Happy Coding
本文目標
利用Entrust Package進行權限管理
修改用戶表單請求
打開文件app/Http/Request/Form/UserForm.php,修改代碼如下:
<?php
namespace App\Http\Requests\Form;
use App\Http\Requests\Request;
class UserForm extends Request
{
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
return [
'name' => 'required|unique:users',
'email' => 'required|unique:users',
'role_id' => 'required',
'password' => 'required|confirmed',
'password_confirmation' => 'required',
];
}
public function messages()
{
return [
'name.required' => '用戶名稱不能為空',
'name.unique' => '用戶名稱已存在',
'email.required' => '用戶郵箱不能為空',
'email.unique' => '用戶郵箱已存在',
'role_id.required' => '用戶角色不能為空',
'password.required' => '用戶密碼不能為空',
'password.confirmed' => '確認密碼不一致',
'password_confirmation.required' => '確認密碼不能為空'
];
}
}
修改用戶表單請求的驗證規則,確保用戶名稱、用戶郵箱唯一。
修改用戶管理控制器
打開文件app/Http/Controllers/Backend/UserController/php,修改代碼如下:
<?php
namespace App\Http\Controllers\Backend;
use App\Models\Role;
use App\Models\User;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use App\Http\Requests\Form\UserForm;
class UserController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
$users = User::paginate(25);
return view('backend.user.index', compact('users'));
}
/**
* Show the form for creating a new resource.
*
* @return \Illuminate\Http\Response
*/
public function create()
{
$roles = Role::all();
return view('backend.user.create', compact('roles'));
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
*
* @return \Illuminate\Http\Response
*/
public function store(UserForm $request)
{
$data = [
'name' => $request['name'],
'email' => $request['email'],
'password' => bcrypt($request['password']),
];
try {
$roles = Role::whereIn('id', $request->get('role_id'))->get();
if (empty($roles->toArray())) {
return redirect()->back()->withErrors("用戶角色不存在,請刷新頁面并選擇其他用戶角色")->withInput();
}
$user = User::create($data);
if ($user) {
foreach ($roles as $role) {
$user->attachRole($role);
}
return redirect()->route('user.index')->withSuccess('新增用戶成功');
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()))->withInput();
}
}
/**
* Display the specified resource.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function show($id)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function edit($id)
{
$user = User::find($id);
$roles = Role::all();
$userRoles = $user->roles->toArray();
$displayNames = array_map(function ($value) {
return $value['display_name'];
}, $userRoles);
return view('backend.user.edit', compact('user', 'roles', 'displayNames'));
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function update(UserForm $request, $id)
{
$user = User::find($id);
$user->name = $request['name'];
$user->email = $request['email'];
$user->password = bcrypt($request['password']);
try {
$roles = Role::whereIn('id', $request->get('role_id'))->get();
if (empty($roles->toArray())) {
return redirect()->back()->withErrors("用戶角色不存在,請刷新頁面并選擇其他用戶角色")->withInput();
} else {
if ($user->save()) {
foreach ($roles as $role) {
$user->attachRole($role);
}
return redirect()->route('user.index')->withSuccess('編輯用戶成功');
}
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()))->withInput();
}
}
/**
* Remove the specified resource from storage.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
try {
if (User::destroy($id)) {
return redirect()->back()->withSuccess('刪除用戶成功');
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()));
}
}
}
修改新增用戶、編輯用戶的業務流程,新增用戶、編輯用戶的時候,必須為用戶指定一名角色。
修改視圖
打開文件夾resources/views/backend/user/下的
index.blade.phpcreate.blade.phpedit.blade.php
修改代碼如下:
index.blade.php
@extends('backend.layout.main')
@section('content')
<div class="row">
<div class="col-xs-1">
<div class="small-box">
<a href="{{URL::to('user/create')}}" class="btn btn-success">新增用戶</a>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="box">
<div class="box-header with-border">
<h3 class="box-title">用戶列表</h3>
<div class="box-tools pull-right">
<div class="input-group input-group-sm" style="width: 150px;">
<input type="text" name="table_search" class="form-control pull-right" placeholder="快速查詢">
<div class="input-group-btn">
<button type="button" class="btn btn-default disabled">
<i class="fa fa-search"></i>
</button>
</div>
</div>
</div>
</div>
<div class="box-body table-responsive no-padding">
<table class="table table-hover">
<tr>
<th>用戶編號</th>
<th>用戶名稱</th>
<th>用戶郵箱</th>
<th>所屬角色</th>
<th>管理操作</th>
</tr>
@forelse($users as $user)
<tr>
<td>{{$user->id}}</td>
<td>{{$user->name}}</td>
<td>{{$user->email}}</td>
<td>
@foreach($user->roles as $role)
{{$role->display_name}}
@endforeach
</td>
<td>
<a class="btn btn-info" href="{{URL::to('user/'.$user->id.'/edit')}}">
編輯
</a>
<button class="btn btn-danger" data-toggle="modal" data-target="#defalutModal" data-url="{{URL::to('user/'.$user->id)}}">
刪除
</button>
</td>
</tr>
@empty
<tr>
<td colspan="4" class="text-center">暫無數據</td>
</tr>
@endforelse
</table>
</div>
@if($users->render() !== "")
<div class="box-footer">
{!! $users->render() !!}
</div>
@endif
</div>
</div>
</div>
@include('backend.layout.model.default',['model_title'=>'操作提示','model_content'=>'你確定要刪除這名用戶嗎?'])
