• Stars
    star
    880
  • Rank 51,881 (Top 2 %)
  • Language
    PHP
  • License
    MIT License
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Declarative style of authorization and validation in laravel.

Laravel Hey Man

Readability Counts. In fact, Readability is the primary value of your code !!!

Quality Score code coverage Maintainability Build Status StyleCI Latest Stable Version Daily Downloads Total Downloads Awesome Laravel Software License

πŸŽ€ Heyman continues where the other role-permission packages left off...

We have used CDD (Creativity Driven Development) alongside the TDD

Built with ❀️ for every smart laravel developer

Very well tested, optimized and production ready!

In fact, We have tackled a lot of complexity behind the scenes, to provide you with a lot of simplicity.

Installation:


composer require imanghafoori/laravel-heyman

Requirements:

  • PHP v7.0 or above
  • Laravel v5.1 or above

Example:

Here you can see a good example at:

https://github.com/imanghafoori1/council

Specially this file:

https://github.com/imanghafoori1/council/blob/master/app/Providers/AuthServiceProvider.php

This is fork from result of laracasts.com tutorial series refactored to use the Heyman package.

Heyman, let's fight off zombies

Zombie Http Request =>


<= Laravel Heyman





A story:

Imagine your boss comes to you and says :

 Hey man !!!
 
 When you visit the login form,
 
 You should be guest,
 
 Otherwise you get redirected to '/panel',

Write the code for me, just now... But KEEP IN MIND you are not allowed to touch the current code. it is very sensitive and we do not want you to tamper with it. You may break it.

And you write code like this in a Service Provider boot method to implement what your boss wanted.

image

That is what this package does for you + a lot more...

Customizable Syntax:

You can alias methods like this if you do not like too much verbose syntax provided by default.

  • Alias Situations (ex. whenYouMakeView to view)
  • Alias Conditions (ex. youShouldBeGuest to beGuest)

You should do it in the boot method.

alias methods

Structural Benefits:

1- This way you can fully decouple authorization and a lot of guarding code from the rest of your application code and put it in an other place. So your Controllers and Routes become less crowded and you will have a central place where you limit the access of users to your application or perform Request validation.

2- In fact, when you write your code in the way, you are conforming to the famous "Tell don't ask principle."

You are telling the framework what to do in certain situations rather than getting information and decide what to do then.

Procedural code gets information then makes decisions. Object-oriented code tells objects to do things. β€” Alec Sharp

3- This approach is paticularly useful when you for example write a package which needs ACL but you want to allow your package users to override and apply they own ACL (or validation) rules into your package routes...

And that becomes possible when you use laravel-HeyMan for ACL. The users can easily cancel out the default rules and re-write their favorite acl or validation stuff in a regular ServiceProviders.

Hey Man, that is Amazing stuff!

// This is written in package and lives in vendor folder, So we can not touch it.
HeyMan::whenYouHitRouteName('myPackageRoute')->youShouldHaveRole(....; 

To override that we use the forget method, within app/Providers/... :

public function boot() {
  
  // Cancels out the current rules
   HeyMan::forget()->aboutRoute('myPackageRoute');
  
  
   // Add new rules by package user.
   HeyMan::whenYouHitRouteName('myPackageRoute')-> ... 
   
}

Hey Man, Should I Momorize all the Methods?!

You do not need any cheat sheet.

IDE Auto-completion is fully supported.

refactor5

Hey Man, Where do I put these Heyman:: calls?

You may put them in AuthServiceProvider.php (or any other service provider) boot method.

image

Usage:

You should call the following method of the HeyMan Facade class.

use Imanghafoori\HeyMan\Facades\HeyMan;
// or
use HeyMan;  // <--- alias

Again we recommend visiting this file:

Working heyman sample rules

Situations:

HeyMan::  (situation) ->   (condition)   -> otherwise() -> (reaction) ;

1- Url is matched

HeyMan::whenYouVisitUrl(['/welcome', '/home'])->...   // you can pass an Array
HeyMan::whenYouVisitUrl('/admin/*')->...     // or match by wildcard
HeyMan::whenYouSendPost('/article/store')->   ...   
HeyMan::whenYouSendPatch('/article/edit')->  ...  
HeyMan::whenYouSendPut('/article/edit')->    ...     
HeyMan::whenYouSendDelete('/article/delete')-> ...

2- Route Name is matched

HeyMan::whenYouHitRouteName('welcome.name')->...              // For route names
HeyMan::whenYouHitRouteName('welcome.*')->...                 // or match by wildcard

3- Controller Action is about to Call

HeyMan::whenYouCallAction('HomeController@index')->...
HeyMan::whenYouCallAction('HomeController@*')->...          // or match by wildcard

4- A View file is about to render

 HeyMan::whenYouMakeView('article.editForm')->...     // also accepts an array
 HeyMan::whenYouMakeView('article.*')->...            // You can watch a group of views

Actually it refers to the moment when view('article.editForm') is executed.

5- Custom Event is Fired

HeyMan::whenEventHappens('myEvent')->...

