/** * Shortcut to assign directly to a role name. * @param $roleName string * @return mixed * @throws \Exception */ public function grantTo($roleName) { $role = Role::getByName($roleName); if (!$role) { throw new \Exception("'{$roleName}' not found, cannot assign permission"); } return $role->grant($this); }
/** * Assign a role to a user. * @param string|int|Role $role * @return mixed * @throws \Exception */ public function assignRole($role) { if (is_string($role)) { $role = Role::getByName($role); } if (!$role || empty($role)) { throw new \Exception('Role missing and cannot be assigned to user'); } if ($this->hasRole($role)) { return true; } return $this->roles()->attach($role); }
/** * Test basic user authorizations, with models. * This should deal directly with the ModelPolicy class. */ public function test_basic_user_auth() { // User 2 has permission to do a couple things. $user = User::find(2); $this->assertTrue($user->hasRole(Role::getByName('Administrator'))); // The models we'll test. $page = Page::find(1); $this->assertTrue($user->can('view', $page)); $this->assertFalse($user->can('delete', $page)); // User model is a managed class. The user doesn't have the manage permission. // So, They shouldn't be able to edit a user that doesn't belong to them. $testUser = User::find(1); $this->assertFalse($user->can('edit', $testUser)); // But they can edit themselves. $this->assertTrue($user->can('edit', $user)); }
protected function grantAbilities() { $administrator = Role::getByName('Administrator'); $administrator->grantAbility('view', 'Birdmin\\Page'); echo "Granted permissions for 'Administrator' role.\n"; }