Tutorial 7: How to Build a Laravel 5.4 Administration Module with Role-based permissions using Entrust package. (Part 2)
In part one of this tutorial, we created our project, installed and configured the Entrust package, created and seeded our database and created our Models.
In part two, we will set up our authentication, controllers, routes, views and test the Roles and Users CRUD operations.
Step 6: Create Our Authentication
Laravel ships with several pre-built authentication controllers, which are located in the App/Http/Controllers/Auth directory. Run the command below to generate all of the routes and views we need for authentication.
php artisan make:authThis command installs a layout view, registration and login views, as well as routes for all authentication end-points. The generated views are located in the resource/views/auth directory.
Step 7: Create Our Controllers and Routes
Run the commands below to create our Role and User Controller, the Role Controller will handle the HTTP requests regarding “roles” while the User Controller will handle the HTTP requests regarding “users” stored by our application.
php artisan make:controller RoleController
php artisan make:controller UserControllerResource controllers make it painless to build RESTful controllers around resources. Open up the routes/web.php file and register a resourceful route to the controller:
Here we create a resourceful route that actually creates multiple routes to handle a variety of RESTful actions on the role and user resources. This route has the “admin” prefix and its also only accessible by users with the admin role.
Open up the newly generated Controllers file located at app/Http/Controllers directory and update the code.
RoleController
UserController
Step 8: Create Our Views
In the resource/views directory create 2 new directories, roles and users.
Roles
In the roles directory create the index.blade.php file and paste the code below:
Next, create the create.blade.php file and paste the code below:
Next, create the show.blade.php file and paste the code below:
Next, create the edit.blade.php file and paste the code below:
Users
In the users directory create the index.blade.php file and paste the code below:
Next, create the create.blade.php file and paste the code below:
Next, create the show.blade.php file and paste the code below:
Next, create the edit.blade.php file and paste the code below:
Step 9: Update Our Navigation Menu and Add Error Page
Before we begin testing, we need to update our navigation bar by adding 2 new links that directs the user to the roles and users route.
One of the things we want to do is prevent any user that is not an Admin user from being able to access the roles and users section, we do this by making sure the links are only visible to Admin users.
Open up the app.blade.php file located in the resources/views/layouts directory and update the code
When a non-admin user attempts to access a restricted section, we want to display an error page informing the user that they don’t have the required permissions. Entrust does this by redirecting the user to a 403 page, all we need to do is create the page.
In the resources/views directory, create a new directory and name it errors, in that directory create 403.blade.php file and paste the code below.
Now, we are ready to test the Roles and Users CRUD operations.
Step 10: Testing
In your browser, navigate to
http://localhost:8888/administration-module/public
(the url will be different depending on your local server and your project name, don’t forget to add “/public”)
You should be presented with Laravel welcome page, click login at the top right then login in using the credentials for the admin user we created in step 5.
email => adminuser@test.com
password => adminpwdAfter logging in, you will be redirected to the home page, at the top right, click the roles link to go to the roles page.
Click the “New Role” button to add a new role and assign the relevant permissions.
After adding the new role, click the “Show” button to view the role information
Create a new role and test the edit and delete operations.
Now, lets add a new user and assign a role to them. Click the users link to go to the users page.
Click the “New User” button to add a new user and assign them the Senior Consultant role. Make sure you remember the password you set for the new user.
After successfully creating the new user, test the “Show” and “Edit” operations.
Create a new user and test delete operation.
For the final test, log out and log back in using the credentials of our newly created user.
Once you log in, you should notice that the Roles and Users link is missing in the navigation bar on the top right of the page, this is because the user is not an Admin user
If you attempt to access to the roles or users page using the url:
http://localhost:8888/administration-module/public/admin/roles
http://localhost:8888/administration-module/public/admin/users
You should be presented with our 403 page
This is the end of part two, in part three, we will set up the controllers, routes and views for the clients, jobs and candidates section.
If you would like to continue the project before I release part three, check out the Entrust Github page for more information about how to use the package, using this tutorial and the Entrust page, you should have enough to continue the rest of the project.
Until then….
