Setting Rules
You can define access control rules using the allow()
and deny()
methods:
// Allow "admin" to delete a user
$access->allow("admin", "delete-a-user");
// Deny "moderator" from deleting a user
$access->deny("moderator", "delete-a-user");
Checking Permissions
To check if a user or group is allowed to perform an action, use isAllowed()
:
use Exception;
if (!$access->isAllowed("moderator", "delete-a-user")) {
throw new Exception("Access denied.");
}
$user->delete();
Enforcing Permissions
For convenience, you can use the verify()
method.
This method will throw an AccessDeniedException
if the user is not allowed:
$access->verify("moderator", "delete-a-user");
$user->delete();