How to use Zizaco\Entrust for role-based permissions in Laravel

The Zizaco\Entrust package is used to add role-based permission functionality to your Laravel application.

When you want to build an application and implement roles and permissions in that application, Zizaco\Entrust is very helpful.

In this shot, we focus on Zizaco\Entrust package.

How do we install Zizaco\Entrust? Let’s break this down in steps.

Step 1: Installation

Run this command to install Zizaco\Entrust:

composer require zizaco/entrust:dev-master –no-update

Then run this command to update:

composer update

Step 2: Register the package in the application

Go to your config directory, open up the app.php file, and paste this code in the providers array:

Zizaco\Entrust\EntrustServiceProvider::class,

Paste this code in the aliases array:

‘Entrust’ => Zizaco\Entrust\EntrustFacade::class,

Lastly, in this step we run the following command to generate our entrust.php file:

php artisan vendor:publish

Step 3: Get the migration file

To get the migration file, we run the below code:

php artisan entrust:migration

Remember, we are installing a package. These specific steps must be followed to ensure the process is successful.

After you’ve run the above code, you will notice that you now have four new tables in your database: Roles, permissions, role_user, and permission_role.

Step 4: Model setup

In this step, we create the necessary model for this package to be functional. We create:

1. A role model

<?PHP

namespace App;

use Illuminate\Database\Eloquent\Model;
use Zizaco\Entrust\EntrustRole;

class Role extends EntrustRole
{
protected $table = 'roles';
protected $primaryKey = 'id';


protected $fillable = ['name',display_name',description','created_at','updated_at'];

} 

2. A permission model

<?PHP

namespace App;

use Illuminate\Database\Eloquent\Model;

class Permission extends Model
{
protected $table = 'permissions';
protected $primaryKey = 'id';


} 

3. A user model

<?php

namespace App;

use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Zizaco\Entrust\Traits\EntrustUserTrait;
use Illuminate\Foundation\Auth\User as Authenticatable;
use DB;
use Auth;
use Laravel\Passport\HasApiTokens;
use Carborn\Carborn;

class User extends Authenticatable implements MustVerifyEmail
{
use Notifiable,HasApiTokens;
use EntrustUserTrait;

protected $hidden= ['confirmation_code','password','remember_token','password_reset_token'];


protected $table = 'roles';
protected $primaryKey = 'id';


protected $fillable = ['first_name','last_name','email','password','social_provider_id','social_provider'];


} 

Step 5: Assigning roles and permission to users

We assign roles and permissions from the route, and this route should be commented on afterward.

Use the below code:

<?php
Route::get('/start', function()
{
$admin = new Role();
$admin->name = Admin;
$admin->save();

$customer = new Role();
$customer->name = ‘Customer’;
$customer->save();

$read = new Permission();
$read->name = 'can_read';
$read->display_name = 'Can Read Posts';
$read->save();

$edit = new Permission();
$edit->name = 'can_edit';
$edit->display_name = 'Can Edit Posts';
$edit->save();

$admin->attachPermission($read);
$customer->attachPermission($read);
$admin->attachPermission($edit);

$user1 = User::find(1);
$user2 = User::find(2);

$user1->attachRole($admin);
$user2->attachRole($customer);

return 'Done Mehnn!';
});

In this code we create roles (Admin and Customer) and permissions (Read and Edit) as needed.

Assign roles to users like this:

$user->roles()->attach(1);

This attaches the admin roles to the retrieved user.

To get users with admin roles, we use withRole() like this:

$admins = User::withRole('admin')->get();

Finally, let’s create a route role-wise.

Route::group(['middleware' => ['auth']], function()
{
Route::group(['prefix' => 'admin', 'middleware' => ['role:admin']], function() {
Route::get('/', 'AdminController@welcome');
});

Route::group(['prefix' => customer’, 'middleware' => ['role:customer']], function() {
Route::get('/', 'CustomerController@welcome');
});
});

With the above code, you can access your web application based on the user’s role. It restricts users according to their roles.