search

vsch / laravel-translation-manager

Enhanced Management of Laravel 4 & 5 Translations, with Yandex Translation API assisted translations.
MIT License
181 stars 84 forks source link

LTM and Sentinel user authentication #76

Open ghost opened 7 years ago

ghost commented 7 years ago

@vsch, the Sentinel package from Cartalyst doesnt work with Gate abilties. Is there a way to get around this? How would you approach it?

Thanks

vsch commented 7 years ago

@highnoon112, I am not familiar with Cartalyst Sentinel package but would assume that if you implement a Gate alias to handle the Gate::allows() method which will map the request to Sentinel API then you should be able to make it work. Only this method is used by LTM so it should be a simple implementation.

These are all the calls to the method from LTM code:

image

Keep in mind that the method takes a string id of the ability and an array of optional arguments. The argument list is used by the 'ltm-list-editors' ability to return a list of "editor" users which the current user is allowed to manage, adding/removing the locales which these users can edit.

Here is the code I use in my project to define the abilities which map to my customized User model that takes an array of roles and returns true if user has any of these roles.

<?php

namespace App\Providers;

use App\User;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;

class AuthServiceProvider extends ServiceProvider
{
    /**
     * The policy mappings for the application.
     *
     * @var array
     */
    protected $policies = [
        //'App\Model' => 'App\Policies\ModelPolicy',
    ];

    /**
     * Register any application authentication / authorization services.
     *
     * @return void
     */
    public
    function boot()
    {
        $this->registerPolicies();

        \Gate::define('ltm-admin-translations', function ($user) {
            /* @var $user User */
            return $user && $user->is_admin;
        });

        \Gate::define('ltm-edit-translations', function ($user) {
            /* @var $user User */
            return $user && $user->userRole(['admin', 'editor']);
        });

        \Gate::define('ltm-bypass-lottery', function ($user) {
            /* @var $user User */
            return $user && $user->userRole(['admin', 'editor']);
        });

        \Gate::define('ltm-list-editors', function ($user, $connection_name, &$user_list) {
            /* @var $connection_name string */
            /* @var $user User */
            /* @var $query  \Illuminate\Database\Query\Builder */
            $query = $user->on($connection_name)->getQuery();

            // modify the query to return only users that can edit translations and can be managed by $user
            // if you have a an editor scope defined on your user model you can use it to filter only translation editors
            $user_list = $user->scopeEditors($query)->where('id', '<>', 1)->orderby('id')->get(['id', 'email', 'name'])->all();
            //$user_list = $query->orderby('id')->get(['id', 'email']);

            return true;
        });
    }
}
ghost commented 7 years ago

@vsch Much appreciated, thanks.

Ill try to get it working.