romanbican / roles Goto Github PK

Hello, my company has some prefix on the mysql table name. But it seem the table name is hardcorded in the HasRoleAndPermission trait:

public function rolePermissions()
{
    if (!$roles = $this->getRoles()->lists('id')->toArray()) { $roles = []; }

    return Permission::select(['permissions.*', 'permission_role.created_at as pivot_created_at', 'permission_role.updated_at as pivot_updated_at'])
            ->join('permission_role', 'permission_role.permission_id', '=', 'permissions.id')->join('roles', 'roles.id', '=', 'permission_role.role_id')
            ->whereIn('roles.id', $roles) ->orWhere('roles.level', '<', $this->level())
            ->groupBy('permissions.id');
}

Is it possible to rename the default table name?

Hi i got this error when i tried to access with \Auth::user()->can('edit_articles')
but when i used \User::find(\Auth::user()->id)->can('edit_articles') its work

Hi !

I wanted to know if there was a simple way with this package to check if a user was assigned to an article/profile/whatever? I think it could be done with permissions.

For example, if the user is on its own profile, is there a way to put a custom message in the blade template?
Or something similar if the user is the author of some article on a blog ?

For the moment I'm checking like this and I'm pretty sure that's not the best way :
if(Auth::user()-> id == $event->user_id)

Thank you very much,

the title says it all.

This package seems great. I am new to Laravel. I was wondering where to implement the

Would I use this inside roles.php? Sorry, I know this isn't an 'issue' per se; but, I really want to use this package in an upcoming project.

//PermissionTrait.php

/**
     * Get all the groups have this permission.
     * Use when edit a permission, and selected all group on select option.
     * @return array
     */
    public function getRolesOfPerm()
    {
        return $this->roles()->get();
    }
/* Clear relationship between Roles & Permissions before update
* Need when update a Permission
*/
    public function delRolesOfPerm()
    {
        $del = DB::table('permission_role')->where('permission_id',$this->id)->delete();
        return $del;
    }
    /*Clear relationship between the User and Permission before update*/
    public function delUsersOfPerm()
    {
        $del = DB::table('permission_user')->where('permission_id',$this->id)->delete();
        return $del;
    }

//RoleTrait.php

/* Get all the Permission is attached to this group.
* Use when edit Roles (Groups), for checked all pesmission selected.
*/
    public function getAllPermission()
    {
        return $this->permissions()->get();
    }
/* Clear relationship between Permission and Roles before update Roles (Groups)
*/
    public function delPermsOfRole()
    {
        $del = DB::table('permission_role')->where('role_id',$this->id)->delete();
        return $del;
    }
  /* Clear relationship between the User and Roles before update Roles (Groups)
*/
    public function delUsersOfRole()
    {
        $del = DB::table('role_user')->where('role_id',$this->id)->delete();
        return $del;
    }

During my first migration I received this error:

 [Illuminate\Database\QueryException]
 SQLSTATE[HY000]: General error: 1215 Cannot add foreign key constraint (SQL: alter
 table `role_user` add constraint role_user_user_id_foreign foreign key (`user_id`)
 references `users` (`id`) on delete cascade)

 [PDOException]
 SQLSTATE[HY000]: General error: 1215 Cannot add foreign key constraint

I checked in Create_Role_User_Table.php the lines:

$table->integer('role_id')->unsigned()->index();
$table->foreign('role_id')->references('id')->on('roles')->onDelete('cascade');
$table->integer('user_id')->unsigned()->index();
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');

with Create_Roles_Table.php but it seems everything ok... So what is the problem?

I would like to suggest creating branches, for this package. I feel that it will help ease any confusion if you have a branch named "develop" where you can apply any merge requests, and then a branch called "next-release" or something similar. Of course you will still need to tag each release in master, but i believe this will be beneficial especially if you are working on version 2.0

thanks very mach for you
i beginner in role permission
whats mean slug
can give me slug definition

First of all, let me say thanks for this great L5 package. The Blade Extensions are wonderful.

I noticed that running php artisan vendor:publish always outputs:

Copied Directory [/vendor/bican/roles/src/migrations] To [/database/migrations]

But looking in the migrations directory it didn't changed anything.

exclude one or more rights to inherit from Roles, eg admin group have permission to create, edit, delete. but I added one person and only the admin group permission to create, edit, and right to left will not be inherited. (this is just an example understandable)

Then you've come to think this case has not, please help me. many thanks.
PS: I think that the Sentry 2 supports very good but it does not yet support Laravel 5 for the moment

the blade extension

@role('admin') // @if(Auth::check() && Auth::user()->is('admin'))

is cool, but sometimes I want to use IF ELSE statement to show different content to a logged admin,and another to everybody else.
Can you design statement which would combine the two conditions (and mean "logged Admin")?
maybe sth like this

@if(Auth::check()->is('Admin'))

Peter

Im new at laravel, i followed your instructions, but have no idea where to create the roles. Do i need to make a new model "Roles" for that? or where? Is it possible for you to make a simple example of it please? along with assigning a role to an user. Thanks in advance.

