PHPackages                             kordy/auzo-tools - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. kordy/auzo-tools

AbandonedArchivedPackage[Authentication & Authorization](/categories/authentication)

kordy/auzo-tools
================

Helper functions that makes it very easy to manage Laravel authorization and provides a central authorization management. Compatible with Laravel versions 5.1, 5.2, and 5.3

1.1.1(9y ago)4337[1 issues](https://github.com/thekordy/auzo-tools/issues)1MITPHP

Since May 13Pushed 9y ago2 watchersCompare

[ Source](https://github.com/thekordy/auzo-tools)[ Packagist](https://packagist.org/packages/kordy/auzo-tools)[ RSS](/packages/kordy-auzo-tools/feed)WikiDiscussions master Synced 3w ago

READMEChangelog (3)Dependencies (2)Versions (4)Used By (1)

This package is a set of tools for Laravel 5.1, 5.2, and 5.3 to facilitate authorize management for your Laravel project or package. You can use AuzoTools to manage authorization in your project, or to provide configurable authorization option for your package users.

Tools included:
---------------

[](#tools-included)

1. [Manage Laravel authorization.](#manage-laravel-authorization)
2. [Automatic abilities generator for models.](#automatic-abilities-generator)
3. [Route authorize middleware.](#route-authorize-middleware)
4. [Controller authorize validation rule.](#controller-authorize-validation-rule)
5. [Model fields policy.](#model-fields-policy)

Installation
============

[](#installation)

You can install the package via composer:

```
composer require kordy/auzo-tools
```

This service provider must be installed.

```
// config/app.php
'providers' => [
    ...
    Kordy\AuzoTools\AuzoToolsServiceProvider::class,
];
```

You can publish the translations with:

```
php artisan vendor:publish --provider="Kordy\AuzoTools\AuzoToolsServiceProvider" --tag="translations"
```

You can publish the config file with:

```
php artisan vendor:publish --provider="Kordy\AuzoTools\AuzoToolsServiceProvider" --tag="config"
```

Usage
=====

[](#usage)

Manage Laravel authorization
----------------------------

[](#manage-laravel-authorization)

AuzoTools can help you manage abilities for any number of resources and manage restriction policies for who can access them using functions as parameters. You can use AuzoTools to manage authorization in your project, or to provide configurable authorization option for your package users.

Parameter functions can act as policies, so when AuzoTools is evaluating a user access to a resource/model record, it will pass these information to the function you specified as a parameter, your function will evaluate user information against the resource they want to access, then return a boolean decision to allow the user access or not.

See an example at the [test file](https://github.com/thekordy/auzo-tools/blob/master/tests/PermissionRegistrarTest.php)

### You have two ways to define policies, either callbacks or a dedicated class methods.

[](#you-have-two-ways-to-define-policies-either-callbacks-or-a-dedicated-class-methods)

#### 1. Callbacks policies

[](#1-callbacks-policies)

Create config file as this one:

```
// config/acl.php

return [
    'before' => [
        function($user, $ability) {
            return $user->id == 1;
        }
    ],
    'abilities' => [

        'post.update' => [
            function($user, $ability, $model) { return $user->id == 3; },
            ['or' => function ($user, $ability, $model) { return $user->id == 2; }],
        ],

        'post.destroy' => [
            function ($user, $ability, $model) { return $user->id == 2; },
        ],
    ],
    // use this to log or monitor authorization given to users
    //  you may not modify the result of the authorization check from an after callback
    'after' => [
        function ($user, $ability, $result, $arguments = null)
        {
            if ($result) {
                \Log::info("Authorization Log: User $user->name ($user->email) is granted access to ability $ability at ".date('d-m-Y H:j'));
            } else {
                \Log::info("Authorization Log: User $user->name ($user->email) is forbidden to access ability $ability at ".date('d-m-Y H:j'));
            }
        },
    ],
];
```

#### 2. Dedicated class methods

[](#2-dedicated-class-methods)

Create config file as this one:

```
// config/acl.php

return [
    'before' => [
        'App\MyPolicyClass@isAdmin'
    ],
    'abilities' => [

        'post.update' => [
            'App\MyPolicyClass@postOwner',
            ['or' => 'App\MyPolicyClass@isModerator']
        ],

        'post.destroy' => [
            'App\MyPolicyClass@isModerator'
        ],
    ],
    // use this to log or monitor authorization given to users
    //  you may not modify the result of the authorization check from an after callback
    'after' => [
        'App\MyPolicyClass@monitor'
    ],
];
```

Create a policy class that holds policies methods

```