如何利用Laravel實現用戶權限管理功能

php artisan make:migration create_roles_table --create=roles php artisan make:migration create_permissions_table --create=permissions php artisan make:migration create_role_user_table --create=role_user php artisan make:migration create_permission_role_table --create=permission_role

// roles表遷移文件 public function up() {     Schema::create('roles', function (Blueprint $table) {         $table->increments('id');         $table->string('name')->unique();         $table->timestamps();     }); }  // permissions表遷移文件 public function up() {     Schema::create('permissions', function (Blueprint $table) {         $table->increments('id');         $table->string('name')->unique();         $table->timestamps();     }); }  // role_user關聯表遷移文件 public function up() {     Schema::create('role_user', function (Blueprint $table) {         $table->integer('role_id')->unsigned();         $table->integer('user_id')->unsigned();         $table->foreign('role_id')->references('id')->on('roles');         $table->foreign('user_id')->references('id')->on('users');     }); }  // permission_role關聯表遷移文件 public function up() {     Schema::create('permission_role', function (Blueprint $table) {         $table->integer('permission_id')->unsigned();         $table->integer('role_id')->unsigned();         $table->foreign('permission_id')->references('id')->on('permissions');         $table->foreign('role_id')->references('id')->on('roles');     }); }

php artisan migrate

php artisan make:model Role php artisan make:model Permission

// Role模型 class Role extends Model {     public function users()     {         return $this->belongsToMany(User::class);     }      public function permissions()     {         return $this->belongsToMany(Permission::class);     } }  // Permission模型 class Permission extends Model {     public function roles()     {         return $this->belongsToMany(Role::class);     } }

public function roles() {     return $this->belongsToMany(Role::class); }  public function hasRole($role) {     if (is_string($role)) {         return $this->roles->contains('name', $role);     }      return !! $role->intersect($this->roles)->count(); }  public function assignRole($role) {     return $this->roles()->save(         Role::whereName($role)->firstOrFail()     ); }

'role' => AppHttpMiddlewareRoleMiddleware::class, 'permission' => AppHttpMiddlewarePermissionMiddleware::class,

php artisan make:middleware RoleMiddleware php artisan make:middleware PermissionMiddleware

// RoleMiddleware class RoleMiddleware {     public function handle($request, Closure $next, $role)     {         if (! $request->user()->hasRole($role)) {             abort(403, 'Unauthorized');         }          return $next($request);     } }  // PermissionMiddleware class PermissionMiddleware {     public function handle($request, Closure $next, $permission)     {         if (! $request->user()->hasPermissionTo($permission)) {             abort(403, 'Unauthorized');         }          return $next($request);     } }

Route::get('/admin', function () {     // 限制只有擁有admin角色的用戶才能訪問 })->middleware('role:admin');  Route::get('/delete-user', function () {     // 限制只有擁有delete-user權限的用戶才能訪問 })->middleware('permission:delete-user');