CRUD Controllers

Permissions

You can set Permissions for each Crud action create, read, update and destroy. This will ensure that your controller returns a 403 response when someone without permissions attempts to access a relevant route.

These should be set in your CRUD config, either by setting the $permissions array or by calling setPermission.

You can provide:

  • A string - The slug of a permission that allow access to the action.
  • An array - An array of slugs of permissions which provide access to the action.
  • a callable - Such a callable should return true or false dependent on whether the action is permitted. It should expect the relevant $config instance as the first argument, and the \$item that is being acted upon (where appropriate) as the second.

Example

By setting permissions array

// app/Crud/MyCrud.php

/**
 * Array for determining Crud action permissions
 *
 * @var array
 */
protected $permissions = [
    'create' => 'full-cms-access',
    'read' => ['full-cms-access', 'partial-cms-access'],
    'update' => null,
    'destroy' => null,
];

Using setPermissions to set the permissions for a single action

// app/Crud/MyCrud.php

public function __construct()
{
    parent::__construct();

    $this->setPermission(
        'update',
        function ($config, $item) {
            if (Auth::guest()) {
              return false;
            }

            return Auth::user()->canModifyPage($item);
        }
    );
}

Using setPermissions to set the permissions for multiple actions

// app/Crud/MyCrud.php

public function __construct()
{
    $this->setPermissions(
        [
            'update' => function ($config, $item) {
                if (Auth::guest()) {
                  return false;
                }

                return Auth::user()->hasPermissions(['full-cms-access', 'write-cms-access']);
            },
            'delete' => function ($config, $item) {
                return $item->userCanDelete();
            }
        ]
    );
}

Index route data format

XHR data from the admin CRUD routes is formatted using Eloquent API Resources.

By default, when requ the controller formats data using \Yadda\Enso\Crud\Resources\ListResource::collection($items).

You may change the format of the response by overriding your controllers makeListCollection($items).

CRUD Index Responses

Requests for data to populate a CRUD index should include a table parameter. The controller will then return data formatted by \Yadda\Enso\Crud\Resources\TableResource::collection($items), which by default calls toArray on each Model.

You may change the data format by overriding your controllers makeTableCollection($items). This will change the structure of the data.items section of the response and not the entire response.