Skip to content

Fully customizable and tests supported Laravel admin dashboard 2.0

Notifications You must be signed in to change notification settings

jcergolj/laravellte

Repository files navigation

Fully customizable and tests supported Laravel admin dashboard 2.0

Intro

This is a boilerplate for opinionated Laravel 8.0 admin panel build with AdminLTE 3.0 theme, Alpinejs 2.0, Livewire 2.0, supported with tests and optional feature branches.

Contents

Have total control of the code

Sometimes packages are to too big or too cumbersome to use. Other times package doesn't have a critical feature that you are looking for and you are doing some hacks to get around it.

What you are missing is having control over the code, and now you have it! Don't like how a new user is added. No problem. You can amend the code however you like. No more forking packages and messing with their code. The idea is to create branches of standard features and make them available for others to merge them into their master branch.

Summary

  • Laravel 8.0, Alpinejs, Livewire 2.0, AdminLTE theme 3.0 ✔️
  • Login ✔️
  • Forgot Password ✔️
  • CRUD for Users ✔️
  • Welcome email for a new user with a link for setting up a new password ✔️
  • CRUD for roles (basic auth system) ✔️
  • Option to assign route based permissions to role ✔️
  • Profile with change password, email and user's image option ✔️
  • Confirmation email to confirm a new user's email ✔️
  • File scaffolding ✔️
  • CI included (github actions) ✔️
  • Over 200 tests included ✔️

Feature Branches

Here is the list of supported feature branches. By merging them into master you unlock new features.

  1. User Registration
  2. Simple Role Based Authorisation

Installation

After installing Laravel you should run those commands:

git clone https://github.com/jcergolj/laravellte.git
composer install
cp .env.example .env
php artisan key:generate
npm install
npm run dev
composer cghooks update
php artisan migrate:fresh --seed

Care for the code

Let's face it. Sometimes we are sloppy, and we don't take the best care of the code. I added some useful packages (isn't it ironic) to take as much burden off developer as possible.

"php artisan insights --no-interaction --min-quality=90 --min-complexity=85 --min-architecture=90 --min-style=95"

Files Scaffolding

For CRUD actions you might consider using built-in files scaffolding command. It generates files for Index, Create, Show, Edit and Delete actions like this:

php artisan make:ltd-component bla --index --create --show --edit --delete

You can omit any of the options. If you wish you can update the stubs files as you like. There are comments in scaffolded files acting as a reminder for you to amend the code. You can find then by typing: index-review, create-review, show-review, edit-review, delete-review. Factory and Model scaffolding aren't included in this command.

Authorisation

Laravellte uses role - permissions based authorisation system. Only users with Admin role can add new roles and assign permissions to it.

About permissions

For new resources permissions are added through PermissionsTableSeeder. By convention the main permissions type are index, create, edit, show, and delete with resource in plural prefix. Example: users.index. Having said that, you are free to add your own. However you'll have to review/amend the code.
Based on convention route names must be on of those types: index, create, edit, show, and delete. See example.
For livewire components the convention for naming them is as follows: you have to use one those types follow by resource name and then Component. e.g. IndexUserComponent All Livewire components must use HasLivewireAuth trait. Here is implementation.

Owner restricted for index pages

When adding permission to the role, there is an extra filed called owner_restricted. If owner restricted field is true for any index page user with that permission can only see its own resources. However, in order this to work, resource must have owner_id filed and VisibleTo global attached in boot method.

Owner restricted for show, edit, delete actions

If owner restricted field is true for show, edit and delete types, user can only amend resources that he owns.

Owner restricted for create

For create types owner restricted is ignored.

For Route Gate

In the core of it is ForRouteGate that handles authorisation. The honourable mention goes to Authorisation Middleware.

Authorisation cookbook

  1. Apply permissions to the role.
  2. Make sure that Authorisation middleware is applied to resource's routes Example
  3. Make sure routes and permissions are named resources.index (according to convention) Example
  4. Make sure VisibleTo global scope is applied to models Example
  5. Make sure HasLivewireAuth trait is applied to all Livewire Components Example

Warning

For Admin Role permissions restriction do not apply.

License

Licensed under the MIT license

Contributors


Janez Cergolj

Horacio Degiorgi

Chris Thompson