Examples where?

I would like to know the position of authority to judge?

Hi, this package is awesome.. but sometimes i need to bypass all permission check for debugging. how to achieve that with this package ?

Hello,

My Laravel project work with two controller (1 for the users and 1 for the admin).
I defined roles for users and admin. But if i log me in such as a user i can acces to the admin page.

It will be fine to define roles and permissions as middelware to call this in the controller like this

public function __construct()
{
        $this->middleware('auth');
        $this->middleware('roles')->is('admin')
}

So i can restric all method in my controller for role: admin only.

Do you know a other solution ?

Thank you

Hi, my company manage a lot of user,
my manager needs to know this user had permission access from role or from user..
for example, when some permission attach direct to user
i need to check like this :

$user->canFromUser() // return true

$user->canFromRole() // return false

how to achieve this ?

Hi,

Can you add a config file that allows specifying the database to get roles/permissions from.

thanks

It's taken me a lot of time to totally understand the behavior of allowed() method that provides entity checks. Please, complete the docs with such a sentence that allowed() method doesn't look at user's attached permissions if it owns an entity (or smth like that).

As for me, logic of mentioned method isn't good enough.

Is there any chance to easily revoke specific permission from user?

Let's suppose that user has the role 'user' which in turn has permissions to 'see.article' and 'create.article'.

So how to revoke 'create.article' permission from the specific user that has 'user' role?
I'm not sure about that it's really possible, maybe there's any other good workaround.

Thanks!

Am I wrong or checks this blade statement whether the name of the role is 'admin'. I though it should be the slug!?

Need to update blade extension

Roles\RolesServiceProvider.php
old function to new

protected function registerBladeExtensions()
    {
        $blade = $this->app['view']->getEngineResolver()->resolve('blade')->getCompiler();

        $blade->directive('role', function($expression) {
            return "<?php if (Auth::check() && Auth::user()->is($expression)): ?>";
        });

        $blade->directive('endrole', function($expression) {
            return "<?php endif; ?>";
        });

        $blade->directive('permission', function($expression) {
            return "<?php if (Auth::check() && Auth::user()->can($expression)): ?>";
        });

        $blade->directive('endpermission', function($expression) {
            return "<?php endif; ?>";
        });

        $blade->directive('allowed', function($expression) {
            return "<?php if (Auth::check() && Auth::user()->allowed($expression)): ?>";
        });

        $blade->directive('endallowed', function($expression) {
            return "<?php endif; ?>";
        });
    }

Hello,

I am using Laravel 5 and followed your instructions. Because of Laravel 5 I added these line to mal config/app.php

    'Bican\Roles\RolesServiceProvider',

Instead of:

Bican\Roles\RolesServiceProvider::class,

And in my composer.json I used 1.7.*"

"require": {
"laravel/framework": "5.0.",
"laravelcollective/html": "~5.0",
"bican/roles": "1.7."
},

I get the following error, when I try to visit my users index

Interface 'Bican\Roles\Contracts\HasRoleAndPermission' not found

FatalErrorException in RolesServiceProvider.php line 47:
Call to undefined method Illuminate\View\Compilers\BladeCompiler::createMatcher()

any idea what may be causing this?

Is there some particular users management package that this roles package will work best?

or if you have some code for managing users, roles, persmissions somewhere available?

Hi, I am beginner in Laravel, I hope you can help me,
I create my Virtual Host and named http: //laravel.app
I install Laravel:

  composer create-project laravel/laravel --prefer-dist

This installs me Laravel 5

I go to my composer.json file and add:

   "bican/roles": "1.3.*"

I run in console:

  composer update

in config/app.php : Providers add

    'Bican\Roles\RolesServiceProvider',

I do migration

php artisan vendor:publish

php artisan migrate

in app/user.php I still like this:

<?php namespace App;

use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Bican\Roles\Contracts\HasRoleContract;
use Bican\Roles\Contracts\HasPermissionContract;
use Bican\Roles\Traits\HasRole;
use Bican\Roles\Traits\HasPermission;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract, HasRoleContract, HasPermissionContract {

    use Authenticatable, CanResetPassword, HasRole, HasPermission;
    /**

and this is where I have doubts:

I edit routes.php an add a new route Controller called users

app/Http/routes.php

I add this:

Route::controllers([
    'users' => 'UsersController', //add here
    'auth' => 'Auth\AuthController',
    'password' => 'Auth\PasswordController',
]);

in app/Http/Controllers

create a new file called:

