class Gate implements Gate (View source)

Traits

Properties

protected Container $container

The container instance.

protected callable $userResolver

The user resolver callable.

protected array $abilities

All of the defined abilities.

protected array $policies

All of the defined policies.

protected array $beforeCallbacks

All of the registered before callbacks.

protected array $afterCallbacks

All of the registered after callbacks.

protected array $stringCallbacks

All of the defined abilities using class@method notation.

protected Response|null $defaultDenialResponse

The default denial response for gates and policies.

protected callable|null $guessPolicyNamesUsingCallback

The callback to be used to guess policy names.

Methods

allow(string|null $message = null, mixed $code = null)

Create a new access response.

deny(string|null $message = null, mixed|null $code = null)

Throws an unauthorized exception.

denyWithStatus(int $status, string|null $message = null, int|null $code = null)

Deny with a HTTP status code.

denyAsNotFound(string|null $message = null, int|null $code = null)

Deny with a 404 HTTP status code.

void
__construct(Container $container, callable $userResolver, array $abilities = [], array $policies = [], array $beforeCallbacks = [], array $afterCallbacks = [], callable|null $guessPolicyNamesUsingCallback = null)

Create a new gate instance.

bool
has(string $ability)

Determine if a given ability has been defined.

allowIf(Response|Closure|bool $condition, string|null $message = null, string|null $code = null)

Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is false.

denyIf(Response|Closure|bool $condition, string|null $message = null, string|null $code = null)

Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is true.

authorizeOnDemand(Response|Closure|bool $condition, string|null $message, string|null $code, bool $allowWhenResponseIs)

Authorize a given condition or callback.

$this
define(string $ability, callable|string $callback)

Define a new ability.

$this
resource(string $name, string $class, array|null $abilities = null)

Define abilities for a resource.

buildAbilityCallback(string $ability, string $callback)

Create the ability callback for a callback string.

$this
policy(string $class, string $policy)

Define a policy class for a given class type.

$this
before(callable $callback)

Register a callback to run before all Gate checks.

$this
after(callable $callback)

Register a callback to run after all Gate checks.

bool
allows(iterable|string $ability, array|mixed $arguments = [])

Determine if all of the given abilities should be granted for the current user.

bool
denies(iterable|string $ability, array|mixed $arguments = [])

Determine if any of the given abilities should be denied for the current user.

bool
check(iterable|string $abilities, array|mixed $arguments = [])

Determine if all of the given abilities should be granted for the current user.

bool
any(iterable|string $abilities, array|mixed $arguments = [])

Determine if any one of the given abilities should be granted for the current user.

bool
none(iterable|string $abilities, array|mixed $arguments = [])

Determine if all of the given abilities should be denied for the current user.

authorize(string $ability, array|mixed $arguments = [])

Determine if the given ability should be granted for the current user.

inspect(string $ability, array|mixed $arguments = [])

Inspect the user for the given ability.

mixed
raw(string $ability, array|mixed $arguments = [])

Get the raw result from the authorization callback.

bool
canBeCalledWithUser(Authenticatable|null $user, Closure|string|array $class, string|null $method = null)

Determine whether the callback/method can be called with the given user.

bool
methodAllowsGuests(string $class, string $method)

Determine if the given class method allows guests.

bool
callbackAllowsGuests(callable $callback)

Determine if the callback allows guests.

bool
parameterAllowsGuests(ReflectionParameter $parameter)

Determine if the given parameter allows guests.

bool
callAuthCallback(Authenticatable|null $user, string $ability, array $arguments)

Resolve and call the appropriate authorization callback.

bool|null
callBeforeCallbacks(Authenticatable|null $user, string $ability, array $arguments)

Call all of the before callbacks and return if a result is given.

bool|null
callAfterCallbacks(Authenticatable $user, string $ability, array $arguments, bool $result)

Call all of the after callbacks with check result.

void
dispatchGateEvaluatedEvent(Authenticatable|null $user, string $ability, array $arguments, bool|null $result)

Dispatch a gate evaluation event.

callable
resolveAuthCallback(Authenticatable|null $user, string $ability, array $arguments)

Resolve the callable for the given ability and arguments.

mixed
getPolicyFor(object|string $class)

Get a policy instance for a given class.

array
guessPolicyName(string $class)

Guess the policy name for the given class.

