|
9 | 9 | - [can()](#can) |
10 | 10 | - [inGroup()](#ingroup) |
11 | 11 | - [hasPermission()](#haspermission) |
12 | | - - [Authorizing via Filters](#authorizing-via-filters) |
13 | 12 | - [Authorizing via Routes](#authorizing-via-routes) |
14 | 13 | - [Managing User Permissions](#managing-user-permissions) |
15 | 14 | - [addPermission()](#addpermission) |
@@ -130,28 +129,34 @@ if (! $user->hasPermission('users.create')) { |
130 | 129 | } |
131 | 130 | ``` |
132 | 131 |
|
133 | | -#### Authorizing via Filters |
| 132 | +#### Authorizing via Routes |
134 | 133 |
|
135 | | -You can restrict access to multiple routes through a [Controller Filter](https://codeigniter.com/user_guide/incoming/filters.html). One is provided for both restricting via groups the user belongs to, as well as which permission they need. The filters are automatically registered with the system under the `group` and `permission` aliases, respectively. You can define the protections within **app/Config/Filters.php**: |
| 134 | +You can restrict access to a route or route group through a |
| 135 | +[Controller Filter](https://codeigniter.com/user_guide/incoming/filters.html). |
136 | 136 |
|
137 | | -```php |
138 | | -public $filters = [ |
139 | | - 'group:admin,superadmin' => ['before' => ['admin/*']], |
140 | | - 'permission:users.manage' => ['before' => ['admin/users/*']], |
141 | | -]; |
142 | | -``` |
| 137 | +One is provided for restricting via groups the user belongs to, the other |
| 138 | +is for permission they need. The filters are automatically registered with the |
| 139 | +system under the `group` and `permission` aliases, respectively. |
143 | 140 |
|
144 | | -#### Authorizing via Routes |
145 | | - |
146 | | -The filters can also be used on a route or route group level: |
| 141 | +You can set the filters within **app/Config/Routes.php**: |
147 | 142 |
|
148 | 143 | ```php |
149 | 144 | $routes->group('admin', ['filter' => 'group:admin,superadmin'], static function ($routes) { |
150 | | - $routes->resource('users'); |
| 145 | + $routes->group( |
| 146 | + '', |
| 147 | + ['filter' => ['group:admin,superadmin', 'permission:users.manage']], |
| 148 | + static function ($routes) { |
| 149 | + $routes->resource('users'); |
| 150 | + } |
| 151 | + ); |
151 | 152 | }); |
152 | | - |
153 | 153 | ``` |
154 | 154 |
|
| 155 | +Note that the options (`filter`) passed to the outer `group()` are not merged with the inner `group()` options. |
| 156 | + |
| 157 | +> **Note** If you set more than one filter to a route, you need to enable |
| 158 | +> [Multiple Filters](https://codeigniter.com/user_guide/incoming/routing.html#multiple-filters). |
| 159 | +
|
155 | 160 | ## Managing User Permissions |
156 | 161 |
|
157 | 162 | Permissions can be granted on a user level as well as on a group level. Any user-level permissions granted will |
|
0 commit comments