//UserController.php
<?php namespace App\Http\Controllers;
use Bican\Roles\Models\Role;
use App\User;
use App\Funciones;

class UsersController extends Controller{
   public function getIndex()
    {
       $role = Role::create([
              'name' => 'Admin',
              'slug' => 'Admin',
              'description' => '' 
          ]);

          User::find(1)->attachRole($role);
    }
}

Added a new Member Since:

http://laravel.app/auth/register

Now I run

http://laravel.app/users

and in my database so good, in the table "ROLE_USER"

 appears: id: 1, role_id: 1, user_id:1 created_at_ :2015-xxxxxxx  etc

after I delete content in getIndex()
and I substitute

$user = User::find(1);
if ($user->is('admin')) // or you can pass an id
{
    return 'admin';
}

Now I run newly

http://laravel.app/users

But the function is() me always returns false, and look at your code and not defined any function IS ()

Temporarily I created this function:

  public function ComprobarRol()

    {

        $result = \DB::table('users')
            ->select('users.first_name', 'roles.name as RoldeSistema')
            ->where('users.id','=','1')
            ->join('role_user','users.id','=','role_user.user_id' )
            ->join('roles','role_user.role_id','=','roles.id' )
            ->get();
        var_dump($result);
        var_dump($result [0]->name);
        var_dump($result [0]->RoldeSistema);

    }

I returns the user name and the name of the role in the system, I hope you can help me
as I do for the IS function () function?

where I have to create code ?, or dependencies have to add?

Hello,

When I update a user with role, always save the selected role on every update.
It would be better, if we can choose from methods, that we want add one or multiple role to a user.

Thanks

I figured out the solution.

In order to list all roles of a current user I came up with crude, ugly solution:
I just list all of them like that:
@ROLE('Admin')
Admin
@Endrole

But in one of my project I will soon have more than 20 roles.
Are you planning any feature which would list all roles of the current user?

If yest, it should include a way to style each role with a css, such as this one:

{!!

                join(', ',
                    array_map(function($o) {
                        return link_to_route('roles',
                        $o->name,
                        [$o->id],
                        ['class' => 'ui blue tag label']
                        );}, 
                        $object->capacities->all())
            ) !!}

Thx

Hi,
your package works great and (short of DB-supported translations) it makes it possible for me to migrate from L4 finally, but...

is there a way of using in BLADE conditions such as:

@if (Auth::user()->is('Admin'))

without a need to create any $user variable?
I'd be happy to see an elegant solution for the issue.

What I do now is to define a $user variable in each method with this command:

$user = User::find(Auth::id());

I tried to add the varaible controller-wide

public function __construct()
{       
$user = User::find(Auth::id());   
View::share('user', $user); // Share $user with all views
}

but it doesn't work to me. :(

Thanks again.

Hi,

I like to know do i need to do any change to make this Role pacakge to work with multi tenant application? Or is there any tested multi tenant libraries with with this pakage works?

I like to chose roles based on the domain name.

Regards,
Clement

[RuntimeException]                                                                                                                                                                                                                     
Error Output: PHP Fatal error:  Call to undefined method Illuminate\View\Compilers\BladeCompiler::directive() in /home/vagrant/projects/askme2/vendor/bican/roles/src/Bican/Roles/RolesServiceProvider.php on line 46                  
PHP Stack trace:                                                                                                                                                                                                                       
PHP   1. {main}() /home/vagrant/projects/askme2/artisan:0                                                                                                                                                                              
PHP   2. Illuminate\Foundation\Console\Kernel->handle() /home/vagrant/projects/askme2/artisan:36                                                                                                                                       
PHP   3. Illuminate\Foundation\Console\Kernel->bootstrap() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php:92                                                                      
PHP   4. Illuminate\Foundation\Application->bootstrapWith() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php:195                                                                    
PHP   5. Illuminate\Foundation\Bootstrap\BootProviders->bootstrap() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:183                                                               
PHP   6. Illuminate\Foundation\Application->boot() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/BootProviders.php:15                                                                     
PHP   7. array_walk() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:686                                                                                                             
PHP   8. Illuminate\Foundation\Application->Illuminate\Foundation\{closure}() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:686                                                     
PHP   9. Illuminate\Foundation\Application->bootProvider() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:685                                                                        
PHP  10. Illuminate\Container\Container->call() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Foundation/Application.php:703                                                                                   
PHP  11. call_user_func_array:{/home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Container/Container.php:523}() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Container/Container.php:523  
PHP  12. Bican\Roles\RolesServiceProvider->boot() /home/vagrant/projects/askme2/vendor/laravel/framework/src/Illuminate/Container/Container.php:523                                                                                    
PHP  13. Bican\Roles\RolesServiceProvider->registerBladeExtensions() /home/vagrant/projects/askme2/vendor/bican/roles/src/Bican/Roles/RolesServiceProvider.php:24     

Could you please check that?

Kindest regards
Christian

I don't think the connection setting (https://github.com/romanbican/roles/blob/master/src/config/roles.php#L16) and associated code in the Traits in necessary. You can simply set the connection on the Role and Permission models.

If you handle it this way then you can replace some of the custom queries with eloquent calls which would make it easier for people who rename the tables/fields in the database.

ex:

class SomeModel extends Eloquent {

    protected $connection = 'mysql2';

}

See:
https://github.com/laravel/framework/blob/5.1/src/Illuminate/Database/Eloquent/Model.php#L40

Hey! Great start to a new L5 package. First idea: inherited roles.

Consider you have two roles, Administrator and Editor. An Administrator should be able to do everything an Editor can do. In that case, you'd currently have to do:

if(\Auth::user()->hasRole('Administrator') || \Auth::user()->hasRole('Editor'))

which is cumbersome. It'd be easier to just say:

if(\Auth::user()->hasRole('Editor'))

Makes sense?

When i try to reset migrations, i get these error : Fatal error: Class 'CreatePermissionUserTable' not found

The class well exist but the error remains ... an idea ?

I'm trying to get all users who have a permission; and I'm sure I'm doing something stupid.

dd(User::whereHas('permissions', function($q)
{
    $q->where('slug', 'page.owner');
})->get());

returns the following error:

FatalErrorException in Builder.php line 564:
Call to undefined method Illuminate\Database\Eloquent\Collection::getRelationCountQuery()

I would do

Permission::where('slug','page.owner')->get()->users

But I need to also get the users who are inheriting this permission from lower level roles.

Please write some tests for this great package.

How does one acquire all permissions for user.

I used:

$user->with('roles')->get(); //gets me all roles for user
$user->with('permissions')->get(); //throws error Eloquent\Collection::addEagerConstraints()

If anyone wonders I want to be able to show all permissions per user in administration.

Hey,

on L5 where would you put this initiating roles and permissions file?
Do you create some database/rbac/rbac_init.php file for it?

I understand that later for new users I would integrate this to users management but for initial start do you create them in some init file?

Middleware based on user level, given how there are middlewares for roles and permissions.

Hi,

Why Auth::user()->is('role'), not working, but I need to catch user by id
(something like $user = User::find(Auth::user()->id);
Then, $user->is('role') is working.

Tried so many ways to publish config and so on but nothing was happened :(

Following this package instructions and official docs haven't helped me and I got no idea how to force Artisan CLI to make it work properly.

It just writes me "Publishing complete!" but no any new files in "config" and "migrations" dirs.
Project structure is default.

Hi,
I got this errors after upgrading to L5.1:

FatalErrorException in RolesServiceProvider.php line 47: Call to undefined method Illuminate\View\Compilers\BladeCompiler::createMatcher()

My friend adviced me to download & use ZIP file with your package instead of using composer and it helped.

How about a new release to fix this issue?

While I believe this is due to the changes in laravel 5.1, I wanted to check here to see if anyone might have found a solution or work around.

I have the following roles:

admin
    level 999
admin.pages
    level 500
admin.users
    level 500

I used to do a check like this:

@role('root|admin|admin.*')

But now I'm unable to use wildcards in any of the checks. I'm assuming that laravel 5.1 removed the ability to use wildcards in a collection contains check and that is causing this.

I upgraded to Laravel 5.1. Only issue I noticed with this library is that L 5.1 has removed/moved $compiler->createMatcher() functions, so RolesServiceProvider->registerBladeExtensions() gives an error.

I solved this by simply commenting out $this->registerBladeExtensions(); from boot() method. Would be nice to have a config option to choose this.

It would be cool feature to be able to attach role by slug.
Now only works with full model or id. Slug is more rememberable to provide ;)

I'm using Laravel 5.0.28

Blade extensions @ROLE, @Permission... are broken, they are not rendered.

Hi, love your awesome feature Entity Check. but can you make it more configureable ?
in my database i used created_by instead of user_id to present who is the creator of this row..

Hello. For now Laravel has a bug with tagged publishing. Means that if tag, e.g. "config", is already present in your project - it will not work (in my project I use a package which already contains the "config" tag). In fact if you rename your tag to some unique name, e.g. "bican-roles-config" or smth like this, it will publish correctly.

I think what throwing exception from function "CAN" it is not good, because this function (such as "is" and "allowed") can be used in template, to restrict some functional capability.
So my proposal is just return false for this 3 functions.

File HasRoleAndPermission. Lines 145, 157
throw new RoleNotFoundException('This user has no role.');