Beispiel #1
0
    $acl->allow('Author', 'Photos', 'upload');
    // But sometimes we need to force deny for some resource inherited from parents.
    $acl->deny('Author', 'Blogs', 'write');
    // Allow "Editor" do any actions in "Blogs" and "Photos" except "delete".
    $acl->allow('Editor', 'Blogs', '*');
    $acl->allow('Editor', 'Photos', '*');
    // deny some resources.
    $acl->deny('Editor', 'Blogs', 'delete');
    $acl->deny('Editor', 'Photos', 'delete');
    // Admin can access anything
    $acl->allow('Admin', '*', '*');
    // Set current auth user to access list
    Authorized::as_user($user);
}, 'database' => function ($user) {
    // Instance access
    $acl = Authorized::instance();
    // Get all roles with rules
    $roles = Role::with('rules')->get();
    foreach ($roles as $role) {
        // Add roles to access list
        $acl->add_role($role->name);
        foreach ($role->rules as $rule) {
            // Add rules to access list, then give permisstion to role
            // $acl->add_rule($rule->group, $rule->action);
            // $acl->allow($role->name, $rule->group, $rule->action);
            // This is a short way to do things above
            $acl->allow($role->name, $rule->group, $rule->action, true);
        }
    }
    // Set current auth user to access list
    Authorized::as_user($user);