How to implement a permission management system in Laravel

Introduction:
With the continuous development of web applications, the permission management system has become one of the basic functions of many applications. one. Laravel, as a popular PHP framework, provides a wealth of tools and functions to implement permission management systems. This article will introduce how to implement a simple and powerful permission management system in Laravel and provide specific code examples.

1. Design ideas of permission management system
When designing the permission management system, the following key points need to be considered:

1. Definition of roles and permissions: Role refers to The user's function or identity, and permissions refer to the user's ability to access system functions or resources.
2. The relationship between users and roles: A user can have multiple roles, and a role can be owned by multiple users.
3. The relationship between permissions and roles: A role can have multiple permissions, and one permission can be owned by multiple roles.
4. The relationship between routing and permissions: Routing determines the entrance for users to access system functions. Different routes may require different permissions to restrict access.

Based on the above design ideas, we can start to implement the permission management system in Laravel.

2. Database design and migration
In Laravel, we can use database migration to create and modify database tables. The following is a simple database design:

1. User table (users): stores basic information of users, such as user name, password, etc.
2. Role table (roles): stores basic information of roles, such as role name, description, etc.
3. Permissions table: stores basic information about permissions, such as permission names, descriptions, etc.
4. Role-permission association table (role_permission): records the corresponding relationship between roles and permissions.
5. User-role association table (user_role): records the corresponding relationship between users and roles.

First, create the migration file:

php artisan make:migration create_users_table
php artisan make:migration create_roles_table
php artisan make:migration create_permissions_table
php artisan make:migration create_role_permission_table
php artisan make:migration create_user_role_table

Then, write the table structure in the corresponding migration file (the code is omitted), and run the migration command:

php artisan migrate

3. Define model relationships
In Laravel, we can use the Eloquent model to define relationships between database tables. First, we need to define three models: User, Role, and Permission.

1. User model (User)

   namespace App;
   
   use IlluminateDatabaseEloquentModel;
   
   class User extends Model
   {
    // 用戶與角色的多對多關(guān)系
    public function roles()
    {
        return $this->belongsToMany('AppRole')->withTimestamps();
    }
   
    // 判斷用戶是否擁有某個角色
    public function hasRole($role)
    {
        if (is_string($role)) {
            return $this->roles->contains('name', $role);
        }
   
        return !! $role->intersect($this->roles)->count();
    }
   
    // 判斷用戶是否擁有某個權(quán)限
    public function hasPermission($permission)
    {
        return $this->hasRole($permission->roles);
    }
   }

2. Role model (Role)

   namespace App;
   
   use IlluminateDatabaseEloquentModel;
   
   class Role extends Model
   {
    // 角色與用戶的多對多關(guān)系
    public function users()
    {
        return $this->belongsToMany('AppUser')->withTimestamps();
    }
   
    // 角色與權(quán)限的多對多關(guān)系
    public function permissions()
    {
        return $this->belongsToMany('AppPermission')->withTimestamps();
    }
   
    // 判斷角色是否擁有某個權(quán)限
    public function hasPermission($permission)
    {
        if (is_string($permission)) {
            return $this->permissions->contains('name', $permission);
        }
   
        return !! $permission->intersect($this->permissions)->count();
    }
   }

3. Permission model (Permission)

   namespace App;
   
   use IlluminateDatabaseEloquentModel;
   
   class Permission extends Model
   {
    // 權(quán)限與角色的多對多關(guān)系
    public function roles()
    {
        return $this->belongsToMany('AppRole');
    }
   }

4. Middleware and routing settings
In order to implement the permission management system, we can use middleware to intercept and verify user access requests. First, we need to define a permission middleware.

1. Define permission middleware:

   namespace AppHttpMiddleware;
   
   use Closure;
   use IlluminateSupportFacadesAuth;
   
   class CheckPermission
   {
    public function handle($request, Closure $next, $permission)
    {
        $user = Auth::user();
        
        if ($user && $user->hasPermission($permission)) {
            return $next($request);
        }
        
        return redirect()->route('403'); // 沒有權(quán)限則跳轉(zhuǎn)到403頁面
    }
   }

2. Register permission middleware:
   In appHttpKernel.php $routeMiddlewareRegister permission middleware in the array:

   protected $routeMiddleware = [
    // ...
    'permission' => AppHttpMiddlewareCheckPermission::class,
   ];

3. Associate middleware and routing:
   Define the requirements in routesweb.php Permission control routing, and use permissionmiddleware:

   Route::get('/members', 'MemberController@index')->middleware('permission:member_view');

5. Controller and view
In the controller, you can use the following code example to view the user The identity is verified and the corresponding view is returned according to the permissions.

1. Method in controller:

   namespace AppHttpControllers;
   
   use IlluminateSupportFacadesAuth;
   
   class MemberController extends Controller
   {
    public function index()
    {
       if (Auth::user()->hasPermission('member_view')) {
            return view('members.index');
       }
       
       // 沒有權(quán)限則跳轉(zhuǎn)到403頁面
       return redirect()->route('403');
    }
   }

2. Code in view:

   @if(Auth::user()->hasPermission('member_view'))
    <!-- 具有查看成員的權(quán)限，顯示相關(guān)內(nèi)容 -->
    <table>
        ...
    </table>
   @else
    <!-- 沒有權(quán)限，顯示無權(quán)限提示 -->
    <div>您沒有查看成員的權(quán)限</div>
   @endif

   Six , Summary
   Through the above steps, we successfully implemented a simple and powerful permission management system in Laravel. By defining roles, permissions and corresponding relationships, using middleware to intercept routes, and judging permissions in controllers and views, we can achieve precise control of user access permissions. I hope this article can help you better understand and apply the permission management functions in Laravel.

   Reference:

   • Laravel official documentation (https://laravel.com/docs/8.x/)
   • Laravel Beyond CRUD series tutorials: Permissions Management (https://laravelbestpractices.com/series/show/laravel-beyond-crud/episodes/9)

   The above is the detailed content of How to implement a permission management system in Laravel. For more information, please follow other related articles on the PHP Chinese website!