How to properly setup Laravel-Backpack/PermissionManager

Laravel-Backpack/PermissionManager is a package that lets you easily manage permissions to your laravel app.

In this tutorial I’ll show you how to use it properly

First of all, you need a Laravel-Backpack installation, with any modules you want.

Instructions here: https://laravel-backpack.readme.io/docs/install-on-laravel-55

Next, install your PermissionManager as shown in the official documentation

https://github.com/Laravel-Backpack/PermissionManager#install

Now, time to make it work.

First, we need to create a PermissionSeeder

In your console:

php artisan make:seeder PermissionSeeder

Add your roles and permissions to PermissionSeeder

Copy this code to your PermissionSeeder

Change your roles and permissions to fit your needs. In this example, dashboard would be allowed to roles: admin, accountant and user

Please note that I’m using the names of all backpack packages in this example

$roles=[
‘admin’,
‘accountant’,
‘user’
];

$permissions=[
‘dashboard’=>[‘admin’,’accountant’,’user’],
‘file-manager’=>[‘admin’],
‘langfile-manager’=>[‘admin’],
‘backup-manager’=>[‘admin’],
‘log-manager’=>[‘admin’],
‘settings’=>[‘admin’],
‘page-manager’=>[‘admin’],
‘permission-manager’=>[‘admin’],
‘menu-crud’=>[‘admin’],
‘news-crud ‘=>[‘admin’],

];

In your database/seeds/DatabaseSeeder.php add a call to PermissionSeeder

$this->call(PermissionSeeder::class);

Add roles to your users

Go to your UsersSeeder file and add roles to your users.

$user1=User::create([‘name’=>’eduardo’,’email’=>’example@gmail.com’,’password’=>bcrypt(‘1234’)]);
$user1->assignRole(‘admin’);

Note: If you don’t have a UsersSeeder file create one with the command

php artisan make:seeder UsersSeeder

And add the call to your database/seeds/DatabaseSeeder.php file

$this->call(UsersTableSeeder::class);

Refresh your database

php artisan migrate:fresh –seed

Now your Permission Manager will look like this

permissions.png

Adding restrictions in your routes

1. FileManager

go to config/elfinder.php and add ‘can:file-manager’ to your middleware

‘middleware’ => [‘web’, ‘admin’,’can:file-manager’],

2. Dashboard

Check if you already have the file ‘routes/backpack/base.php’

if not, copy it with this command:

mkdir -p routes/backpack
cp vendor/backpack/base/src/routes/backpack/base.php routes/backpack/base.php

Add a middleware to the dashboard route like this:

Route::get(‘dashboard’, ‘AdminController@dashboard’)->name(‘backpack.dashboard’)->middleware(‘can:dashboard’);

3. PermissionManager

Check if you have the file ‘routes/backpack/permissionmanager.php’

if not, copy it with this command:

mkdir -p routes/backpack
cp vendor/backpack/permissionmanager/src/routes/backpack/permissionmanager.php routes/backpack/permissionmanager.php

Now go to ‘routes/backpack/permissionmanager.php’

and add middleware can:permission-manager like this:

Route::group([
‘namespace’ => ‘Backpack\PermissionManager\app\Http\Controllers’,
‘prefix’ => config(‘backpack.base.route_prefix’, ‘admin’),
‘middleware’ => [‘web’, ‘admin’,‘can:permission-manager’],
], function () {
CRUD::resource(‘permission’, ‘PermissionCrudController’);
CRUD::resource(‘role’, ‘RoleCrudController’);
CRUD::resource(‘user’, ‘UserCrudController’);
});

4. Repeat

This same proccess applies to all your backpack routes, using the matching permission you created.

All you have to do is add can:permission-manager to your route group

How to dynamically show/hide menu items

hide.png

 

To show/hide menu items accordingly with permissions, use the @can directive.

Open resources/views/vendor/backpack/base/inc/sidebar.blade.php

and add @can conditions like this

@can(‘dashboard’)
<li><a href=”{{ backpack_url(‘dashboard’) }}”><i class=”fa fa-dashboard”></i> <span>{{ trans(‘backpack::base.dashboard’) }}</span></a></li>
@endcan

@can(‘file-manager’)
<li><a href=”{{ url(config(‘backpack.base.route_prefix’, ‘admin’) . ‘/elfinder’) }}”><i class=”fa fa-files-o”></i> <span>File manager</span></a></li>
@endcan

How to debug errors

To find out what permissions are being checked, install laravel-debugbar

https://github.com/barryvdh/laravel-debugbar

Debugbar will show you what is being checked, just click in “gate”

debug.png

 

How to add more permissions

In this tutorial I showed you how to restrict access to your backpack modules, but you can use permission manager anywhere in your code

Just follow the examples in the package “laravel-permission”

https://github.com/spatie/laravel-permission

Have a good day!

Advertisements