{"id":22908829,"url":"https://github.com/ipunkt/permissions","last_synced_at":"2025-05-08T23:08:51.763Z","repository":{"id":20678199,"uuid":"23961142","full_name":"ipunkt/permissions","owner":"ipunkt","description":"Check your permissions with a simple 1-liner: $user-\u003ecan('do something', $onAnObject)","archived":false,"fork":false,"pushed_at":"2015-02-25T08:32:43.000Z","size":183,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-05-08T23:08:45.333Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ipunkt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-09-12T13:13:02.000Z","updated_at":"2015-09-20T05:05:55.000Z","dependencies_parsed_at":"2022-07-21T20:18:13.596Z","dependency_job_id":null,"html_url":"https://github.com/ipunkt/permissions","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ipunkt%2Fpermissions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ipunkt%2Fpermissions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ipunkt%2Fpermissions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ipunkt%2Fpermissions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ipunkt","download_url":"https://codeload.github.com/ipunkt/permissions/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253160777,"owners_count":21863629,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-14T03:32:28.843Z","updated_at":"2025-05-08T23:08:51.743Z","avatar_url":"https://github.com/ipunkt.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"ipunkt/permissions\n===========\n\nCheck your permissions with a simple 1-liner: `$user-\u003ecan('do something', $onAnObject)`\n\n# About\nThe goal of this package is to extract your permission checking code from both your controller and your model.\nInstead, each Model brings its own PermissionChecker object which then does the permission checking.\n\n# Install\n\n## Installation\n\nAdd to your composer.json following lines\n\n\t\"require\": {\n\t\t\"ipunkt/permissions\": \"dev-master\"\n\t}\n\t\n## Configuration\n\nAdd \n\n    'Ipunkt\\Permissions\\PermissionsServiceProvider'\n    \nto your service provider list\n\n## Use\n\nHave your Usermodel implement `CanInterface` and use `CanTrait`\nHave the Models you with to perform permission checks on implement `HasPermissionInterface` and use `HasPermissionTrait`\n\nThis will allow you to do `$user-\u003ecan('doSomething', $model);`\n\n### Simple use\n\nPull in another package which handles permission management and set permissions through is.\n\nKnown packages which have ipunkt/permissions support out of the box:\n- ipunkt/roles\n\n\n### Dynamic Permissions\n\nUsualy, you do not want to create an individual role and permission per user to edit their own profile, even if you\nhave a system to do so. To address this, you can switch out the PermissionChecker object for your models.\n\n```php\n\u003c?PHP\nnamespace Example;\n\nclass ModelPermissionChecker extends PermissionChecker {\n    public function checkPermission(CanInterface $user, $action) {\n\n        // Give permission to do anything if the $user is the owner of this model\n        if( $user-\u003egetId() == $this-\u003egetEntity()-\u003eowner-\u003egetKey() )\n            return true;\n\n        // If the $user is not the owner, fall back to the usual permission management\n        return parent::checkPermission($user, $action);\n    }\n}\n\nclass Model extends Eloquent implements HasPermissioninterface {\n    use HasPermissionTrait;\n    \n    $checker_instance = 'Example\\ModelPermissionChecker';\n}\n```\n\n### Why the CanTrait\n\nThe actual work of this package is done in the PermissionChecker, and finding the right PermissionChecker is done in the\nHasPermissionTrait. So why go the detour of `$user-\u003ecan('something', $onSomething)` instead of directly using\n`$onSomething-\u003echeckPermission($user, 'something');`?  \n\n- First is readability. $user-\u003ecan('doSomething', $onSomething) reads very natural and improves how easy it is to \n    understand the code.\n- Second is extendability.  \n    Lets say you're just starting out on your project. You already chose your permission checking package, but you don't\n    want to bother with giving your testuser permissions to every single resource, so you just define that the user with\n    id 0 is the super user.\n    With `$onSomething-\u003echeckPermission($user, 'doSomething')` you'd have to change every single permission check to\n    `if( $user-\u003egetId() == 0 || $onSomething-\u003echeckPermission($user, 'doSomething') )` or go into every single\n    PermissionChecker you made and do it here.  \n    With the CanInterface and Trait you can just do\n\n    ```php\n    class User implements CanInterface {\n        use CanTrait {\n            CanTrait::can as _can;\n        };\n        \n        public function can($action, HasPermissionInterface $object) {\n            $permission = false;\n            \n            if($this-\u003egetKey() == 0)\n                $permission = true;\n            else\n                $permission = _can($action, $object);\n            \n            return $permission;\n        }\n    }\n    ```\n    \n    and maintain the code in a single location.\n    \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fipunkt%2Fpermissions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fipunkt%2Fpermissions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fipunkt%2Fpermissions/lists"}