$this
guessPolicyNamesUsing(callable $callback)

Specify a callback to be used to guess policy names.

mixed
resolvePolicy(object|string $class)

Build a policy class instance of the given type.

bool|callable
resolvePolicyCallback(Authenticatable $user, string $ability, array $arguments, mixed $policy)

Resolve the callback for a policy check.

mixed
callPolicyBefore(mixed $policy, Authenticatable $user, string $ability, array $arguments)

Call the "before" method on the given policy, if applicable.

mixed
callPolicyMethod(mixed $policy, string $method, Authenticatable|null $user, array $arguments)

Call the appropriate method on the given policy.

string
formatAbilityToMethod(string $ability)

Format the policy ability into a method name.

forUser(Authenticatable|mixed $user)

Get a gate instance for the given user.

mixed
resolveUser()

Resolve the user from the user resolver.

array
abilities()

Get all of the defined abilities.

array
policies()

Get all of the defined policies.

$this
defaultDenialResponse(Response $response)

Set the default denial response for gates and policies.

$this
setContainer(Container $container)

Set the container instance used by the gate.

Details

protected Response allow(string|null $message = null, mixed $code = null)

Create a new access response.

Parameters

string|null $message
mixed $code

Return Value

Response

protected Response deny(string|null $message = null, mixed|null $code = null)

Throws an unauthorized exception.

Parameters

string|null $message
mixed|null $code

Return Value

Response

Response denyWithStatus(int $status, string|null $message = null, int|null $code = null)

Deny with a HTTP status code.

Parameters

int $status
string|null $message
int|null $code

Return Value

Response

Response denyAsNotFound(string|null $message = null, int|null $code = null)

Deny with a 404 HTTP status code.

Parameters

string|null $message
int|null $code

Return Value

Response

void __construct(Container $container, callable $userResolver, array $abilities = [], array $policies = [], array $beforeCallbacks = [], array $afterCallbacks = [], callable|null $guessPolicyNamesUsingCallback = null)

Create a new gate instance.

Parameters

Container $container
callable $userResolver
array $abilities
array $policies
array $beforeCallbacks
array $afterCallbacks
callable|null $guessPolicyNamesUsingCallback

Return Value

void

bool has(string $ability)

Determine if a given ability has been defined.

Parameters

string $ability

Return Value

bool

Response allowIf(Response|Closure|bool $condition, string|null $message = null, string|null $code = null)

Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is false.

Parameters

Response|Closure|bool $condition
string|null $message
string|null $code

Return Value

Response

Exceptions

AuthorizationException

Response denyIf(Response|Closure|bool $condition, string|null $message = null, string|null $code = null)

Perform an on-demand authorization check. Throw an authorization exception if the condition or callback is true.

Parameters

Response|Closure|bool $condition
string|null $message
string|null $code

Return Value

Response

Exceptions

AuthorizationException

protected Response authorizeOnDemand(Response|Closure|bool $condition, string|null $message, string|null $code, bool $allowWhenResponseIs)

Authorize a given condition or callback.

Parameters

Response|Closure|bool $condition
string|null $message
string|null $code
bool $allowWhenResponseIs

Return Value

Response

Exceptions

AuthorizationException

$this define(string $ability, callable|string $callback)

Define a new ability.

Parameters

string $ability
callable|string $callback

Return Value

$this

Exceptions

InvalidArgumentException

$this resource(string $name, string $class, array|null $abilities = null)

Define abilities for a resource.

Parameters

string $name
string $class
array|null $abilities

Return Value

$this

protected Closure buildAbilityCallback(string $ability, string $callback)

Create the ability callback for a callback string.

Parameters

string $ability
string $callback

Return Value

Closure

$this policy(string $class, string $policy)

Define a policy class for a given class type.

Parameters

string $class
string $policy

Return Value

$this

$this before(callable $callback)

Register a callback to run before all Gate checks.

Parameters

callable $callback

Return Value

$this

$this after(callable $callback)

Register a callback to run after all Gate checks.

Parameters

callable $callback

Return Value

$this

bool allows(iterable|string $ability, array|mixed $arguments = [])

Determine if all of the given abilities should be granted for the current user.

Parameters

iterable|string $ability
array|mixed $arguments

Return Value

bool

bool denies(iterable|string $ability, array|mixed $arguments = [])

Determine if any of the given abilities should be denied for the current user.

Parameters

iterable|string $ability
array|mixed $arguments

Return Value

bool

bool check(iterable|string $abilities, array|mixed $arguments = [])

Determine if all of the given abilities should be granted for the current user.

Parameters

iterable|string $abilities
array|mixed $arguments

Return Value

bool

bool any(iterable|string $abilities, array|mixed $arguments = [])

Determine if any one of the given abilities should be granted for the current user.

Parameters

iterable|string $abilities
array|mixed $arguments

Return Value

bool

bool none(iterable|string $abilities, array|mixed $arguments = [])

Determine if all of the given abilities should be denied for the current user.

