Extended permissions in Laravel 5
I need extended permission handling, but at the same time i don't like to copy-paste 2-3 lines with checks and redirects on each route handler.
So i use https://github.com/Zizaco/entrust for Roles and Permissions so in routes.php i have :
Route::get('test/{id}', ['uses' => 'TestController@index', 'middleware' => 'auth', 'access'=>['PERMISSION_KEY']]);
And 'access' is read in auth middleware like this :
public function handle($request, Closure $next) { $options = $request->route()->getAction(); if(isset($options['access'])){ if(is_array($options['access']) && !canList($options['access'])){ return redirect('auth/login'); } else if(!can($options['access']) ) { return redirect('auth/login'); } } if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->guest('auth/login'); } } return $next($request); }
So this way you can add access roles or pass a list of permissions etc..
That way you have one location to specify the permissions.