我正在开发一个相当复杂的用户系统,该系统需要能够为个人或整个组授予访问权限。例如,您可以授予Jane Doe访问权限以消除留言板或通信组的所有用户发送电子邮件,审核留言板和发布事件(分配给该组的所有用户在添加时都被授予对这些权限的访问权限) 。
我不想严格跟踪每个用户的个人权限,而是首先根据用户是否属于包含该权限的组授予对功能的访问权限。如果他们不这样做,我想检查他们是否被授予个人访问权限(privilege_user
数据透视表)。
基本上,我想要这样的东西:
// 1 = Message Board Moderator
// See if any of the user's groups contain this privilege -
$hasAccess = Auth::user()->groups->privileges->contains(1);
这是我的表结构:
用户
| Field | Type | Null | Key | Default | Extra |
+----------------+------------------+------+-----+---------------------+----------------+
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| username | varchar(80) | NO | | NULL | |
| email | varchar(120) | NO | | NULL | |
| first_name | varchar(20) | NO | MUL | NULL | |
| last_name | varchar(45) | NO | MUL | NULL | |
| password | varchar(140) | NO | | NULL | |
| active | tinyint(1) | NO | | NULL | |
| remember_token | varchar(100) | NO | | NULL | |
| last_login | timestamp | YES | | NULL | |
| last_login_ip | varchar(45) | YES | | NULL | |
| updated_at | timestamp | NO | | 0000-00-00 00:00:00 | |
| created_at | timestamp | NO | | 0000-00-00 00:00:00 | |
| deleted_at | timestamp | YES | | NULL | |
+----------------+------------------+------+-----+---------------------+----------------+
群组(表格:user_groups)
+-------------+------------------+------+-----+---------------------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+------------------+------+-----+---------------------+----------------+
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| name | varchar(255) | NO | | NULL | |
| slug | varchar(255) | NO | | NULL | |
| description | text | NO | | NULL | |
| created_at | timestamp | NO | | 0000-00-00 00:00:00 | |
| updated_at | timestamp | NO | | 0000-00-00 00:00:00 | |
+-------------+------------------+------+-----+---------------------+----------------+
用户组数据透视(表:user_user_group)
+---------------+------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+---------------+------------------+------+-----+---------+-------+
| user_id | int(10) unsigned | NO | MUL | NULL | |
| user_group_id | int(10) unsigned | NO | MUL | NULL | |
+---------------+------------------+------+-----+---------+-------+
权限(table:privleges)
+-------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------+------------------+------+-----+---------+----------------+
| id | int(10) unsigned | NO | PRI | NULL | auto_increment |
| name | varchar(255) | NO | | NULL | |
| slug | varchar(255) | NO | | NULL | |
+-------+------------------+------+-----+---------+----------------+
权限用户组数据透视(表:privilege_user_group)
+---------------+------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+---------------+------------------+------+-----+---------+-------+
| privilege_id | int(10) unsigned | NO | MUL | NULL | |
| user_group_id | int(10) unsigned | NO | MUL | NULL | |
+---------------+------------------+------+-----+---------+-------+
答案 0 :(得分:0)
很遗憾没有人在这里插话,但幸运的是我能够在Laracasts.com找到一些很好的帮助。
我选择了Zizaco/entrust,这正是我所描述的。缺少的唯一部分是在没有将用户分配给组的情况下回答“此用户是否具有权限”这一问题,但使用Eloquent很容易实现。委托的工作是回答“这个用户是否可以通过组访问此权限?”这就是我追求的目标。