# Access Control List
# Introduction
Bagisto's Access Control List (ACL) feature enhances security by allowing administrators to finely manage user access across different application sections. It enables precise control over permissions, ensuring users only access authorized resources and actions. By defining roles and assigning privileges based on organizational structures or responsibilities, Bagisto's ACL strengthens governance, safeguards sensitive data, and ensures compliance with policies. This capability supports a secure and customizable user experience, adapting permissions dynamically to meet evolving organizational needs, thereby enhancing operational efficiency.
# Directory Structure
To configure Access Control List (ACL) settings in Bagisto, follow these structured steps:
# Create Configuration File
Begin by creating a new file named acl.php
within the Config
directory of your package located at packages/Webkul/Blog/src/Config
:
└── packages
└── Webkul
└── Blog
└── src
├── ...
└── Config
├── acl.php
└── ...
# Define ACL Configuration
Inside acl.php
, define ACL settings using an array format. Each array element represents a menu item or resource with parameters such as key, name
, route
, and sort
. Here’s an example:
Add the following code to acl.php
:
<?php
return [
[
'key' => 'blog',
'name' => 'blog',
'route' => 'blog.admin.index',
'sort' => 2
]
];
In the above code, we have defined an array for each menu item with the parameters (key, name, route, and sort). You need to define the menus you want to include in the ACL here.
# Merge ACL Configuration
To merge the ACL configuration, follow these steps:
# Modify Service Provider
Navigate to the BlogServiceProvider
class within the Webkul\Blog\Providers
namespace.
# Register Method
Inside the register
method of your service provider, use the mergeConfigFrom method to merge your ACL configuration file:
<?php
namespace Webkul\Blog\Providers;
use Illuminate\Support\ServiceProvider;
class StripeServiceProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
public function register()
{
//...
$this->mergeConfigFrom(
dirname(__DIR__) . '/Config/acl.php', 'acl'
);
}
}
Ensure that the path specified in mergeConfigFrom matches the location of your acl.php file.
This will merge the ACL configuration with the existing configuration.
# Clear Configuration Cache
After making changes, clear the configuration cache to apply the latest ACL configuration:
php artisan optimize
# Verify in Admin Panel
Check the updated ACL configuration within the admin panel to confirm that menu items are correctly displayed and sorted according to your configuration.
This will ensure that the latest ACL configuration is used.
# Checking Roles and Permissions
To manage roles and permissions effectively:
# Access Roles
In the Admin model located in Webkul\User\Models
, utilize the relationship with the Role model to manage roles
associated with users.
# Permission Checks
Use the bouncer()
helper function to verify if a user has specific permissions. Example usage:
bouncer()->hasPermission($permission)
Replace $permission
with the actual permission you want to check.
By following these steps, you can seamlessly configure and manage Access Control List (ACL) settings in Bagisto, ensuring secure and controlled access to administrative functionalities.