Actually it refers to the moment when event('myEvent') is executed.

6- An Eloquent Model is about to save

HeyMan::whenYouSave(\App\User::class)->...
HeyMan::whenYouFetch(\App\User::class)->...
HeyMan::whenYouCreate(\App\User::class)->...
HeyMan::whenYouUpdate(\App\User::class)->...
HeyMan::whenYouDelete(\App\User::class)->...

Actually it refers to the moment when eloquent fires it's internal events like: (saving, deleting, creating, ...)

Note that the saving model is passed to the Gate of callback in the next chain call. so for example you can check the ID of the model which is saving.

Conditions:

HeyMan::  (situation) ->   (condition)   -> otherwise() -> (reaction) ;

After mentioning the situation, it is time to mention the condition.

1- Gates:

// define Gate
Gate::define('hasRole', function(){...});

Then you can use the gate:

HeyMan::whenYouVisitUrl('/home')->thisGateShouldAllow('hasRole', 'editor')->otherwise()->...;

Passing a Closure as a Gate:

$gate = function($user, $role) {
    /// some logic
    return true;
}
HeyMan::whenYouVisitUrl('/home')->thisGateShouldAllow($gate, 'editor')->otherwise()->...;

2- Authentication stuff:

HeyMan::whenYouVisitUrl('/home')->  youShouldBeGuest()    ->otherwise()->...;
HeyMan::whenYouVisitUrl('/home')->  youShouldBeLoggedIn() ->otherwise()->...;

3- Checking A Closure or Method or Value:

HeyMan::whenYouVisitUrl('home')->thisMethodShouldAllow('someClass@someMethod', ['param1'])->otherwise()->...;
HeyMan::whenYouVisitUrl('home')->thisClosureShouldAllow( function($a) { ... }, ['param1'] )  ->otherwise()->...;
HeyMan::whenYouVisitUrl('home')->thisValueShouldAllow( $someValue )->otherwise()->...;

4- Validate Requests:

HeyMan::whenYouHitRouteName('articles.store')->yourRequestShouldBeValid([
    'title' => 'required', 'body' => 'required',
]);

You can also modify the data before validation by calling beforeValidationModifyData().

$modifier = function ($data) {
  // removes "@" character from the "name" before validation.
  $data['name'] = str_replace('@', '', $data['name']);
  return $data;
}

HeyMan::whenYouHitRouteName('welcome.name')
        ->yourRequestShouldBeValid(['name' => 'required'])
        ->beforeValidationModifyData($modifier);

5- Check points:

You can also declare some check points some where, within your application code:

HeyMan::checkPoint('MyLane');

And put some rules for it

HeyMan::whenYouReachCheckPoint('MyLane')->youShouldHaveRole('Zombie')-> ...
HeyMan::whenYouVisitUrl('home')->always()-> ...
HeyMan::whenYouVisitUrl('home')->sessionShouldHave('key1')->...

Other things:

You can also use "always" and "sessionShouldHave" methods:

HeyMan::whenYouVisitUrl('home')->always()-> ...
HeyMan::whenYouVisitUrl('home')->sessionShouldHave('key1')->...

Define your own conditions:

You can extend the conditions and introduce new methods into heyman API like this:

// Place this code:
// In the `boot` method of your service providers

HeyMan::condition('youShouldBeMan', function () {
   return function () {
       return auth()->user() && auth()->user()->gender === 'Man';
   };
});

// or 

HeyMan::condition('youShouldBeMan', '\App\SomeWhere\SomeClass@someMethod');

Then you can use it like this:

HeyMan::whenYouVisitUrl('home')->youShouldBeMan()-> ...

Nice, isn't it ?!

Reactions:

HeyMan::  (situation) ->   (condition)   -> otherwise() -> (reaction) ;

1- Deny Access:

HeyMan::whenSaving(\App\User::class)->thisGateShouldAllow('hasRole', 'editor')->otherwise()->weDenyAccess();

An AuthorizationException will be thrown if needed

2- Redirect:

HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->redirect()->to(...)     ->with([...]);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->redirect()->route(...)  ->withErrors(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->redirect()->action(...) ->withInput(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->redirect()->intended(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->redirect()->guest(...);

In fact the redirect method here is very much like the laravel's redirect() helper function.

3- Throw Exception:

$msg = 'My Message';

HeyMan::whenYouVisitUrl('/login')
    ->youShouldBeGuest()
    ->otherwise()
    ->weThrowNew(AuthorizationException::class, $msg);

4- Abort:

HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->abort(...);

5- Send Response:

Calling these functions generate exact same response as calling them on the response() helper function: return response()->json(...);

HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->response()->json(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->response()->view(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->response()->jsonp(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->response()->make(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->response()->download(...);

6- Send custom response:

HeyMan::whenYouVisitUrl('/login')-> 
       ...
      ->otherwise()
      ->weRespondFrom('\App\Http\Responses\Authentication@guestsOnly');
namespace App\Http\Responses;

class Authentication
{
    public function guestsOnly()
    {
        if (request()->expectsJson()) {
            return response()->json(['error' => 'Unauthenticated.'], 401);
        }

        return redirect()->guest(route('login'));
    }
}

Hey man, You see ? we have just an Http response here. So our controllers are free to handle the right situaltions and do not worry about exceptional ones.

