Happy Coding
本文目标
利用Entrust Package进行权限管理
修改用户表单请求
打开文件app/Http/Request/Form/UserForm.php,修改代码如下:
'required|unique:users',
'email' => 'required|unique:users',
'role_id' => 'required',
'password' => 'required|confirmed',
'password_confirmation' => 'required',
];
}
public function messages()
{
return [
'name.required' => '用户名称不能为空',
'name.unique' => '用户名称已存在',
'email.required' => '用户邮箱不能为空',
'email.unique' => '用户邮箱已存在',
'role_id.required' => '用户角色不能为空',
'password.required' => '用户密码不能为空',
'password.confirmed' => '确认密码不一致',
'password_confirmation.required' => '确认密码不能为空'
];
}
}
修改用户表单请求的验证规则,确保用户名称、用户邮箱唯一。
修改用户管理控制器
打开文件app/Http/Controllers/Backend/UserController/php,修改代码如下:
$request['name'],
'email' => $request['email'],
'password' => bcrypt($request['password']),
];
try {
$roles = Role::whereIn('id', $request->get('role_id'))->get();
if (empty($roles->toArray())) {
return redirect()->back()->withErrors("用户角色不存在,请刷新页面并选择其他用户角色")->withInput();
}
$user = User::create($data);
if ($user) {
foreach ($roles as $role) {
$user->attachRole($role);
}
return redirect()->route('user.index')->withSuccess('新增用户成功');
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()))->withInput();
}
}
/**
* Display the specified resource.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function show($id)
{
//
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function edit($id)
{
$user = User::find($id);
$roles = Role::all();
$userRoles = $user->roles->toArray();
$displayNames = array_map(function ($value) {
return $value['display_name'];
}, $userRoles);
return view('backend.user.edit', compact('user', 'roles', 'displayNames'));
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function update(UserForm $request, $id)
{
$user = User::find($id);
$user->name = $request['name'];
$user->email = $request['email'];
$user->password = bcrypt($request['password']);
try {
$roles = Role::whereIn('id', $request->get('role_id'))->get();
if (empty($roles->toArray())) {
return redirect()->back()->withErrors("用户角色不存在,请刷新页面并选择其他用户角色")->withInput();
} else {
if ($user->save()) {
foreach ($roles as $role) {
$user->attachRole($role);
}
return redirect()->route('user.index')->withSuccess('编辑用户成功');
}
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()))->withInput();
}
}
/**
* Remove the specified resource from storage.
*
* @param int $id
*
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
try {
if (User::destroy($id)) {
return redirect()->back()->withSuccess('删除用户成功');
}
} catch (\Exception $e) {
return redirect()->back()->withErrors(array('error' => $e->getMessage()));
}
}
}
修改新增用户、编辑用户的业务流程,新增用户、编辑用户的时候,必须为用户指定一名角色。
修改视图
打开文件夹resources/views/backend/user/下的
index.blade.phpcreate.blade.phpedit.blade.php
修改代码如下:
index.blade.php
@extends('backend.layout.main')
@section('content')
用户列表
用户编号
用户名称
用户邮箱
所属角色
管理操作
@forelse($users as $user)
{{$user->id}}
{{$user->name}}
{{$user->email}}
@foreach($user->roles as $role)
{{$role->display_name}}
@endforeach
编辑
@empty
暂无数据
@endforelse
@if($users->render() !== "")
@endif
@include('backend.layout.model.default',['model_title'=>'操作提示','model_content'=>'你确定要删除这名用户吗?'])