@stop
@section('script')
<script type="text/javascript">
$('#defalutModal').on('show.bs.modal', function (event) {
var button = $(event.relatedTarget);
var url = button.data('url');
var modal = $(this);
modal.find('form').attr('action', url);
})
</script>
@stop
create.blade.php
@extends('backend.layout.main')
@section('content')
<div class="row">
<div class="col-md-6">
<div class="box box-info">
<form class="form-horizontal" action="{{URL::to('user')}}" method="post" enctype="multipart/form-data">
<div class="box-header with-border">
<h3 class="box-title">{{$page_title or "page_title"}}</h3>
<input type="hidden" name="_token" value="{{csrf_token()}}">
</div>
<div class="box-body">
<div class="form-group">
<label class="col-sm-3 control-label">用戶角色</label>
<div class="col-sm-9">
<select class="form-control select2" multiple="multiple" name="role_id[]">
@foreach($roles as $role)
<option value="{{$role->id}}">{{$role->display_name}}</option>
@endforeach
</select>
@include('backend.layout.message.tips',['field'=>'role_id'])
</div>
</div>
<div class="form-group">
<label for="name" class="col-sm-3 control-label">用戶名稱</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="name" name="name" placeholder="用戶名稱" value="{{old('name')}}">
@include('backend.layout.message.tips',['field'=>'name'])
</div>
</div>
<div class="form-group">
<label for="email" class="col-sm-3 control-label">用戶郵箱</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="email" name="email" placeholder="用戶郵箱" value="{{old('email')}}">
@include('backend.layout.message.tips',['field'=>'email'])
</div>
</div>
<div class="form-group">
<label for="password" class="col-sm-3 control-label">用戶密碼</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="password" name="password" placeholder="用戶密碼" value="{{old('password')}}">
@include('backend.layout.message.tips',['field'=>'password'])
</div>
</div>
<div class="form-group">
<label for="password_confirmation" class="col-sm-3 control-label">確認密碼</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="password_confirmation" name="password_confirmation" placeholder="確認密碼" value="{{old('password_confirmation')}}">
@include('backend.layout.message.tips',['field'=>'password_confirmation'])
</div>
</div>
</div>
<div class="box-footer">
<a class="btn btn-default" href="{{route('user.index')}}">返回</a>
<button type="submit" class="btn btn-danger pull-right">確 定</button>
</div>
</form>
</div>
</div>
</div>
@stop
edit.blade.php
@extends('backend.layout.main')
@section('content')
<div class="row">
<div class="col-md-6">
<div class="box box-info">
<form class="form-horizontal" action="{{URL::to('user/'.$user->id)}}" method="post" enctype="multipart/form-data">
<div class="box-header with-border">
<h3 class="box-title">{{$page_title or "Page_title"}}</h3>
<input type="hidden" name="_token" value="{{csrf_token()}}">
<input type="hidden" name="_method" value="put">
</div>
<div class="box-body">
<div class="form-group">
<label class="col-sm-3 control-label">用戶角色</label>
<div class="col-sm-9">
<select class="form-control select2" multiple="multiple" name="role_id[]" style="width: 100%">
@foreach($roles as $role)
<option value="{{$role->id}}" @if(in_array($role->display_name,$displayNames)) selected @endif>{{$role->display_name}}</option>
@endforeach
</select>
@include('backend.layout.message.tips',['field'=>'role_id'])
</div>
</div>
<div class="form-group">
<label for="name" class="col-sm-3 control-label">用戶名稱</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="name" name="name" placeholder="用戶名稱" value="{{$user->name}}">
@include('backend.layout.message.tips',['field'=>'name'])
</div>
</div>
<div class="form-group">
<label for="email" class="col-sm-3 control-label">用戶郵箱</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="email" name="email" placeholder="用戶郵箱" value="{{$user->email}}">
@include('backend.layout.message.tips',['field'=>'email'])
</div>
</div>
<div class="form-group">
<label for="password" class="col-sm-3 control-label">用戶密碼</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="password" name="password" placeholder="用戶密碼">
