Permissible is a PHP trait you can attach to your user model to keep track of all your application's permissions from one location.
First, attach the trait to your model, User in this case
use Chaucerbao\Permissible\Permissible;
class User
{
use Permissible;
}Then, you'll need to notify Permissible about the roles this user belongs to, somewhere in the User class
$this->setRoles(['Author', 'Moderator']);And set a few permission rules for your application
$this->allow('Guest', 'write', 'Comment');
$this->allow('Moderator', 'delete', 'Comment');You can also set permissions that are determined by some logic
// Allow writes only if the Post belongs to the User
$this->allow('Author', 'write', 'Post', function (Post $post) {
return $this->id === $post->user_id;
});Finally, check permissions wherever you need, somewhere in your application
// Check if the user is allowed to create a comment
$user->can('write', 'Comment');
// Check if the user is allowed to write to this specific instance of $post
$user->can('write', $post);Here's an example of a complete User class
use Chaucerbao\Permissible\Permissible;
class User
{
use Permissible;
public function __construct()
{
$this->setRoles(['Author', 'Moderator']);
$this->loadPermissions();
}
private function loadPermissions()
{
$this->allow('Guest', 'write', 'Comment');
$this->allow('Moderator', 'delete', 'Comment');
$this->allow('Author', 'write', 'Post', function ($post) {
return $this->id === $post->user_id;
});
}
}Permissible is simple. There are only 3 methods.
Tells Permissible about the roles a specific user belongs to
void setRoles(array $roles)Tells Permissible what actions a user is allowed to take based on roles
void allow(string $role, string $action, string $target[, mixed $allowed = true])$allowed can be a boolean, or a closure that resolves to a boolean
Runs through the user's roles and checks to see if any of them allow the user to take $action on a $target
boolean can(string $action, string $target)