Spike permission check framework #10164
Conversation
| use App\Models\User; | ||
| use Illuminate\Support\Facades\Auth; | ||
|
|
||
| class PermissionCheckService |
There was a problem hiding this comment.
Hmm, this class looks a lot like UserChecker.php used by Laratrust. userCan instead of currentUserHasPermission, for example. I wonder if there's anyway to integrate this more tightly into Laratrust?
Compare to ProtectedRequestUserChecker and UserDefaultChecker.
| } | ||
| public function resourceName(): string | ||
| { | ||
| return 'pool'; |
There was a problem hiding this comment.
I wonder if there's any way to link this in a more expressive/explicit way? Maybe config('rolepermission.resources.pool')?
| protected $permissionCheckService; | ||
|
|
||
| // Put PermissionCheckService into a variable in the constructor | ||
| public function __construct(PermissionCheckService $permissionCheckService) |
There was a problem hiding this comment.
You use the DI container to inject a PermissionCheckService into the constructor here but then you new up a new instance in every method below anyway?
The more idiomatic way for Laravel (I think?) would be have this service as a singleton that you get from the container like this and then reuse it over and over. You'd probably have to pass in $user as a parameter in the function calls but this would make the service very testable.
π€ Related to #10144.
π Introduction
Testing a framework which generalizes the multiple ways a user might have access to a resource.
π΅οΈ Details
When users have a permission related to a resource, it may apply to all instances of the resource, or specific resources owned by the user, or resources associated with a team. This framework is meant to avoid devs having to check each instance appropriately. This may especially helpful as we the notion of 'team' becomes more abstract.
This is very early, just looking for feedback for now.
π§ͺ Testing
Assist reviewers with steps they can take to test that the PR does what it says it does.
πΈ Screenshot
Add a screenshot (if possible).
π Deployment
Add any additional details that are required for deploying the application.
Examples of when this is required include: