Laravel 5.1.11 introduces ACL system

Another great news for Laravel community - more and more often repeated functions become a part of Laravel framework itself. Today a new addition is Authorization or ACL functionality. As usual, it was officially announced on Twitter - like this: Already retweeted and favorited by hundreds of Laravel fans, this feature adds some new functionality to Auth mechanism. Here are just a few example from new official documentation: New Gate facade:
if (Gate::forUser($user)->allows('update-post', $post)) {
    //
}
Using User model in request:
if ($request->user()->can('update-post', $post)) {
  // ... Update post
}
Blade helpers:
@can('update-post', $post)
    Edit Post
@endcan
Form Request classes - in method authorize():
return Gate::allows('update', Post::findOrFail($postId));
Wrapping rules into Policy classes: Artisan command:
php artisan make:policy PostPolicy
Policy Class function:
class PostPolicy
{
    public function update(User $user, Post $post)
    {
        return $user->id === $post->user_id;
    }
}
Personally, it reminds me a little of WordPress users/capabilities functions like current_user_can() and similar ones. Important note - this new functionality was built not only by Taylor Otwell himself, but also by Adam Wathan - thanks for that, guys!

No comments or questions yet...

Like our articles?

Become a Premium Member for $129/year or $29/month
What else you will get:
  • 67 courses (1172 lessons, total 43 h 18 min)
  • 89 long-form tutorials (one new every week)
  • access to project repositories
  • access to private Discord

Recent New Courses