c9f3c 100644 --- a/database/seeds/UserTableSeeder.php +++ b/database/seeds/UserTableSeeder.php @@ -16,7 +16,8 @@ public function run() { factory(User::class, 50)->create(); - //TODO: Exemple d'utilisation du système de role et de permission + /** Exemple d'utilisation du système de role et de permission */ + $user = new Role(); $user->name = 'user'; $user->display_name = 'Classic User'; diff --git a/resources/assets/js/app.js b/resources/assets/js/app.js index c1620c1..35b3584 100644 --- a/resources/assets/js/app.js +++ b/resources/assets/js/app.js @@ -5,7 +5,7 @@ * building robust, powerful web applications using Vue and Laravel. */ -require('./bootstrap'); +require('./bootstrap') window.Vue = require('vue'); diff --git a/resources/views/home.blade.php b/resources/views/home.blade.php index d8437bf..4498f5a 100644 --- a/resources/views/home.blade.php +++ b/resources/views/home.blade.php @@ -1,4 +1,4 @@ -@extends('layouts.app') +@extends('layout') @section('content')
diff --git a/resources/views/layout.blade.php b/resources/views/layout.blade.php index 206f768..59af604 100644 --- a/resources/views/layout.blade.php +++ b/resources/views/layout.blade.php @@ -1,4 +1,3 @@ - @@ -7,9 +6,12 @@ + + 360 dev - + + @@ -25,8 +27,9 @@
- + +{{----}} - +{{----}} diff --git a/resources/views/layouts/app.blade.php b/resources/views/layouts/app.blade.php deleted file mode 100644 index 6d3bf22..0000000 --- a/resources/views/layouts/app.blade.php +++ /dev/null @@ -1,80 +0,0 @@ - - - - - - - - - - - {{ config('app.name', 'Laravel') }} - - - - - -
- - - @yield('content') -
- - - - - diff --git a/resources/views/partials/navbar.blade.php b/resources/views/partials/navbar.blade.php index d391406..fe708b1 100644 --- a/resources/views/partials/navbar.blade.php +++ b/resources/views/partials/navbar.blade.php @@ -23,25 +23,41 @@ -
- Mon Profil - - Se déconnecter - +
+ @endguest From 48a546803d6c62131378dd525026121c52271139 Mon Sep 17 00:00:00 2001 From: Jeremy Date: Tue, 31 Oct 2017 02:55:40 +0100 Subject: [PATCH 5/5] Delete Entrust for native policies --- app/Concern/Admin/TraitAdminController.php | 50 +++------ .../Admin/PermissionController.php | 15 --- app/Http/Controllers/Admin/PostController.php | 2 + app/Http/Controllers/Admin/RoleController.php | 2 + app/Http/Controllers/Admin/UserController.php | 14 ++- .../Controllers/Auth/RegisterController.php | 3 + app/Model/Permission.php | 15 --- app/Model/Post.php | 1 + app/Model/Role.php | 14 ++- app/Model/User.php | 12 ++- app/Policies/CategoryPolicy.php | 68 ++++++++++++ app/Policies/PostPolicy.php | 66 ++++++++++++ app/Policies/RolePolicy.php | 66 ++++++++++++ app/Policies/UserPolicy.php | 65 +++++++++++ app/Providers/AuthServiceProvider.php | 14 ++- composer.lock | 70 +----------- config/app.php | 2 - config/entrust.php | 101 ------------------ ... 2017_10_31_000239_create_roles_table.php} | 42 ++------ database/seeds/DatabaseSeeder.php | 1 + database/seeds/RoleTableSeeder.php | 39 +++++++ database/seeds/UserTableSeeder.php | 55 +++------- 22 files changed, 397 insertions(+), 320 deletions(-) delete mode 100644 app/Http/Controllers/Admin/PermissionController.php delete mode 100644 app/Model/Permission.php create mode 100644 app/Policies/CategoryPolicy.php create mode 100644 app/Policies/PostPolicy.php create mode 100644 app/Policies/RolePolicy.php create mode 100644 app/Policies/UserPolicy.php delete mode 100644 config/entrust.php rename database/migrations/{2017_10_25_135107_entrust_setup_tables.php => 2017_10_31_000239_create_roles_table.php} (51%) create mode 100644 database/seeds/RoleTableSeeder.php diff --git a/app/Concern/Admin/TraitAdminController.php b/app/Concern/Admin/TraitAdminController.php index 2c4a5d6..b4af979 100644 --- a/app/Concern/Admin/TraitAdminController.php +++ b/app/Concern/Admin/TraitAdminController.php @@ -3,7 +3,7 @@ namespace App\Concern\Admin; use Illuminate\Http\Request; -use Illuminate\Support\Facades\Auth; +use Illuminate\Support\Facades\Validator; /** * Trait TraitAdminController @@ -32,9 +32,6 @@ public function __construct() */ public function index() { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } $items = $this->model::all(); return view('admin.' . $this->view . '.index', compact('items')); } @@ -46,9 +43,7 @@ public function index() */ public function create() { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('create', $this->model); $item = new $this->model; return view('admin.' . $this->view . '.form', compact('item')); } @@ -61,9 +56,8 @@ public function create() */ public function store(Request $request) { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('create', $this->model); + Validator::make($request->all(), $this->validator)->validate(); $this->model::create($request->all()); return $this->index()->with('success', 'Nouvel entité créé'); } @@ -71,14 +65,12 @@ public function store(Request $request) /** * Display the specified resource. * - * @param $id + * @param int $id * @return \Illuminate\Http\Response */ - public function show($id) + public function show(int $id) { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('view', $this->model); $item = $this->model::where('id', $id)->first(); return view('admin.' . $this->view . '.show', compact('item')); } @@ -86,14 +78,12 @@ public function show($id) /** * Show the form for editing the specified resource. * - * @param $id + * @param int $id * @return \Illuminate\Http\Response */ - public function edit($id) + public function edit(int $id) { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('update', $this->model); $item = $this->model::where('id', $id)->first(); return view('admin.' . $this->view . '.form', compact('item')); } @@ -102,30 +92,24 @@ public function edit($id) * Update the specified resource in storage. * * @param \Illuminate\Http\Request $request - * @param $id + * @param int $id * @return \Illuminate\Http\Response */ - public function update(Request $request, $id) + public function update(Request $request, int $id) { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('update', $this->model); $item = $this->model::where('id', $id)->first(); $item->update($request->all()); return $this->index()->with('success', 'Entité modifié avec succès'); } /** - * Remove the specified resource from storage. - * - * @param $id - * @return \Illuminate\Http\Response + * @param int $id + * @return mixed */ - public function destroy($id) + public function destroy(int $id) { - if (! Auth::user()->hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('delete', $this->model); $item = $this->model::where('id', $id)->first(); $item->delete(); return $this->index()->with('success', 'Entité supprimé'); diff --git a/app/Http/Controllers/Admin/PermissionController.php b/app/Http/Controllers/Admin/PermissionController.php deleted file mode 100644 index 1f69a06..0000000 --- a/app/Http/Controllers/Admin/PermissionController.php +++ /dev/null @@ -1,15 +0,0 @@ -hasRole('admin')) { - return redirect()->back(); - } + $this->authorize('view', self::__MODEL); $items = User::with('roles')->get(); return view('admin.' . $this->view . '.index', compact('items')); } + + public function destroy(User $user) + { + $this->authorize('delete', $user); + $user->roles()->detach(); + $user->delete(); + return $this->index()->with('success', 'Utilisateur supprimé'); + } } diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index b62dc06..0ccefd1 100644 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -2,6 +2,7 @@ namespace App\Http\Controllers\Auth; +use App\Model\Role; use App\Model\User; use App\Http\Controllers\Controller; use App\Notifications\RegisteredUser; @@ -68,6 +69,8 @@ public function confirm(int $id, string $token) { $user = User::where([['id', $id], ['verify_token', $token]])->first(); if ($user) { + $role = Role::where('name', 'user')->first(); + $user->roles()->attach($role); $user->update(['veriffy_token' => null]); $this->guard()->login($user); return redirect($this->redirectPath()); diff --git a/app/Model/Permission.php b/app/Model/Permission.php deleted file mode 100644 index 439a2c4..0000000 --- a/app/Model/Permission.php +++ /dev/null @@ -1,15 +0,0 @@ -belongsToMany(User::class); + } } diff --git a/app/Model/User.php b/app/Model/User.php index f2f6d6a..64e6966 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -2,10 +2,10 @@ namespace App\Model; +use Illuminate\Database\Eloquent\Relations\BelongsToMany; use Illuminate\Database\Eloquent\Relations\HasMany; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; -use Zizaco\Entrust\Traits\EntrustUserTrait; /** * @property \Carbon\Carbon $created_at @@ -16,7 +16,7 @@ */ class User extends Authenticatable { - use Notifiable, EntrustUserTrait; + use Notifiable; /** * The attributes that are mass assignable. @@ -43,4 +43,12 @@ public function posts(): HasMany { return $this->hasMany(Post::class); } + + /** + * @return BelongsToMany + */ + public function roles(): BelongsToMany + { + return $this->belongsToMany(Role::class); + } } diff --git a/app/Policies/CategoryPolicy.php b/app/Policies/CategoryPolicy.php new file mode 100644 index 0000000..e0b479d --- /dev/null +++ b/app/Policies/CategoryPolicy.php @@ -0,0 +1,68 @@ +roles->name === 'root') { + return true; + } + } + + /** + * Determine whether the user can view the category. + * + * @param \App\Model\User $user + * @param \App\Model\Category $category + * @return mixed + */ + public function view(User $user, Category $category) + { + return true; + } + + /** + * Determine whether the user can create categories. + * + * @param \App\Model\User $user + * @return mixed + */ + public function create(User $user) + { + return $user->roles->name === 'admin' || $user->roles->name === 'redactor'; + } + + /** + * Determine whether the user can update the category. + * + * @param \App\Model\User $user + * @param \App\Model\Category $category + * @return mixed + */ + public function update(User $user, Category $category) + { + return $user->roles->name === 'admin' || + $user->roles->name === 'redactor' || + $user->posts->category_id === $category->id; + } + + /** + * Determine whether the user can delete the category. + * + * @param \App\Model\User $user + * @param \App\Model\Category $category + * @return mixed + */ + public function delete(User $user, Category $category) + { + return $user->roles->name === 'admin' || $user->posts->category_id === $category->id; + } +} diff --git a/app/Policies/PostPolicy.php b/app/Policies/PostPolicy.php new file mode 100644 index 0000000..f7a1ab2 --- /dev/null +++ b/app/Policies/PostPolicy.php @@ -0,0 +1,66 @@ +roles->name === 'root') { + return true; + } + } + + /** + * Determine whether the user can view the post. + * + * @param \App\Model\User $user + * @param \App\Model\Post $post + * @return mixed + */ + public function view(User $user, Post $post) + { + return true; + } + + /** + * Determine whether the user can create posts. + * + * @param \App\Model\User $user + * @return mixed + */ + public function create(User $user) + { + return $user->roles->name === 'admin' || $user->roles->name === 'redactor'; + } + + /** + * Determine whether the user can update the post. + * + * @param \App\Model\User $user + * @param \App\Model\Post $post + * @return mixed + */ + public function update(User $user, Post $post) + { + return $user->roles->name === 'admin' || $user->roles->name === 'redactor' || $user->id === $post->user_id; + } + + /** + * Determine whether the user can delete the post. + * + * @param \App\Model\User $user + * @param \App\Model\Post $post + * @return mixed + */ + public function delete(User $user, Post $post) + { + return $user->roles->name === 'admin' || $user->roles->name === 'redactor'; + } +} diff --git a/app/Policies/RolePolicy.php b/app/Policies/RolePolicy.php new file mode 100644 index 0000000..a665fd6 --- /dev/null +++ b/app/Policies/RolePolicy.php @@ -0,0 +1,66 @@ +roles->name === 'root') { + return true; + } + } + + /** + * Determine whether the user can view the role. + * + * @param \App\Model\User $user + * @param \App\Model\Role $role + * @return mixed + */ + public function view(User $user, Role $role) + { + return