Servage Magazine

Information about YOUR hosting company – where we give you a clear picture of what we think and do!

Permission Management in PHP with Bouncer

Saturday, October 21st, 2017 by Servage

php7Permission management doesn’t sound like an easy task. Fortunately, a PHP package called Bouncer makes it rather simple. Bouncer not only handles permissions but also user groups, and you can assign permissions to those groups. For example. You can allow editors to create blog posts with only a few lines of code.

Installing Bouncer

Since Bouncer is a PHP package, to no surprise it can be installed using Composer by running “composer require silber/bouncer”. Bouncer is a Laravel package so therefore it only works with Laravel projects. As usually with Laravel packages, you have to add the new package to the providers array of config/app.php: “Silber\Bouncer\BouncerServiceProvider::class”. Also add the following to the aliases array: “’Bouncer’ => Silber\Bouncer\BouncerFacade::class”. Bouncer is now enabled in your project!

Adding Bouncer to Models

If you want to add Bouncer permissions to some of your own models, you can use the HasRolesAndAbilities trait provided by Bouncer. Simply add “use HasRolesAndAbilities” to the top of your User.php or any other model you want.

Bouncer manager permissions in its own database tables. Let’s create those tables next. Laravel has a command called vendor:publish that helps us with this: “php artisan vendor:publish –tag=’bounder.migrations’”. This places Bouncer’s migration files to the migrations directory of your project where all your own migrations are located too. You can now run “php artisan migrate” to create those tables.

Assigning Roles and Permissions

Now that the model is connected to Bouncer, we can use the Bouncer facade to assign permissions to roles and add users to role groups. To allow users to posts comments on a blog post, you can use the following code: Bouncer::allow(‘user’)->to(‘create’, Comment::class). Then you can assign a user to the user group: $user->assign(‘user’’).

If you only want to grant a permission for a single user or a single post, you can replace ‘user’ or Comment::class with an object, such as Bouncer::allow($user)->to(‘update’, $post). This will only grant the specific user a permission to update a single blog post.

You can also use the Bouncer facade to check for permissions. To check if a user is an admin, you can use Bouncer::is($user)->an(‘admin’). You can also check the opposite with the isnotAn() method without using a facade: $user->isNotAn(‘admin’).

Bouncer allows you to create an advanced role and permission system with enough flexibility for many use cases. There are many more features, such as conditionally displaying HTML elements based on user permissions. If you are interested in trying Bouncer in your own project, the documentation at www.github.com/JosephSilber/bouncer will guide you further.

Categories: Software & Webapps, Tips & Tricks

Keywords:

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

No comments yet (leave a comment)

You are welcome to initiate a conversation about this blog entry.

Leave a comment

You must be logged in to post a comment.