3

Are there some naming guidelines I should be following when it comes to naming permissions? Right now, everything I find is just along the lines of "Add Foo","Edit Foo","Delete Foo","Add FooBar","Edit FooBar","Delete FooBar", and so forth and so forth.

Keeping in mind that there is no grouping (which is a real pity), and when you have a management screen for all said permissions - the above approach seems quite sloppy.

All your "adds" are together, "edits" are together, etc. eg:

 - Add Foo
 - Add FooBar
 - Add FooBarBez
 - Edit Foo
 - Edit FooBar
 - Edit FooBarBez
 - Delete Foo
 - Delete FooBar
 - Delete FooBarBez

Right now I'm leaning towards something along the lines of what route names look like, for example:

 - foo.add
 - foo.edit
 - foo.delete
 - foobar.add
 - foobar.edit
 - foobar.delete
 - foobarbez.add
 - foobarbez.edit
 - foobarbez.delete

It's more organised in terms of keeping all the 'parent' permissions together (ie: all Foo's together, all FooBar's together, etc). Of course, if there are actual guidelines for this, please do let me know or if you have other valuable input / suggestions?

//Edit Update for Clarity

Specifically, 

- __Are__ any naming conventions? 
- Are there any preferences in terms of use of singular/plural when it comes to parents (eg: "User Create", "Users Create")
- If parents and action should be separated with a space, a dot, something else? (eg: "users.create"; "users create"; "users->create")
- What about nested resources (Parent.Child)? eg: "users.banking_details.create"
- Captilisation? Lowercase? Camel Case?

As mentioned previously, leaning towards laravel named routes as the guideline so would be: plural, lowercase, separated by dots, including full path (parent+child relationship). Just because thats what I'm leaning towards, doesnt mean its right though, hence me asking for input from the community :)

4

4 回答 4

2

我会使用Laravel 在授权资源时使用的相同名称

  • view
  • create
  • update
  • delete

你可以在这里阅读更多相关信息:Laravel 中的门和授权改进

于 2018-08-12T17:23:58.570 回答
1

有任何命名约定吗?

从来没听说过。正如您所指出的,这些示例使用“创建帖子”等,这是一种可怕的处理方式。

对于父母,在使用单数/复数方面是否有任何偏好(例如:“用户创建”、“用户创建”)

这真的取决于你的使用情况。这是一个在不同情况下使用单数和复数的示例。

返回单个用户user.read的路由可以受保护,返回多个用户的路由可以受保护users.read。我相信最好的方法是使用对你和/或你的团队有意义的东西。

如果父母和行动应该用空格、点或其他东西分开?(例如:“users.create”;“用户创建”;“用户->创建”)

点是首选方法,特别是如果您要使用通配符。

嵌套资源(Parent.Child)呢?例如:“users.banking_details.create”

使用起来非常好,但是在涉及通配符权限时要小心。通配符权限将授予使用所有权限的权限。

如果您要授予某人权限users或被users.*同等对待,他们将能够执行此父项下的所有权限。

俘虏?小写?骆驼香烟盒?

选择一致的风格并坚持下去。

我个人使用 Web 操作 (CRUD) 常用的命名约定。

task.create
task.read
task.update
task.delete
于 2021-01-20T06:37:37.037 回答
1

在文档中,他们列出了一个示例播种机,并给出了其他示例。 https://github.com/spatie/laravel-permission

'edit articles'
'delete articles'
'publish articles'
'unpublish articles'

我认为这不是一个好的约定,所以我在 PostController 中使用了这个:

function __construct()
{
  $this->middleware('auth', ['except' => ['index', 'show']]);
  $this->middleware(['permission:post create'], ['only' => ['create', 'store']]);
  $this->middleware(['permission:post edit'],   ['only' => ['edit', 'update']]);
  $this->middleware(['permission:post delete'], ['only' => ['delete']]);
}

我每次都必须使用 $this,因为您似乎无法链接中间件。

于 2018-12-15T19:01:22.933 回答
0

而不是使用 foo 或其他东西,只需使用

  • 创造
  • 编辑
  • 看法
  • 更新
  • 当您开始进行身份验证时,它会有所帮助并使步骤更容易。
于 2018-08-12T17:49:00.687 回答