Laravel ACL

Multi Tenant Laravel ACL is a simple Multi Database Multi Tenant - user, company_user, role, permission ACL for SaaS Applications in Laravel Framework. This package was based on the great package yajra\laravel-acl but is catered to Multi-Database Multi-Tenant SaaS applications.

1) Installation

Via Composer

$ composer require muhammadsaeedparacha/multi-tenant-laravel-acl

2) Configuration

[i] Register service provider:

Paracha\Acl\AclServiceProvider::class

[ii] Register Middlewares: in App\Http\Kernel.php

'canAtLeast' => \Paracha\Acl\Middleware\CanAtLeastMiddleware::class,
'permission' => \Paracha\Acl\Middleware\PermissionMiddleware::class,
'role' => \Paracha\Acl\Middleware\RoleMiddleware::class,
'tenantConnection' => \Paracha\Acl\Middleware\TenantConnectionMiddleware::class,
'checkPermission' => \Paracha\Acl\Middleware\CheckPermissionsMiddleware::class,
'checkModularPermission' => \Paracha\Acl\Middleware\CheckModularPermissionsMiddleware::class,

[iii] Tenant Connection: in Config\Database to be filled on the fly based on tenant:

Note: Currently only Supports MySQL

'tenant' => [
'driver' => 'mysql',
'host' => '',
'port' => env('DB_PORT', '3306'),
'database' => '',
'username' => '',
'password' => '',
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix' => '',
'strict' => true,
'engine' => null,
],

[iv] Publish assets:

$ php artisan vendor:publish --tag=multi-tenant-laravel-acl

[v: Optional] Configure your Tenant Migrations Locations: in Config\Acl. The array defines folders within Database\Migrations

'tenantMigrations' => ['/tenants']

[vi] Run migrations:

php artisan migrate

[vii] Put User trait in App\User Model:

use Paracha\Acl\Traits\AclUser;
class Company extends Model
{
	use AclUser
}

3) Usage

[i] Middleware for route permissions. Currently only for Ajax/XHR requests in routes\api.php

Route::group(['middleware' => ['auth:api','tenantConnection']], function(){
Route::group(['middleware' => ['checkPermission']], function(){
// Regular Permissions like users.create, users.update, users.read, users.delete, users.report
Route::resource('/users', 'UsersController');
});
// Customer Permissions like users.custom, users.xyz
Route::post('/users/invite', 'UsersController@invite')->middleware('checkPermission:users.custom');
});

[ii] Migrate Tenant migrations from folders set in config('acl.tenantMigrations')

$company = Company::find(1);
$company->createTenantDatabase();
$company->migrateTenant();

This will create Database with name db_1 for Company ID 1 with username = 1, and password = 'password' (This is insecure and needs to be secured)

4) Documentation

Documentation is not written yet and the documentation of yajra\laravel-acl can be used till then since this project was based on it.

Change log

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING and CONDUCT for details.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

• All Contributors

License

The Apache-2.0 License. Please see License File for more information.