@include('backend.layout.message.tips',['field'=>'password'])
</div>
</div>
<div class="form-group">
<label for="password_confirmation" class="col-sm-3 control-label">確認密碼</label>
<div class="col-sm-9">
<input type="text" class="form-control" id="password_confirmation" name="password_confirmation" placeholder="確認密碼" value="{{$user->password_confirmation}}">
@include('backend.layout.message.tips',['field'=>'password_confirmation'])
</div>
</div>
</div>
<div class="box-footer">
<button type="button" class="btn btn-default" onclick="javascript:history.back(-1);return false;">
返回
</button>
<button type="submit" class="btn btn-danger pull-right">確 定</button>
</div>
</form>
</div>
</div>
</div>
@stop
新增模型
在終端運行以下命令,新增數據模型
php artisan make:model Models/RoleUser
php artisan make:model Models/PermissionRole
分別打開文件RoleUser.php,PermissionRole.php,修改代碼如下:
RoleUser.php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class RoleUser extends Model
{
protected $fillable = ['user_id', 'role_id'];
protected $table = "role_user";
public $timestamps = false;
}
PermissionRole.php
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class PermissionRole extends Model
{
protected $fillable = ['permission_id', 'role_id'];
protected $table = "permission_role";
public $timestamps = false;
}
新增數據填充
打開文件database/seeds/DatabaseSeeder.php,修改文件代碼如下:
<?php
use Illuminate\Database\Seeder;
use App\Models\Menu;
use App\Models\Role;
use App\Models\User;
use App\Models\RoleUser;
use App\Models\Permission;
use App\Models\PermissionRole;
class DatabaseSeeder extends Seeder
{
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$this->call("MenusTableSeeder");
$this->call("UsersTableSeeder");
$this->call("RolesTableSeeder");
$this->call("RoleUserTableSeeder");
$this->call("PermissionTableSeeder");
$this->call("PermissionRoleTableSeeder");
}
}
class PermissionRoleTableSeeder extends Seeder
{
public function run()
{
DB::table('permission_role')->delete();
for ($i = 1; $i < 3; $i++) {
for ($j = 1; $j < 15; $j++) {
PermissionRole::create(['permission_id' => $j, 'role_id' => $i]);
}
}
}
}
class UsersTableSeeder extends Seeder
{
public function run()
{
DB::table('users')->delete();
User::create(['name' => 'Ann', 'email' => 'ann@qq.com', 'password' => bcrypt(123456)]);
User::create(['name' => 'Luis', 'email' => 'luis@qq.com', 'password' => bcrypt(123456)]);
User::create(['name' => 'admin', 'email' => 'admin@qq.com', 'password' => bcrypt(123456)]);
}
}
class RolesTableSeeder extends Seeder
{
public function run()
{
DB::table('roles')->delete();
Role::create(['name' => 'admin', 'display_name' => 'User Administrator', 'description' => 'User is allowed to manage and edit other users']);
Role::create(['name' => 'owner', 'display_name' => 'Project Owner', 'description' => 'User is the owner of a given project']);
}
}
class RoleUserTableSeeder extends Seeder
{
public function run()
{
DB::table('role_user')->delete();
RoleUser::create(['user_id' => 3, 'role_id' => 1]);
RoleUser::create(['user_id' => 2, 'role_id' => 2]);
RoleUser::create(['user_id' => 1, 'role_id' => 2]);
}
}
class PermissionTableSeeder extends Seeder
{
public function run()
{
DB::table('permissions')->delete();
Permission::create(["display_name" => "首頁管理", "name" => "index.index", 'description' => '展示系統的各項基礎數據']);
Permission::create(["display_name" => "菜單列表", "name" => "menu.index", 'description' => '管理菜單的新增、編輯、刪除']);
Permission::create(["display_name" => "新增菜單", "name" => "menu.create", 'description' => '新增菜單的頁面']);
Permission::create(["display_name" => "編輯菜單", "name" => "menu.edit", 'description' => '編輯菜單的頁面']);
Permission::create(["display_name" => "角色列表", "name" => "role.index", 'description' => '管理角色的新增、編輯、刪除']);
Permission::create(["display_name" => "新增角色", "name" => "role.create", 'description' => '新增角色的頁面']);
Permission::create(["display_name" => "編輯角色", "name" => "role.edit", 'description' => '編輯角色的頁面']);
Permission::create(["display_name" => "角色賦權", "name" => "role.show", 'description' => '編輯角色的頁面']);
