Permissions

There are two types of permissions that you can use: _**permission rules**_ (regular PHP functions that you register with us) and _**permission conditions**_. Permissions conditions use multiple permission rules to see if a user is allowed to see or use a particular feature of your web application.

#Preloaded Permission Rules

Devise comes preloaded with several permission rules that are fairly common in applications our team builds. You may use these in templates or in permission conditions without having to do anything extra.


isLoggedIn();
isNotLoggedIn();
isInGroup($groupname);
isNotInGroup($groupname);
hasUserName($username); // Will check both name and email
hasEmail($email);
hasFieldValue($field, $value); // Tests any property of the user

Preloaded permission rules

#Implementing In Templates

Using Permission Functions

To hide or show a specific part of a template based on a permission function you will need to something like the following:


@if(DeviseUser::checkRule('isInGroup', ['Super Administrator']))
    <a href="/secret-beer-stash">The secret beer stash!</a>
@endif


@if(DeviseUser::isInGroup('Super Administrators'))
    <a href="/secret-beer-stash">The secret beer stash!</a>
@endif

Or the shorthand...

Using Permission Conditions


@if(DeviseUser::checkConditions('isBeerDrinker'))
    <h1>Beer Drinkers Only!</h1>
@endif

Checking a single condition

@if(DeviseUser::checkConditions(
    array(
        'isLoggedIn',
        'isDeviseAdmin',
        'isNotAppAdmin',
        'isNotEditor'
        )
    )
)
    <ul>
        <li>{{ link_to(URL::route('create-page'), 'Create New Page', array('class'=>'button')) }}</li>
    </ul>
@endif

Checking multiple conditions

@if(
    !DeviseUser::checkConditions('isLoggedIn') &&
    DeviseUser::checkConditions(
        array(
            'isDeviseAdmin',
            'isNotAppAdmin'
        )
    )
)
    {{ link_to(
        URL::route('create-page'),
        'Create New Page',
        array('class'=>'button')
    ) }}
@endif

Advanced example

#Implementing On Pages

To implement permissions on Devise pages you can do it by adding your permission condition (or conditions) to the middleware field in the advanced settings of the page in the administration. You mus prefix the condition with 'devise.permissions:'. This will use the 'devise.permissions' route middleware, and pass your condition as a parameter. You can also pass multiple permission conditions by separating them with a pipe. For exampledevise.permissions:permissionCondition1|devise.permissions:permissionCondition2.

Note

  • If you pass multiple conditions all conditions must be true for the user to view the page.
  • There is no way to pass a permission rule into this field, only conditions.
  • Where the user is redirected to along with the message is set in the permission settings.

#Implementing In Routes

Implementing permissions (rules or conditions) in routes.php works the same way they work in templates. Just redirect the user somewhere like so:


if(DeviseUser::checkRule('isInGroup', ['Super Administrator'])){
    Route::get('user/profile', array('as' => 'profile', 'uses' => 'UserController@showProfile'));
}

We Already Registered Your Permission Conditions

Any permission conditions that you have created are already registered as filters so you can feel free to use them as you wish. For more information on filters see the laravel documentation on filters



Route::get('face', array('before'=>'canAccessAdmin'));


#Creating New Permission Rules

One rule about permission functions

All permission functions must return a boolean response to work correctly.


//Let's add another rule called doesDrinkBourbon
RuleManager::addRule('doesDrinkBourbon', function() {
    return true;
});

Without parameters

//Let's add another rule called doesDrinkBourbon
RuleManager::addRule('drinksRightTypeOfBeer', function($type) {
    return $type == 'stout';
});

With a parameter

Below is an example of where you might want to register these rules. You can do it in many places but this might be a good place to start if you just have a rule or two.


class AppServiceProvider extends ServiceProvider {
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        //Let's add a rule called doesDrinkBeer
        RuleManager::addRule('doesDrinkBeer', function() {
            return true;
        });

        //Let's add another rule called doesDrinkBourbon
        RuleManager::addRule('doesDrinkBourbon', function() {
            // You'll need some actual logic in here
            return false;
        });
    }

    ...

}

/app/Providers/AppServiceProvider.php

#Creating New Permission Conditions

Permission conditions use one or multiple permission rules to create a conditional formula that will return a true or false determining if a client has whatever they need to load a route or see a particular portion of a page.

To create a permission formula log in to the administration of your Devise application and click on, you guessed it, "Permissions". Here you can construct conditions using the web-based UI to combine the registered permission rules with AND / OR statements. This gives you an amazing amount of freedom to combine small/broad permissions to make very specific rules.

Devise Logo and Devisephp.com
Copyright © 2015 LBM

Devise content management system source code under MIT License
"Impediment to action advances action.
What stands in the way becomes the way"