Starter Kit

Roles & Permissions

Bu proje, spatie/laravel-permission paketini config/permission-resources.php icindeki config tabanli ek katmanla birlikte kullanir. This project uses spatie/laravel-permission with an additional config-driven layer stored in config/permission-resources.php.

Dil Language
Gorunum View
Tema Theme

Authorization

Roller ve Yetkiler Roles & Permissions

Bu proje, spatie/laravel-permission paketini config/permission-resources.php icindeki config tabanli ek katmanla birlikte kullanir. This project uses spatie/laravel-permission with an additional config-driven layer stored in config/permission-resources.php.

Authorization Kategori Category
10 Icerik bolumu Content sections

Roller ve Yetkiler

Bu proje, spatie/laravel-permission paketini config/permission-resources.php icindeki config tabanli ek katmanla birlikte kullanir.

Yetkiler nereden uretilir

Yetkiler uc kaynaktan olusturulur:

  • resources
  • sub_resources
  • custom_permissions

Mevcut projeden ornekler:

  • users.read
  • roles.update
  • activity-logs.read
  • pulse.read
  • api-docs.read

Varsayilan roller

Uygulama su varsayilan rolleri seed eder:

  • system_admin
  • admin
  • user

Varsayilan rollerin yetkileri de config/permission-resources.php icinde tanimlidir.

Sync sureci

database/seeders/_01_RolePermissionSeeder.php su islemleri yapar:

  • config'te tanimli permission'lari olusturur
  • sub-resource permission'larini olusturur
  • custom permission'lari olusturur
  • artik config'te olmayan orphan permission'lari siler
  • varsayilan rolleri olusturur ve gunceller

Admin panelde ayrica sadece system_admin kullanicilarinin calistirabildigi bir permission sync aksiyonu vardir.

Otomatik route-to-permission esleme

app/Http/Middleware/CheckResourcePermission.php, route isimlerini permission string'lerine donusturur.

Ornekler:

  • users.index -> users.read
  • users.store -> users.create
  • users.edit -> users.update
  • users.destroy -> users.delete

Route middleware icinde acik bir permission verilirse o deger dogrudan kullanilir.

Sub-resource destegi

Middleware, type query parametresi ile sub-resource permission'larini da destekler.

Ornek:

  • route permission: users.read
  • mevcut URL: /users?type=student
  • cozulmus permission: users:student.read

Bu davranis sadece ilgili scoped permission veritabaninda varsa uygulanir.

Frontend kullanim

Composable

Sayfa ve bilesenlerde @/composables/useCan kullanilir.

ts
const { can, canAny, hasRole } = useCan();

Vue direktifleri

Frontend permission plugin'i su direktifleri kaydeder:

  • v-can
  • v-role

Ornekler:

vue
<Button v-can="'users.create'" />
<Button v-can:any="['users.create', 'users.update']" />
<div v-role="'system_admin'">Sadece sistem yoneticileri icin</div>

Menu filtreleme

useAdminMenu(), admin navigasyonunu kullanicinin yetkilerine gore filtreler.

Yeni korumali alan eklerken pratik akis

  1. config/permission-resources.php icine resource ve ability tanimini ekle.
  2. Permission sync akisini tekrar calistir.
  3. Route'lari check.permission ile koru.
  4. Frontend tarafinda gereken yerde useCan() veya v-can kullan.

Roles & Permissions

This project uses spatie/laravel-permission with an additional config-driven layer stored in config/permission-resources.php.

Where permissions come from

Permissions are generated from three sources:

  • resources
  • sub_resources
  • custom_permissions

Examples from the current project:

  • users.read
  • roles.update
  • activity-logs.read
  • pulse.read
  • api-docs.read

Default roles

The application seeds these default roles:

  • system_admin
  • admin
  • user

Default role permissions are also defined in config/permission-resources.php.

Sync process

database/seeders/_01_RolePermissionSeeder.php is responsible for:

  • creating configured permissions
  • creating sub-resource permissions
  • creating custom permissions
  • removing orphaned permissions that no longer exist in config
  • seeding and updating default roles

The admin panel also exposes a permission sync action for system_admin users.

Automatic route-to-permission mapping

app/Http/Middleware/CheckResourcePermission.php converts route names into permission strings.

Examples:

  • users.index -> users.read
  • users.store -> users.create
  • users.edit -> users.update
  • users.destroy -> users.delete

If an explicit permission is passed in middleware, that value is used directly.

Sub-resource support

The middleware also supports sub-resource permissions through the type query parameter.

Example:

  • route permission: users.read
  • current URL: /users?type=student
  • resolved permission: users:student.read

This only applies if the scoped permission exists in the database.

Frontend usage

Composable

Use @/composables/useCan inside pages and components.

ts
const { can, canAny, hasRole } = useCan();

Vue directives

The frontend permission plugin registers:

  • v-can
  • v-role

Examples:

vue
<Button v-can="'users.create'" />
<Button v-can:any="['users.create', 'users.update']" />
<div v-role="'system_admin'">Only for system admins</div>

Menu filtering

useAdminMenu() filters admin navigation items based on the current user's permissions.

Practical workflow for adding a new protected area

  1. Add the resource and abilities to config/permission-resources.php.
  2. Re-run the permission sync flow.
  3. Protect the routes with check.permission.
  4. Use useCan() or v-can in the frontend where needed.