vrajroham · November 28, 2016 11:40 · Oct 6, 2015 · Feb 26, 2015 · Feb 17, 2015 · Feb 17, 2015
diff --git a/01_Laravel 5 Simple ACL manager_Readme.md b/01_Laravel 5 Simple ACL manager_Readme.md
@@ -15,3 +15,5 @@ Then specify a 'roles' middleware on the route you'd like to protect, and specif
 	     'uses' => 'UserController@index',
 	     'roles' => ['administrator', 'manager']
     ]);
+
+If you found this ACL manager helpful please give this repo a star, and give me a [follow](https://github.com/drawmyattention). Any questions, please leave a comment.
diff --git a/Role.php b/Role.php
@@ -0,0 +1,14 @@
+<?php namespace App;
+
+use Illuminate\Database\Eloquent\Model;
+
+class Role extends Model {
+
+    protected $table = 'roles';
+
+    public function users()
+    {
+        return $this->hasMany('App\User', 'role_id', 'id');
+    }
+
+}
diff --git a/01_Readme.md → 01_Laravel 5 Simple ACL manager_Readme.md b/01_Readme.md → 01_Laravel 5 Simple ACL manager_Readme.md
diff --git a/_Readme.md → 01_Readme.md b/_Readme.md → 01_Readme.md
diff --git a/Readme.md → _Readme.md b/Readme.md → _Readme.md
diff --git a/CheckRole.php b/CheckRole.php
@@ -1,5 +1,7 @@
 <?php namespace App\Http\Middleware;
 
+// First copy this file into your middleware directoy
+
 use Closure;
 
 class CheckRole{

diff --git a/Readme.md b/Readme.md
@@ -14,4 +14,4 @@ Then specify a 'roles' middleware on the route you'd like to protect, and specif
 	     'middleware' => ['auth', 'roles'],
 	     'uses' => 'UserController@index',
 	     'roles' => ['administrator', 'manager']
-    ]);
+    ]);
diff --git a/RoleTableSeeder.php b/RoleTableSeeder.php
@@ -1,5 +1,7 @@
 <?php
 
+
+
 use Illuminate\Database\Seeder;
 use Illuminate\Database\Eloquent\Model;
 use App\Role;