More Advanced Reactions:

Hey man, You may want to call some method or fire an event right before you send the response back. You can do so by afterCalling() and afterFiringEvent() methods.

HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->afterFiringEvent('explode')->response()->json(...);
HeyMan::whenYouVisitUrl('/login')-> ... ->otherwise()->afterCalling('someclass@method1')->response()->json(...);

Disabling Heyman:

You can disable HeyMan checks like this (useful while testing):

untitled

HeyMan::turnOff()->eloquentChecks();

...
/// You may save some eloquent models here...
/// without limitations from HeyMan rules.
...

HeyMan::turnOn()->eloquentChecks();

πŸ™‹ Contributing:

If you find an issue, or have a better way to do something, feel free to open an issue or a pull request.

⭐ Your Stars Make Us Do More ⭐

As always if you found this package useful and you want to encourage us to maintain and work on it. Just press the star button to declare your willing.

Star History

Star History Chart

More from the author:

Laravel Widgetize

πŸ’Ž A minimal yet powerful package to give a better structure and caching opportunity for your laravel apps.


Laravel Terminator

πŸ’Ž A minimal yet powerful package to give you opportunity to refactor your controllers.


Laravel AnyPass

πŸ’Ž It allows you login with any password in local environment only.


Laravel Microscope

πŸ’Ž It automatically checks your laravel application (new)


Great spirits have always encountered violent opposition from mediocre minds.

"Albert Einstein"

More Repositories

1

laravel-microscope

Fearless refactoring, it does a lot of smart checks to find certain errors.
PHP
1,307
star
2

laravel-widgetize

A minimal package to help you make your laravel application cleaner and faster.
PHP
902
star
3

laravel-MasterPass

Helps you securely setup a master password and login into user accounts with it.
PHP
354
star
4

laravel-terminator

A package to help you clean up your controllers in laravel
PHP
246
star
5

laravel-video

A laravel package to stream video content.
PHP
232
star
6

laravel-anypass

A minimal package that helps you login with any password on local environments
PHP
211
star
7

eloquent-relativity

Allows you to decouple your eloquent models from one another.
PHP
147
star
8

laravel-decorator

Easily decorate your method calls with laravel-decorator package
PHP
129
star
9

eloquent-mockery

Mock your eloquent queries without the repository pattern
PHP
123
star
10

laravel-middlewarize

Use middleware to decorate method calls within your application code.
PHP
105
star
11

laravel-nullable

Functional programming paradigms in laravel to avoid run-time errors.
PHP
102
star
12

laravel-temp-tag

Temporarily and Transparently, tag your eloquent models
PHP
100
star
13

laravel-smart-facades

Strategy design pattern in laravel, the easiest way.
PHP
87
star
14

laravel-password-history

Keep a password history of your users to prevent them from reusing the same password.
PHP
64
star
15

iranian-laravel-contributors

The list of people from Iran who have contributed to the laravel framework
40
star
16

laravel-tokenized-login

Two factor authentication in Laravel
PHP
36
star
17

eloquent-history

PHP
31
star
18

smart-realtime-facades

PHP
30
star
19

php-smart-search-replace

Smart search/replace functionality for PHP code
PHP
27
star
20

gilded_rose

Based on a tutorial for code refactoring
PHP
25
star
21

why_github_is_not_open_source

Why github.com is NOT open-source???
25
star
22

laravel-makesure

Readable syntax to write tests in laravel
PHP
21
star
23

eloquent-rating

5 star rating for eloquent models
PHP
18
star
24

laravel-file-cache-cleaner

Delete the obsolete cache files in the storage directory
PHP
15
star
25

php_token_analyzer

PHP
11
star
26

laravel-db-freeze

A package that allows you to bypass any insert, edit, delete into your database in demo mode through .env variables
10
star
27

laravel-anytoken

A minimal development package that helps you fake any api token as a valid one during development
10
star
28

composer-json

A utility class for read composer.json data and use it in PHP
PHP
9
star
29

crudbooster-statistics

Statistics module for Crudbooster CMS
HTML
8
star
30

imanghafoori1

8
star
31

laravel-microscope-ui

8
star
32

laravel-tik8

Simple modular ticketing system by laravel
8
star
33

crudbooster-logs

A plug-in for CrudBooster CMS to add log functionality
PHP
8
star
34

chat

node chat application
HTML
7
star
35

crudbooster-notifications

Adds notification functionality to crudbooster
PHP
7
star
36

laravel-nice-middlewares

This is a plug-in for laravel-middlewarize package.
PHP
6
star
37

questionist

Advanced event/listener system
PHP
6
star
38

abstract_php_filesystem

PHP
3
star
39

example_query

PHP
2
star
40

test-bin

1
star
41

laravel-endpoints

Define your endpoints as classes
1
star
42

git_toturial

1
star