false; + } + + /** + * Determine whether the user can create roles. + * + * @param \App\Model\User $user + * @return mixed + */ + public function create(User $user) + { + return false; + } + + /** + * Determine whether the user can update the role. + * + * @param \App\Model\User $user + * @param \App\Model\Role $role + * @return mixed + */ + public function update(User $user, Role $role) + { + return false; + } + + /** + * Determine whether the user can delete the role. + * + * @param \App\Model\User $user + * @param \App\Model\Role $role + * @return mixed + */ + public function delete(User $user, Role $role) + { + return false; + } +} diff --git a/app/Policies/UserPolicy.php b/app/Policies/UserPolicy.php new file mode 100644 index 0000000..b4ea5fe --- /dev/null +++ b/app/Policies/UserPolicy.php @@ -0,0 +1,65 @@ +roles->name === 'root') { + return true; + } + } + + /** + * Determine whether the user can view the model. + * + * @param \App\Model\User $user + * @param \App\Model\User $model + * @return mixed + */ + public function view(User $user, User $model) + { + return $user->roles->name === 'moderator' || $user->id === $model->id; + } + + /** + * Determine whether the user can create models. + * + * @param \App\Model\User $user + * @return mixed + */ + public function create(User $user) + { + return true; + } + + /** + * Determine whether the user can update the model. + * + * @param \App\Model\User $user + * @param \App\Model\User $model + * @return mixed + */ + public function update(User $user, User $model) + { + return $user->id === $model->id || $user->roles->name === 'admin'; + } + + /** + * Determine whether the user can delete the model. + * + * @param \App\Model\User $user + * @param \App\Model\User $model + * @return mixed + */ + public function delete(User $user, User $model) + { + return $user->id === $model->id; + } +} diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index 9784b1a..6cb6be0 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -2,7 +2,14 @@ namespace App\Providers; -use Illuminate\Support\Facades\Gate; +use App\Model\Category; +use App\Model\Post; +use App\Model\Role; +use App\Model\User; +use App\Policies\CategoryPolicy; +use App\Policies\PostPolicy; +use App\Policies\RolePolicy; +use App\Policies\UserPolicy; use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; class AuthServiceProvider extends ServiceProvider @@ -13,7 +20,10 @@ class AuthServiceProvider extends ServiceProvider * @var array */ protected $policies = [ - 'App\Model' => 'App\Policies\ModelPolicy', + Category::class => CategoryPolicy::class, + Post::class => PostPolicy::class, + Role::class => RolePolicy::class, + User::class => UserPolicy::class ]; /** diff --git a/composer.lock b/composer.lock index 696b519..cdf01fb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "6b9096f05e51d68709c2685d83770324", + "content-hash": "8fcfb7266d5208c06f300886551d7dce", "packages": [ { "name": "dnoegel/php-xdg-base-dir", @@ -2151,74 +2151,6 @@ "environment" ], "time": "2016-09-01T10:05:43+00:00" - }, - { - "name": "zizaco/entrust", - "version": "1.8.0", - "source": { - "type": "git", - "url": "https://github.com/Zizaco/entrust.git", - "reference": "992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/Zizaco/entrust/zipball/992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09", - "reference": "992e484f90a4d00b8ec0f42e8a59ba0b07ba1e09", - "shasum": "" - }, - "require": { - "illuminate/cache": "~5.0", - "illuminate/console": "~5.0", - "illuminate/support": "~5.0", - "php": ">=5.5.0" - }, - "require-dev": { - "illuminate/database": "~5.0", - "mockery/mockery": "dev-master", - "phpunit/phpunit": "~4.1", - "sami/sami": "dev-master" - }, - "type": "library", - "autoload": { - "classmap": [ - "src/commands" - ], - "psr-4": { - "Zizaco\\Entrust\\": "src/Entrust/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Andrew Elkins", - "homepage": "http://andrewelkins.com" - }, - { - "name": "Zizaco Zizuini", - "email": "zizaco@gmail.com" - }, - { - "name": "Ben