@stop
@section('script')
@stop
create.blade.php
@extends('backend.layout.main')
@section('content')
@stop
edit.blade.php
@extends('backend.layout.main')
@section('content')
@stop
新增模型
在终端运行以下命令,新增数据模型
php artisan make:model Models/RoleUser
php artisan make:model Models/PermissionRole
分别打开文件RoleUser.php,PermissionRole.php,修改代码如下:
RoleUser.php
PermissionRole.php
新增数据填充
打开文件database/seeds/DatabaseSeeder.php,修改文件代码如下:
call("MenusTableSeeder");
$this->call("UsersTableSeeder");
$this->call("RolesTableSeeder");
$this->call("RoleUserTableSeeder");
$this->call("PermissionTableSeeder");
$this->call("PermissionRoleTableSeeder");
}
}
class PermissionRoleTableSeeder extends Seeder
{
public function run()
{
DB::table('permission_role')->delete();
for ($i = 1; $i < 3; $i++) {
for ($j = 1; $j < 15; $j++) {
PermissionRole::create(['permission_id' => $j, 'role_id' => $i]);
}
}
}
}
class UsersTableSeeder extends Seeder
{
public function run()
{
DB::table('users')->delete();
User::create(['name' => 'Ann', 'email' => '[email protected]', 'password' => bcrypt(123456)]);
User::create(['name' => 'Luis', 'email' => '[email protected]', 'password' => bcrypt(123456)]);
User::create(['name' => 'admin', 'email' => '[email protected]', 'password' => bcrypt(123456)]);
}
}
class RolesTableSeeder extends Seeder
{
public function run()
{
DB::table('roles')->delete();
Role::create(['name' => 'admin', 'display_name' => 'User Administrator', 'description' => 'User is allowed to manage and edit other users']);
Role::create(['name' => 'owner', 'display_name' => 'Project Owner', 'description' => 'User is the owner of a given project']);
}
}
class RoleUserTableSeeder extends Seeder
{
public function run()
{
DB::table('role_user')->delete();
RoleUser::create(['user_id' => 3, 'role_id' => 1]);
RoleUser::create(['user_id' => 2, 'role_id' => 2]);
RoleUser::create(['user_id' => 1, 'role_id' => 2]);
}
}
class PermissionTableSeeder extends Seeder
{
public function run()
{
DB::table('permissions')->delete();
Permission::create(["display_name" => "首页管理", "name" => "index.index", 'description' => '展示系统的各项基础数据']);
Permission::create(["display_name" => "菜单列表", "name" => "menu.index", 'description' => '管理菜单的新增、编辑、删除']);
Permission::create(["display_name" => "新增菜单", "name" => "menu.create", 'description' => '新增菜单的页面']);
Permission::create(["display_name" => "编辑菜单", "name" => "menu.edit", 'description' => '编辑菜单的页面']);
Permission::create(["display_name" => "角色列表", "name" => "role.index", 'description' => '管理角色的新增、编辑、删除']);
Permission::create(["display_name" => "新增角色", "name" => "role.create", 'description' => '新增角色的页面']);
Permission::create(["display_name" => "编辑角色", "name" => "role.edit", 'description' => '编辑角色的页面']);
Permission::create(["display_name" => "角色赋权", "name" => "role.show", 'description' => '编辑角色的页面']);
Permission::create(["display_name" => "权限列表", "name" => "permission.index", 'description' => '管理权限的新增、编辑、删除']);
Permission::create(["display_name" => "新增权限", "name" => "permission.create", 'description' => '新增权限的页面']);
Permission::create(["display_name" => "编辑权限", "name" => "permission.edit", 'description' => '编辑权限的页面']);
Permission::create(["display_name" => "用户列表", "name" => "user.index", 'description' => '管理用户的新增、编辑、删除']);
Permission::create(["display_name" => "新增用户", "name" => "user.create", 'description' => '新增用户的页面']);
