MoonShine не отходит от концепций Laravel и также использует Laravel policy для работы с правами доступа.
В контроллерах ресурсов MoonShine каждый метод будет проверяться на наличие разрешений.
Если у вас возникнут трудности, обратитесь к официальной документации Laravel.
По умолчанию проверка разрешений для ресурсов отключена.
Чтобы включить её, необходимо добавить свойство $withPolicy.
namespace App\MoonShine\Resources;
use MoonShine\Laravel\Resources\ModelResource;
class PostResource extends ModelResource
{
protected bool $withPolicy = true;
}
namespaces
namespace App\MoonShine\Resources;
use MoonShine\Laravel\Resources\ModelResource;
class PostResource extends ModelResource
{
protected bool $withPolicy = true;
// ...
}
namespace App\MoonShine\Resources;
use MoonShine\Laravel\Resources\ModelResource;
class PostResource extends ModelResource
{
protected bool $withPolicy = true;
// ...
}
namespaces
namespace App\MoonShine\Resources;
use MoonShine\Laravel\Resources\ModelResource;
class PostResource extends ModelResource
{
protected bool $withPolicy = true;
// ...
}
namespace App\MoonShine\Resources;
use MoonShine\Laravel\Resources\ModelResource;
class PostResource extends ModelResource
{
protected bool $withPolicy = true;
// ...
}
Доступные методы Policy:
viewAny - страница индекса;view - детальная страница;create - создание записи;update - редактирование записи;delete - удаление записи;massDelete - массовое удаление записей;restore - восстановление записи после мягкого удаления;forceDelete - окончательное удаление записи из базы данных.
namespace App\Policies;
use App\Models\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
use MoonShine\Laravel\Models\MoonshineUser;
class PostPolicy
{
use HandlesAuthorization;
public function viewAny(MoonshineUser $user)
{
return true;
}
public function view(MoonshineUser $user, Post $model)
{
return true;
}
public function create(MoonshineUser $user)
{
return true;
}
public function update(MoonshineUser $user, Post $model)
{
return true;
}
public function delete(MoonshineUser $user, Post $model)
{
return true;
}
public function restore(MoonshineUser $user, Post $model)
{
return true;
}
public function forceDelete(MoonshineUser $user, Post $model)
{
return true;
}
public function massDelete(MoonshineUser $user)
{
return true;
}
}
namespaces
namespace App\Policies;
use App\Models\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
use MoonShine\Laravel\Models\MoonshineUser;
class PostPolicy
{
use HandlesAuthorization;
public function viewAny(MoonshineUser $user)
{
return true;
}
public function view(MoonshineUser $user, Post $model)
{
return true;
}
public function create(MoonshineUser $user)
{
return true;
}
public function update(MoonshineUser $user, Post $model)
{
return true;
}
public function delete(MoonshineUser $user, Post $model)
{
return true;
}
public function restore(MoonshineUser $user, Post $model)
{
return true;
}
public function forceDelete(MoonshineUser $user, Post $model)
{
return true;
}
public function massDelete(MoonshineUser $user)
{
return true;
}
}
namespace App\Policies;
use App\Models\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
use MoonShine\Laravel\Models\MoonshineUser;
class PostPolicy
{
use HandlesAuthorization;
public function viewAny(MoonshineUser $user)
{
return true;
}
public function view(MoonshineUser $user, Post $model)
{
return true;
}
public function create(MoonshineUser $user)
{
return true;
}
public function update(MoonshineUser $user, Post $model)
{
return true;
}
public function delete(MoonshineUser $user, Post $model)
{
return true;
}
public function restore(MoonshineUser $user, Post $model)
{
return true;
}
public function forceDelete(MoonshineUser $user, Post $model)
{
return true;
}
public function massDelete(MoonshineUser $user)
{
return true;
}
}
namespaces
namespace App\Policies;
use App\Models\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
use MoonShine\Laravel\Models\MoonshineUser;
class PostPolicy
{
use HandlesAuthorization;
public function viewAny(MoonshineUser $user)
{
return true;
}
public function view(MoonshineUser $user, Post $model)
{
return true;
}
public function create(MoonshineUser $user)
{
return true;
}
public function update(MoonshineUser $user, Post $model)
{
return true;
}
public function delete(MoonshineUser $user, Post $model)
{
return true;
}
public function restore(MoonshineUser $user, Post $model)
{
return true;
}
public function forceDelete(MoonshineUser $user, Post $model)
{
return true;
}
public function massDelete(MoonshineUser $user)
{
return true;
}
}
namespace App\Policies;
use App\Models\Post;
use Illuminate\Auth\Access\HandlesAuthorization;
use MoonShine\Laravel\Models\MoonshineUser;
class PostPolicy
{
use HandlesAuthorization;
public function viewAny(MoonshineUser $user)
{
return true;
}
public function view(MoonshineUser $user, Post $model)
{
return true;
}
public function create(MoonshineUser $user)
{
return true;
}
public function update(MoonshineUser $user, Post $model)
{
return true;
}
public function delete(MoonshineUser $user, Post $model)
{
return true;
}
public function restore(MoonshineUser $user, Post $model)
{
return true;
}
public function forceDelete(MoonshineUser $user, Post $model)
{
return true;
}
public function massDelete(MoonshineUser $user)
{
return true;
}
}
Создать Policy с готовым набором методов под MoonShine можно с помощью команды moonshine:policy:
php artisan moonshine:policy PostPolicy
php artisan moonshine:policy PostPolicy
php artisan moonshine:policy PostPolicy
php artisan moonshine:policy PostPolicy
php artisan moonshine:policy PostPolicy
Если вам нужно добавить дополнительную логику авторизации в ваше приложение или внешний пакет,
используйте метод authorizationRules() в AuthServiceProvider или в MoonShineServiceProvider.
