I'm trying to use cartalyst sentry 2 in my site being built with Laravel 4. Basically I don't understand how to implement permissions.
The examples I've seen for permissions for a group specify the following as an example:
{
"name" : "Administrator",
"permissions" :
{
"user.create" : 1,
"user.delete" : 1,
"user.view" : 1,
"user.update" : 1
}
}
SO this is setting permissions for the admin group. BUT where are these permissions set?
In the table 'groups' there is a field called permissions which is a text field - are they set there - if so how? Or are these set in a model or controller?
Can anyone point me to s step by step on how to use in a laravel 4 app? I've read the supporting docs which foes through the functions but I'm just not sure how to set the data to get the functions to work.
Basically you have to..
Create your groups
Sentry::getGroupProvider()->create([
'name' => 'Super Administrators',
'permissions' => [
'system' => 1,
],
]);
Sentry::getGroupProvider()->create([
'name' => 'Managers',
'permissions' => [
'system.products' => 1,
'system.store' => 1,
'system.profile' => 1,
],
]);
Set a group to a particular user, in this case it is setting Managers to the current logged user
Sentry::getUser()->addGroup( Sentry::getGroupProvider()->findByName('Managers') );
Check if a user has a particular access
if ( Sentry::getUser()->hasAnyAccess(['system','system.products']) )
{
// Will be able to do a thing
}
Check if a user is Super Administrator (only this group has the 'system' access)
if ( Sentry::getUser()->hasAnyAccess(['system']) )
{
// Will be able to do a thing
}
Get all groups from a particular user
try
{
// Find the user using the user id
$user = Sentry::getUserProvider()->findById(1);
// Get the user groups
$groups = $user->getGroups();
}
catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
{
echo 'User was not found.';
}
In your groups
table you set the permissions using JSON.
I have the following columns:
id | name | permissions
And a row:
1 | admin | {"admin":1, "create_news": 1}
Assign a user to a group using the table users_groups
Now you can use the following example to check if a user have a given permission:
$user = Sentry::getUser();
if ($user->hasAccess('create_news')) {
echo "You can create a news item";
}
else {
echo "You can't create a news item";
}
来源:https://stackoverflow.com/questions/17012553/how-to-implement-sentry-2-permissions-with-laravel-4