Support the ongoing development of Laravel.io →
Session Database Packages

Ok.. so I built this real simple RBAC using Laravel.

In my design I filter user's permissions based on a global permission, Ownership over resource or permission over the resource's category. My question is on that last part, I have 3 categories that are seeded to the DB when the package is installed.

  1. Public

  2. Users

  3. Content

Public category: You can link any kind of resource to it, and it's used by the main filter class to determine if a non registered user may or may not access a resource.

User and Content are categories created to nest categories for those to types of resources in the application.

In the users category for example, an admin user could create a category called banned users, then assign a role without any permissions to that category restricting any user within that category. Well at least that is the main idea.

I start looking at other more mature applications' db schema and they usually use separate tables to accomplish the same behavior.

So my question is... Should I rely in an abstract schema vs having actual tables? Lets say having a frontpage_content table like joomla vs creating a category content>frontpage and then link posts to that category for later retrieval.

Main filter function

/**
 * Perform Model Filtering
 * @param string $action
 * @return boolean
 */
protected function Filter($action) {
    //Read Permission Session
    $session_array = Session::get(self::PermissionSessionKey);
    //Get actual permission array from session
    $session_permission_array = $session_array[self::PermissionArrayKey];
    //Check if user have permissions to this resource
    $resource_permission_array = $this->checkPermit($session_permission_array);
    if (!$resource_permission_array) {
        $this->error = "Permissions not present for this resource";
        return false;
    }
    //Check if user can perform an action over the resource
    $action_permission_array = $this->checkActionPermission($resource_permission_array, $action);
    if (!$action_permission_array) {
        $this->error = "You dont have permission to $action";
        return false;
    }
    //Run filters
    if ($this->FilterPublic() && $action == "GET") {
        return true;
    } else if ($this->FilterAny($action_permission_array)) {
        return true;
    } else if ($this->FilterOwnership($action_permission_array)) {
        return true;
    } else if ($this->FilterCategory($action_permission_array)) {
        return true;
    } else {
        return false;
    }
}

Session w/permission

Array
(
    [Role_Name] => admin
    [Permissions] => Array
        (
            [ALL] => Array
                (
                    [POST] => Array
                        (
                            [ANY] => 0
                        )

                    [GET] => Array
                        (
                            [ANY] => 0
                        )

                    [PUT] => Array
                        (
                            [ANY] => 0
                        )

                    [DELETE] => Array
                        (
                            [ANY] => 0
                        )

                )

        )

)
1

http://i.stack.imgur.com/j5ePn.png

Last updated 3 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

carlosglvn carlosglvn Joined 18 Aug 2014

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.