Quick routing and access filtering

Submitted by XoneFobic - 11 years ago

An example of how I did my filters.php and routes.php to populate many of the same structured routes. Used Sentry 2 for Authentication and short syntax for array() Suggestions to make it even DRYer are welcome. php artisan route output of the example http://paste.laravel.com/1cnE

// /app/filters.php
<?php

/*
 * Access filters
 */

Route::filter('hasReadAccess', function ($route, $request, $value) {
    // I used Sentry, but change it to whatever you need.
    if (! Sentry::getUser()->hasAccess($value . '.read')) App::abort(401, 'You are not authorized.');
});

Route::filter('hasWriteAccess', function ($route, $request, $value) {
    // I used Sentry, but change it to whatever you need.
    if (! Sentry::getUser()->hasAccess($value . '.write')) App::abort(401, 'You are not authorized.');
});

// /app/routes.php
<?php

$namespace = 'DoubleBinary\digitalDesign\Controllers';

$routeTemplate = [
    'article' => $namespace . '\ArticleController',
    'client'  => $namespace . '\ClientController',
    'machine' => $namespace . '\MachineController',
    'order'   => $namespace . '\OrderController',
    'product' => $namespace . '\ProductController',
    'user'    => $namespace . '\UserController',
];

/*
 * Standard Routes
 */

foreach ($routeTemplate as $model => $controller) {
    Route::group(['prefix' => $model], function () use ($model, $controller) {

        # PATTERN
        Route::pattern('id', '[0-9]+');

        # GET /[model]/
        Route::get('/', [
            'as'     => $model . '.index',
            'before' => 'hasReadAccess:' . $model,
            'uses'   => $controller . '@index'
        ]);

        # GET /[model]/create
        Route::get('create', [
            'as'     => $model . '.create',
            'before' => 'hasWriteAccess:' . $model,
            'uses'   => $controller . '@create'
        ]);

        # POST /[model]/
        Route::post('/', [
            'as'     => $model . '.store',
            'before' => 'csrf|hasWriteAccess:' . $model,
            'uses'   => $controller . '@store'
        ]);

        # GET /[model]/{id}
        Route::get('{id}', [
            'as'     => $model . '.show',
            'before' => 'hasReadAccess:' . $model,
            'uses'   => $controller . '@show'
        ]);

        # GET /[model]/{id}/edit
        Route::get('{id}/edit', [
            'as'     => $model . '.edit',
            'before' => 'hasWriteAccess:' . $model,
            'uses'   => $controller . '@edit'
        ]);

        # PUT /[model]/{id}
        Route::put('{id}', [
            'as'     => $model . '.update',
            'before' => 'csrf|hasWriteAccess:' . $model,
            'uses'   => $controller . '@update'
        ]);

        # PATCH /[model]/{id}
        Route::patch('{id}', [
            'as'     => $model . '.patch',
            'before' => 'csrf|hasWriteAccess:' . $model,
            'uses'   => $controller . '@update'
        ]);

        # GET /[model]/{id}/delete
        Route::get('{id}/delete', [
            'as'     => $model . '.destroy',
            'before' => 'hasWriteAccess:' . $model,
            'uses'   => $controller . '@destroy'
        ]);

        # GET /[model]/{id}/restore
        Route::get('{id}/restore', [
            'as'     => $model . '.restore',
            'before' => 'hasWriteAccess:' . $model,
            'uses'   => $controller . '@restore'
        ]);
    });
}

/*
 * No standard Routes
 */

Route::get('login', [
    'as'     => 'session.create',
    'before' => null,
    'uses'   => $namespace . '\SessionController@create'
]);
Route::post('login', [
    'as'     => 'session.store',
    'before' => 'csrf',
    'uses'   => $namespace . '\SessionController@store'
]);
Route::get('logout', [
    'as'     => 'session.destroy',
    'before' => null,
    'uses'   => $namespace . '\SessionController@destroy'
]);

/*
 * Landing Route
 */

Route::get('/', [
    'as'     => 'landing.index',
    'before' => null,
    'uses'   => $namespace . '\LandingController@index'
]);