namespace App\Providers;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\ServiceProvider;
use MoonShine\Contracts\Core\DependencyInjection\ConfiguratorContract;
use MoonShine\Contracts\Core\DependencyInjection\CoreContract;
use MoonShine\Contracts\Core\ResourceContract;
use MoonShine\Laravel\DependencyInjection\ConfiguratorContract;
use MoonShine\Laravel\DependencyInjection\MoonShine;
use MoonShine\Laravel\DependencyInjection\MoonShineConfigurator;
use MoonShine\Laravel\Enums\Ability;
class MoonShineServiceProvider extends ServiceProvider
{
public function boot(
CoreContract $core,
ConfiguratorContract $config,
): void
{
$config->authorizationRules(
static function (ResourceContract $resource, Model $user, Ability $ability, Model $item): bool {
return true;
}
);
}
}
namespaces
namespace App\Providers;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\ServiceProvider;
use MoonShine\Contracts\Core\DependencyInjection\ConfiguratorContract;
use MoonShine\Contracts\Core\DependencyInjection\CoreContract;
use MoonShine\Contracts\Core\ResourceContract;
use MoonShine\Laravel\DependencyInjection\ConfiguratorContract;
use MoonShine\Laravel\DependencyInjection\MoonShine;
use MoonShine\Laravel\DependencyInjection\MoonShineConfigurator;
use MoonShine\Laravel\Enums\Ability;
class MoonShineServiceProvider extends ServiceProvider
{
/**
* @param MoonShine $core
* @param MoonShineConfigurator $config
*
*/
public function boot(
CoreContract $core,
ConfiguratorContract $config,
): void
{
$config->authorizationRules(
static function (ResourceContract $resource, Model $user, Ability $ability, Model $item): bool {
return true;
}
);
// ...
}
}
namespace App\Providers;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\ServiceProvider;
use MoonShine\Contracts\Core\DependencyInjection\ConfiguratorContract;
use MoonShine\Contracts\Core\DependencyInjection\CoreContract;
use MoonShine\Contracts\Core\ResourceContract;
use MoonShine\Laravel\DependencyInjection\ConfiguratorContract;
use MoonShine\Laravel\DependencyInjection\MoonShine;
use MoonShine\Laravel\DependencyInjection\MoonShineConfigurator;
use MoonShine\Laravel\Enums\Ability;
class MoonShineServiceProvider extends ServiceProvider
{
/**
* @param MoonShine $core
* @param MoonShineConfigurator $config
*
*/
public function boot(
CoreContract $core,
ConfiguratorContract $config,
): void
{
$config->authorizationRules(
static function (ResourceContract $resource, Model $user, Ability $ability, Model $item): bool {
return true;
}
);
// ...
}
}
namespaces
namespace App\Providers;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\ServiceProvider;
use MoonShine\Contracts\Core\DependencyInjection\ConfiguratorContract;
use MoonShine\Contracts\Core\DependencyInjection\CoreContract;
use MoonShine\Contracts\Core\ResourceContract;
use MoonShine\Laravel\DependencyInjection\ConfiguratorContract;
use MoonShine\Laravel\DependencyInjection\MoonShine;
use MoonShine\Laravel\DependencyInjection\MoonShineConfigurator;
use MoonShine\Laravel\Enums\Ability;
class MoonShineServiceProvider extends ServiceProvider
{
/**
* @param MoonShine $core
* @param MoonShineConfigurator $config
*
*/
public function boot(
CoreContract $core,
ConfiguratorContract $config,
): void
{
$config->authorizationRules(
static function (ResourceContract $resource, Model $user, Ability $ability, Model $item): bool {
return true;
}
);
// ...
}
}
namespace App\Providers;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Support\ServiceProvider;
use MoonShine\Contracts\Core\DependencyInjection\ConfiguratorContract;
use MoonShine\Contracts\Core\DependencyInjection\CoreContract;
use MoonShine\Contracts\Core\ResourceContract;
use MoonShine\Laravel\DependencyInjection\ConfiguratorContract;
use MoonShine\Laravel\DependencyInjection\MoonShine;
use MoonShine\Laravel\DependencyInjection\MoonShineConfigurator;
use MoonShine\Laravel\Enums\Ability;
class MoonShineServiceProvider extends ServiceProvider
{
/**
* @param MoonShine $core
* @param MoonShineConfigurator $config
*
*/
public function boot(
CoreContract $core,
ConfiguratorContract $config,
): void
{
$config->authorizationRules(
static function (ResourceContract $resource, Model $user, Ability $ability, Model $item): bool {
return true;
}
);
// ...
}
}