Batschelet", - "homepage": "http://github.com/bbatsche" - }, - { - "name": "Michele Angioni", - "email": "michele.angioni@gmail.com" - } - ], - "description": "This package provides a flexible way to add Role-based Permissions to Laravel", - "keywords": [ - "acl", - "auth", - "illuminate", - "laravel", - "permission", - "roles" - ], - "time": "2016-12-29T06:24:46+00:00" } ], "packages-dev": [ diff --git a/config/app.php b/config/app.php index 3bad204..1d73888 100644 --- a/config/app.php +++ b/config/app.php @@ -168,7 +168,6 @@ * Package Service Providers... */ - Zizaco\Entrust\EntrustServiceProvider::class, /* * Application Service Providers... @@ -231,7 +230,6 @@ // Project aliases 'Menu' => \App\Helpers\MenuHelper::class, - 'Entrust' => Zizaco\Entrust\EntrustFacade::class ], ]; diff --git a/config/entrust.php b/config/entrust.php deleted file mode 100644 index 4f00469..0000000 --- a/config/entrust.php +++ /dev/null @@ -1,101 +0,0 @@ - 'App\Model\Role', - - /* - |-------------------------------------------------------------------------- - | Entrust Roles Table - |-------------------------------------------------------------------------- - | - | This is the roles table used by Entrust to save roles to the database. - | - */ - 'roles_table' => 'roles', - - /* - |-------------------------------------------------------------------------- - | Application User Model - |-------------------------------------------------------------------------- - | - | This is the User model used by Entrust to create correct relations. - | Update the User if it is in a different namespace. - | - */ - 'user' => 'App\Model\User', - - /* - |-------------------------------------------------------------------------- - | Application Users Table - |-------------------------------------------------------------------------- - | - | This is the users table used by the application to save users to the - | database. - | - */ - 'users_table' => 'users', - - /* - |-------------------------------------------------------------------------- - | Entrust Permission Model - |-------------------------------------------------------------------------- - | - | This is the Permission model used by Entrust to create correct relations. - | Update the permission if it is in a different namespace. - | - */ - 'permission' => 'App\Model\Permission', - - /* - |-------------------------------------------------------------------------- - | Entrust Permissions Table - |-------------------------------------------------------------------------- - | - | This is the permissions table used by Entrust to save permissions to the - | database. - | - */ - 'permissions_table' => 'permissions', - - /* - |-------------------------------------------------------------------------- - | Entrust permission_role Table - |-------------------------------------------------------------------------- - | - | This is the permission_role table used by Entrust to save relationship - | between permissions and roles to the database. - | - */ - 'permission_role_table' => 'permission_role', - - /* - |-------------------------------------------------------------------------- - | Entrust role_user Table - |-------------------------------------------------------------------------- - | - | This is the role_user table used by Entrust to save assigned roles to the - | database. - | - */ - 'role_user_table' => 'role_user', - - -]; diff --git a/database/migrations/2017_10_25_135107_entrust_setup_tables.php b/database/migrations/2017_10_31_000239_create_roles_table.php similarity index 51% rename from database/migrations/2017_10_25_135107_entrust_setup_tables.php rename to database/migrations/2017_10_31_000239_create_roles_table.php index 5dded60..4d213f0 100644 --- a/database/migrations/2017_10_25_135107_entrust_setup_tables.php +++ b/database/migrations/2017_10_31_000239_create_roles_table.php @@ -1,20 +1,18 @@ increments('id'); @@ -36,42 +34,16 @@ public function up() $table->primary(['user_id', 'role_id']); }); - - // Create table for storing permissions - Schema::create('permissions', function (Blueprint $table) { - $table->increments('id'); - $table->string('name')->unique(); - $table->string('display_name')->nullable(); - $table->string('description')->nullable(); - $table->timestamps(); - }); - - // Create table for associating permissions to roles (Many-to-Many) - Schema::create('permission_role', function (Blueprint $table) { - $table->integer('permission_id')->unsigned(); - $table->integer('role_id')->unsigned(); - - $table->foreign('permission_id')->references('id')->on('permissions') - ->onUpdate('cascade')->onDelete('cascade'); - $table->foreign('role_id')->references('id')->on('roles') - ->onUpdate('cascade')->onDelete('cascade'); - - $table->primary(['permission_id', 'role_id']); - }); - - DB::commit(); } /** * Reverse the migrations. * - * @return void + * @return void */ public function down() { - Schema::drop('permission_role'); - Schema::drop('permissions'); - Schema::drop('role_user'); Schema::drop('roles'); + Schema::drop('role_user'); } } diff --git a/database/seeds/DatabaseSeeder.php b/database/seeds/DatabaseSeeder.php index 7dc0dcb..141ff8f 100644 --- a/database/seeds/DatabaseSeeder.php +++ b/database/seeds/DatabaseSeeder.php @@ -12,6 +12,7 @@ class DatabaseSeeder extends Seeder public function run() { $this->call(PostsTableSeeder::class); + $this->call(RoleTableSeeder::class); $this->call(UserTableSeeder::class); } } diff --git a/database/seeds/RoleTableSeeder.php b/database/seeds/RoleTableSeeder.php new file mode 100644 index 0000000..c09c510 --- /dev/null +++ b/database/seeds/RoleTableSeeder.php @@ -0,0 +1,39 @@ + 'user', + 'display_name' => 'Simple user', + 'description' => 'Just a simple user' + ], [ + 'name' => 'moderator', + 'display_name' => 'Moderator', + 'description' => 'User can moderate comments and forum' + ], [ + 'name' => 'redactor', + 'display_name' => 'Redactor', + 'description' => 'User can write post' + ], [ + 'name' => 'admin', + 'display_name' => 'Admin', + 'description' => 'User can moderate all and can write/edit post' + ], [ + 'name' => 'root', + 'display_name' => 'Super Admin', + 'description' => 'Full access' + ] + ]); + } +} diff --git a/database/seeds/UserTableSeeder.php b/database/seeds/UserTableSeeder.php index 67c9f3c..f454548 100644 --- a/database/seeds/UserTableSeeder.php +++ b/database/seeds/UserTableSeeder.php @@ -1,6 +1,5 @@ create(); - /** Exemple d'utilisation du système de role et de permission */ - - $user = new Role(); - $user->name = 'user'; - $user->display_name = 'Classic User'; - $user->description = 'All user registered'; - $user->save(); - - $admin = new Role(); - $admin->name = 'admin'; - $admin->display_name = 'Administrator'; - $admin->description = 'User is allowed to manage and edit users'; - $admin->save(); - - $redactor = new Role(); - $redactor->name = 'redactor'; - $redactor->display_name = 'Redactor'; - $redactor->description = 'User can write a post'; - $redactor->save(); - - $editUser = new Permission(); - $editUser->name = 'edit-user'; - $editUser->display_name = "Edit Users"; - $editUser->description = 'Edit existing users'; - $editUser->save(); - - $createPost = new Permission(); - $createPost->name = 'create-post'; - $createPost->display_name = 'Create Posts'; - $createPost->description = 'Create new post'; - $createPost->save(); - - $redactor->attachPermission($createPost); - $admin->attachPermissions([$createPost, $editUser]); - - $users = User::get(); - $users[0]->attachRole($user); - $users[1]->attachRole($admin); - $users[2]->attachRole($redactor); + $users = User::all(); + + $user = Role::where('name', 'user')->first(); + $admin = Role::where('name', 'admin')->first(); + $redactor = Role::where('name', 'redactor')->first(); + $moderator = Role::where('name', 'moderator')->first(); + $root = Role::where('name', 'root')->first(); + + for ($i = 0; $i < 10; $i++) { + $users[$i]->roles()->save($user); + $users[$i + 10]->roles()->save($admin); + $users[$i + 20]->roles()->save($redactor); + $users[$i + 30]->roles()->save($moderator); + $users[$i + 40]->roles()->save($root); + } } }