diff --git a/CheckRole.php b/CheckRole.php
@@ -0,0 +1,40 @@
+<?php namespace App\Http\Middleware;
+
+use Closure;
+
+class CheckRole{
+
+	/**
+	 * Handle an incoming request.
+	 *
+	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Closure  $next
+	 * @return mixed
+	 */
+	public function handle($request, Closure $next)
+	{
+		// Get the required roles from the route
+		$roles = $this->getRequiredRoleForRoute($request->route());
+
+		// Check if a role is required for the route, and
+		// if so, ensure that the user has that role.
+		if($request->user()->hasRole($roles) || !$roles)
+		{
+			return $next($request);
+		}
+		return response([
+			'error' => [
+				'code' => 'INSUFFICIENT_ROLE',
+				'description' => 'You are not authorized to access this resource.'
+			]
+		], 401);
+
+	}
+
+	private function getRequiredRoleForRoute($route)
+	{
+		$actions = $route->getAction();
+		return isset($actions['roles']) ? $actions['roles'] : null;
+	}
+
+}
diff --git a/Kernel.php b/Kernel.php
@@ -0,0 +1,10 @@
+<?php
+
+// Register the new route middleware 
+
+protected $routeMiddleware = [
+		'auth' 			=> 'App\Http\Middleware\Authenticate',
+		'auth.basic' 	=> 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
+		'guest' 		=> 'App\Http\Middleware\RedirectIfAuthenticated',
+		'roles' 		=> 'App\Http\Middleware\CheckRole',
+	];
diff --git a/Readme.md b/Readme.md
@@ -0,0 +1,17 @@
+#Laravel 5 Simple ACL manager
+
+Protect your routes with user roles. Simply add a 'role_id' to the User model, install the roles table and seed if you need some example roles to get going.
+
+If the user has a 'Root' role, then they can perform *any* actions.
+
+# Installation
+
+Simply copy the files across into the appropriate directories, and register the middleware in App\Http\Kernel.php
+
+Then specify a 'roles' middleware on the route you'd like to protect, and specify the individual roles as an array:
+
+    Route::get('user/{user}', [
+	     'middleware' => ['auth', 'roles'],
+	     'uses' => 'UserController@index',
+	     'roles' => ['administrator', 'manager']
+    ]);
diff --git a/RoleTableSeeder.php b/RoleTableSeeder.php
@@ -0,0 +1,49 @@
+<?php
+
+use Illuminate\Database\Seeder;
+use Illuminate\Database\Eloquent\Model;
+use App\Role;
+
+class RoleTableSeeder extends Seeder{
+
+    public function run()
+    {
+
+        if (App::environment() === 'production') {
+            exit('I just stopped you getting fired. Love, Amo.');
+        }
+
+        DB::table('role')->truncate();
+
+        Role::create([
+            'id'            => 1,
+            'name'          => 'Root',
+            'description'   => 'Use this account with extreme caution. When using this account it is possible to cause irreversible damage to the system.'
+        ]);
+
+        Role::create([
+            'id'            => 2,
+            'name'          => 'Administrator',
+            'description'   => 'Full access to create, edit, and update companies, and orders.'
+        ]);
+
+        Role::create([
+            'id'            => 3,
+            'name'          => 'Manager',
+            'description'   => 'Ability to create new companies and orders, or edit and update any existing ones.'
+        ]);
+
+        Role::create([
+            'id'            => 4,
+            'name'          => 'Company Manager',
+            'description'   => 'Able to manage the company that the user belongs to, including adding sites, creating new users and assigning licences.'
+        ]);
+
+        Role::create([
+            'id'            => 5,
+            'name'          => 'User',
+            'description'   => 'A standard user that can have a licence assigned to them. No administrative features.'
+        ]);
+    }
+
+}
diff --git a/Roles_table_migration.php b/Roles_table_migration.php
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class CreateRolesTable extends Migration {
+
+	/**
+	 * Run the migrations.
+	 *
+	 * @return void
+	 */
+	public function up()
+	{
+		Schema::create('role', function($table) {
+			$table->increments('id');
+			$table->string('name', 40);
+			$table->string('description', 255);
+			$table->timestamps();
+		});
+	}
+
+	/**
+	 * Reverse the migrations.
+	 *
+	 * @return void
+	 */
+	public function down()
+	{
+		Schema::drop('role');
+	}
+
+}
diff --git a/User.php b/User.php
@@ -0,0 +1,39 @@
+<?php
+
+// The User model
+
+public function role()
+	{
+		return $this->hasOne('App\Role', 'id', 'role_id');
+	}
+
+	public function hasRole($roles)
+	{
+		$this->have_role = $this->getUserRole();
+
+		// Check if the user is a root account
+		if($this->have_role->name == 'Root') {
+			return true;
+		}
+
+		if(is_array($roles)){
+			foreach($roles as $need_role){
+				if($this->checkIfUserHasRole($need_role)) {
+					return true;
+				}
+			}
+		} else{
+			return $this->checkIfUserHasRole($roles);
+		}
+		return false;
+	}
+
+	private function getUserRole()
+	{
+		return $this->role()->getResults();
+	}
+
+	private function checkIfUserHasRole($need_role)
+	{
+		return (strtolower($need_role)==strtolower($this->have_role->name)) ? true : false;
+	}
diff --git a/routes.php b/routes.php
@@ -0,0 +1,7 @@
+<?php
+
+Route::get('user/{user}', [
+	'middleware' => ['auth', 'roles'], // A 'roles' middleware must be specified
+	'uses' => 'UserController@index',
+	'roles' => ['administrator', 'manager'] // Only an administrator, or a manager can access this route
+]);