CRUD Controllers

Crud Name

Once you have created a new Crud Controller, you may need to set the $crud_name. This is what allows your controller to find the correct config() data. You will need to do this if the $crud_name cannot be inferred from a lower-snake-cased version of the Controller class name, less the word Controller).

For example, if your new Controller is called RegionController and you want the $crud_name to be region, you do not need to do anything.

If you require it to be something else, set the protected $crud_name property

protected $crud_name = 'override_crud';

Permissions

You can set Permissions for each Crud action create, read, update and destroy. This we ensure that your controller returns a 403 responnse when someone without permissions attempts to access a relevant route.

These should be set directly in the $permissions array as:

  • a string. This will be the slug of a single permission that is required to access the action.
  • an array. This should be an array of slugs of permissions which should enable access to this action.

Or alternatively as a callable via the constructor. Such a callable should return true or false dependent on whether the action is permitted. It should expect the relevant $config instance as the first argument, and the \$item that is being acted upon (where appropriate) as the second.

Examples:

/**
 * Array for determining Crud action permissions
 *
 * @var array
 */
protected $permissions = [
    'create' => 'full-cms-access',
    'read' => ['full-cms-access', 'partial-cms-access'],
    'update' => null,
    'destroy' => null,
];

/**
 * Create a new instance of CrudController
 *
 * @return void
 */
public function __construct()
{
    parent::__construct();

    $this->setPermission(
        'update',
        function ($config, $item) {
            return Auth::check()
                && Auth::user()->canModifyPage($item);
        }
    );

    // OR

    $this->setPermissions(
        [
            'update' => function ($config, $item) {
                return Auth::check()
                    && Auth::user()->hasPermissions(['full-cms-access', 'write-cms-access']);
            },
            'delete' => function ($config, $item) {
                return $item->userCanDelete();
            }
        ]
    );
}