Permission::create(["display_name" => "權限列表", "name" => "permission.index", 'description' => '管理權限的新增、編輯、刪除']);
Permission::create(["display_name" => "新增權限", "name" => "permission.create", 'description' => '新增權限的頁面']);
Permission::create(["display_name" => "編輯權限", "name" => "permission.edit", 'description' => '編輯權限的頁面']);
Permission::create(["display_name" => "用戶列表", "name" => "user.index", 'description' => '管理用戶的新增、編輯、刪除']);
Permission::create(["display_name" => "新增用戶", "name" => "user.create", 'description' => '新增用戶的頁面']);
Permission::create(["display_name" => "編輯用戶", "name" => "user.edit", 'description' => '編輯用戶的頁面']);
}
}
class MenusTableSeeder extends Seeder
{
public function run()
{
DB::table('menus')->delete();
Menu::create(["parent_id" => "0", "name" => "首頁管理", "url" => "index.index", 'description' => '展示系統的各項基礎數據']);
Menu::create(["parent_id" => "0", "name" => "菜單管理", "url" => "menu.index", 'description' => '管理菜單的新增、編輯、刪除']);
Menu::create(["parent_id" => "2", "name" => "菜單列表", "url" => "menu.index", 'description' => '管理菜單的新增、編輯、刪除']);
Menu::create(["parent_id" => "2", "name" => "新增菜單", "url" => "menu.create", 'description' => '新增菜單的頁面']);
Menu::create(["parent_id" => "2", "name" => "編輯菜單", "url" => "menu.edit", 'description' => '編輯菜單的頁面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "角色管理", "url" => "role.index", 'description' => '管理角色的新增、編輯、刪除']);
Menu::create(["parent_id" => "6", "name" => "角色列表", "url" => "role.index", 'description' => '管理角色的新增、編輯、刪除']);
Menu::create(["parent_id" => "6", "name" => "新增角色", "url" => "role.create", 'description' => '新增角色的頁面']);
Menu::create(["parent_id" => "6", "name" => "編輯角色", "url" => "role.edit", 'description' => '編輯角色的頁面', 'is_hide' => 1]);
Menu::create(["parent_id" => "6", "name" => "角色賦權", "url" => "role.show", 'description' => '編輯角色的頁面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "權限管理", "url" => "permission.index", 'description' => '管理權限的新增、編輯、刪除']);
Menu::create(["parent_id" => "11", "name" => "權限列表", "url" => "permission.index", 'description' => '管理權限的新增、編輯、刪除']);
Menu::create(["parent_id" => "11", "name" => "新增權限", "url" => "permission.create", 'description' => '新增權限的頁面']);
Menu::create(["parent_id" => "11", "name" => "編輯權限", "url" => "permission.edit", 'description' => '編輯權限的頁面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "用戶管理", "url" => "user.index", 'description' => '管理用戶的新增、編輯、刪除']);
Menu::create(["parent_id" => "15", "name" => "用戶列表", "url" => "user.index", 'description' => '管理用戶的新增、編輯、刪除']);
Menu::create(["parent_id" => "15", "name" => "新增用戶", "url" => "user.create", 'description' => '新增用戶的頁面']);
Menu::create(["parent_id" => "15", "name" => "編輯用戶", "url" => "user.edit", 'description' => '編輯用戶的頁面', 'is_hide' => 1]);
}
}
接著在終端執行以下命令,執行數據回滾與填充
php artisan migrate:refresh --seed
新建中間件
在終端執行以下命令新增一個中間件
php artisan make:middleware Entrust
打開文件app/Http/Middleware/Entrust,修改文件代碼如下:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Route;
class Entrust
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if ( ! Auth::user()->hasPermission(Route::currentRouteName())) {
return redirect()->back()->withErrors("沒有操作權限");
}
return $next($request);
}
}
注冊中間件
打開文件app/Http/Kernel.php,在數組$routeMiddleware添加以下代碼:
'Entrust' => \App\Http\Middleware\Entrust::class
路由綁定中間件
打開文件app/Http/routes.php,修改文件代碼如下:
Route::group(['namespace' => 'Backend', 'middleware' => ['auth','Entrust']], function () {
Route::get('/', ['as' => 'index.index', 'uses' => 'IndexController@index']);
Route::resource('user', 'UserController');
Route::resource('menu', 'MenuController');
Route::resource('role', 'RoleController');
Route::resource('permission', 'PermissionController');
});
Route::group(['namespace' => 'Auth'], function () {
Route::get('auth/login', 'AuthController@getLogin');
Route::post('auth/login', 'AuthController@postLogin');
Route::get('auth/logout', 'AuthController@getLogout');
});
凡是進行后臺訪問、操作的路由,都必須經過Entrust中間件進行權限驗證。當前登錄用戶對應的角色沒有權限,則無法查看頁面或進行數據操作
效果預覽
屏幕快照 2016-02-22 16.06.07.png