Permission::create(["display_name" => "编辑用户", "name" => "user.edit", 'description' => '编辑用户的页面']);
}
}
class MenusTableSeeder extends Seeder
{
public function run()
{
DB::table('menus')->delete();
Menu::create(["parent_id" => "0", "name" => "首页管理", "url" => "index.index", 'description' => '展示系统的各项基础数据']);
Menu::create(["parent_id" => "0", "name" => "菜单管理", "url" => "menu.index", 'description' => '管理菜单的新增、编辑、删除']);
Menu::create(["parent_id" => "2", "name" => "菜单列表", "url" => "menu.index", 'description' => '管理菜单的新增、编辑、删除']);
Menu::create(["parent_id" => "2", "name" => "新增菜单", "url" => "menu.create", 'description' => '新增菜单的页面']);
Menu::create(["parent_id" => "2", "name" => "编辑菜单", "url" => "menu.edit", 'description' => '编辑菜单的页面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "角色管理", "url" => "role.index", 'description' => '管理角色的新增、编辑、删除']);
Menu::create(["parent_id" => "6", "name" => "角色列表", "url" => "role.index", 'description' => '管理角色的新增、编辑、删除']);
Menu::create(["parent_id" => "6", "name" => "新增角色", "url" => "role.create", 'description' => '新增角色的页面']);
Menu::create(["parent_id" => "6", "name" => "编辑角色", "url" => "role.edit", 'description' => '编辑角色的页面', 'is_hide' => 1]);
Menu::create(["parent_id" => "6", "name" => "角色赋权", "url" => "role.show", 'description' => '编辑角色的页面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "权限管理", "url" => "permission.index", 'description' => '管理权限的新增、编辑、删除']);
Menu::create(["parent_id" => "11", "name" => "权限列表", "url" => "permission.index", 'description' => '管理权限的新增、编辑、删除']);
Menu::create(["parent_id" => "11", "name" => "新增权限", "url" => "permission.create", 'description' => '新增权限的页面']);
Menu::create(["parent_id" => "11", "name" => "编辑权限", "url" => "permission.edit", 'description' => '编辑权限的页面', 'is_hide' => 1]);
Menu::create(["parent_id" => "0", "name" => "用户管理", "url" => "user.index", 'description' => '管理用户的新增、编辑、删除']);
Menu::create(["parent_id" => "15", "name" => "用户列表", "url" => "user.index", 'description' => '管理用户的新增、编辑、删除']);
Menu::create(["parent_id" => "15", "name" => "新增用户", "url" => "user.create", 'description' => '新增用户的页面']);
Menu::create(["parent_id" => "15", "name" => "编辑用户", "url" => "user.edit", 'description' => '编辑用户的页面', 'is_hide' => 1]);
}
}
接着在终端执行以下命令,执行数据回滚与填充
php artisan migrate:refresh --seed
新建中间件
在终端执行以下命令新增一个中间件
php artisan make:middleware Entrust
打开文件app/Http/Middleware/Entrust,修改文件代码如下:
hasPermission(Route::currentRouteName())) {
return redirect()->back()->withErrors("没有操作权限");
}
return $next($request);
}
}
注册中间件
打开文件app/Http/Kernel.php,在数组$routeMiddleware添加以下代码:
'Entrust' => \App\Http\Middleware\Entrust::class
路由绑定中间件
打开文件app/Http/routes.php,修改文件代码如下:
Route::group(['namespace' => 'Backend', 'middleware' => ['auth','Entrust']], function () {
Route::get('/', ['as' => 'index.index', 'uses' => 'IndexController@index']);
Route::resource('user', 'UserController');
Route::resource('menu', 'MenuController');
Route::resource('role', 'RoleController');
Route::resource('permission', 'PermissionController');
});
Route::group(['namespace' => 'Auth'], function () {
Route::get('auth/login', 'AuthController@getLogin');
Route::post('auth/login', 'AuthController@postLogin');
Route::get('auth/logout', 'AuthController@getLogout');
});
凡是进行后台访问、操作的路由,都必须经过Entrust中间件进行权限验证。当前登录用户对应的角色没有权限,则无法查看页面或进行数据操作
效果预览
屏幕快照 2016-02-22 16.06.07.png