Parameters

iterable|string $abilities
array|mixed $arguments

Return Value

bool

Response authorize(string $ability, array|mixed $arguments = [])

Determine if the given ability should be granted for the current user.

Parameters

string $ability
array|mixed $arguments

Return Value

Response

Exceptions

AuthorizationException

Response inspect(string $ability, array|mixed $arguments = [])

Inspect the user for the given ability.

Parameters

string $ability
array|mixed $arguments

Return Value

Response

mixed raw(string $ability, array|mixed $arguments = [])

Get the raw result from the authorization callback.

Parameters

string $ability
array|mixed $arguments

Return Value

mixed

Exceptions

AuthorizationException

protected bool canBeCalledWithUser(Authenticatable|null $user, Closure|string|array $class, string|null $method = null)

Determine whether the callback/method can be called with the given user.

Parameters

Authenticatable|null $user
Closure|string|array $class
string|null $method

Return Value

bool

protected bool methodAllowsGuests(string $class, string $method)

Determine if the given class method allows guests.

Parameters

string $class
string $method

Return Value

bool

protected bool callbackAllowsGuests(callable $callback)

Determine if the callback allows guests.

Parameters

callable $callback

Return Value

bool

Exceptions

ReflectionException

protected bool parameterAllowsGuests(ReflectionParameter $parameter)

Determine if the given parameter allows guests.

Parameters

ReflectionParameter $parameter

Return Value

bool

protected bool callAuthCallback(Authenticatable|null $user, string $ability, array $arguments)

Resolve and call the appropriate authorization callback.

Parameters

Authenticatable|null $user
string $ability
array $arguments

Return Value

bool

protected bool|null callBeforeCallbacks(Authenticatable|null $user, string $ability, array $arguments)

Call all of the before callbacks and return if a result is given.

Parameters

Authenticatable|null $user
string $ability
array $arguments

Return Value

bool|null

protected bool|null callAfterCallbacks(Authenticatable $user, string $ability, array $arguments, bool $result)

Call all of the after callbacks with check result.

Parameters

Authenticatable $user
string $ability
array $arguments
bool $result

Return Value

bool|null

protected void dispatchGateEvaluatedEvent(Authenticatable|null $user, string $ability, array $arguments, bool|null $result)

Dispatch a gate evaluation event.

Parameters

Authenticatable|null $user
string $ability
array $arguments
bool|null $result

Return Value

void

protected callable resolveAuthCallback(Authenticatable|null $user, string $ability, array $arguments)

Resolve the callable for the given ability and arguments.

Parameters

Authenticatable|null $user
string $ability
array $arguments

Return Value

callable

mixed getPolicyFor(object|string $class)

Get a policy instance for a given class.

Parameters

object|string $class

Return Value

mixed

protected array guessPolicyName(string $class)

Guess the policy name for the given class.

Parameters

string $class

Return Value

array

$this guessPolicyNamesUsing(callable $callback)

Specify a callback to be used to guess policy names.

Parameters

callable $callback

Return Value

$this

mixed resolvePolicy(object|string $class)

Build a policy class instance of the given type.

Parameters

object|string $class

Return Value

mixed

Exceptions

BindingResolutionException

protected bool|callable resolvePolicyCallback(Authenticatable $user, string $ability, array $arguments, mixed $policy)

Resolve the callback for a policy check.

Parameters

Authenticatable $user
string $ability
array $arguments
mixed $policy

Return Value

bool|callable

protected mixed callPolicyBefore(mixed $policy, Authenticatable $user, string $ability, array $arguments)

Call the "before" method on the given policy, if applicable.

Parameters

mixed $policy
Authenticatable $user
string $ability
array $arguments

Return Value

mixed

protected mixed callPolicyMethod(mixed $policy, string $method, Authenticatable|null $user, array $arguments)

Call the appropriate method on the given policy.

Parameters

mixed $policy
string $method
Authenticatable|null $user
array $arguments

Return Value

mixed

protected string formatAbilityToMethod(string $ability)

Format the policy ability into a method name.

Parameters

string $ability

Return Value

string

Gate forUser(Authenticatable|mixed $user)

Get a gate instance for the given user.

Parameters

Authenticatable|mixed $user

Return Value

Gate

protected mixed resolveUser()

Resolve the user from the user resolver.

Return Value

mixed

array abilities()

Get all of the defined abilities.

Return Value

array

array policies()

Get all of the defined policies.

Return Value

array

$this defaultDenialResponse(Response $response)

Set the default denial response for gates and policies.

Parameters

Response $response

Return Value

$this

$this setContainer(Container $container)

Set the container instance used by the gate.

Parameters

Container $container

Return Value

$this