Essentials

Controls

Apply your security in all Laravel's places right here !

Control

To create a control, use the following command:

php artisan make:control PostControl

use Lomkit\Access\Controls\Control;

class PostControl extends Control
{
        /**
     * Retrieve the list of perimeter definitions for the current control.
     *
     * @return array<\Lomkit\Access\Perimeters\Perimeter> An array of Perimeter objects.
     */
    protected function perimeters(): array
    {
        return [
            // ...    
        ];
    }
}

Next you'll need to define your perimeters in the way you want them to be registered:

protected function perimeters(): array
{
    return [
      GlobalPerimeter::new()
        ->allowed(function (Model $user, string $method) {
          return $user->can(sprintf('%s global models', $method));
        })
        ->should(function (Model $user, Model $model) {
          return true;
        })
        ->query(function (Builder $query, Model $user) {
          return $query;
        }), 
    ];
}

Allowed

Can the user access this specific perimeter?
This method tells if the perimeter should apply for the given user.

Should

Does the user perimeter correspond to the given model perimeter?
This method validates a given model according to the user.

The should method won't be called for gates not relying on specifying a model (viewAny / create) and will instead auto-validate.

Query

Does the user have access to the given rows?
Applies the given perimeter to the query according to the user one.

Model

You need to specify to your model that a Control has been configured and specify it:

use Lomkit\Access\Controls\HasControl;

class Post extends Model
{
    use HasControl;
}

(Optional) Specify which Control to use

You can optionally specify which Control class this model should use:

use Lomkit\Access\Controls\HasControl;
use App\Access\Controls\PostControl;

class Post extends Model
{
    use HasControl;
    
    protected static string $control = PostControl::class;
}

Policies

In order to be applied to the policy, you need to extend the ControlledPolicy class:

use Lomkit\Access\Policies\ControlledPolicy;

class PostPolicy extends ControlledPolicy
{
    protected string $model = Post::class;
}

And you are ready to go, have a look at the usage section to apply the security wherever you want !

Perimeters

Structure your applications access scopes.

Usage

The instructions in order to secure your application.