Module Manager

Appearance

Authorization Actions

The AuthorizeAction enum defines standard actions used for authorization throughout Module Manager. These actions are used with the authorizeAction() helper and PolicyChecker facade to provide a type-safe way to check permissions.

Available Actions

php
use ModuleManager\ModuleManager\Enums\AuthorizeAction;
ActionValueDescription
VIEW_ANYviewAnyView a list or collection of resources
VIEWviewView a single resource
CREATEcreateCreate a new resource
UPDATEupdateUpdate an existing resource
UPDATE_ANYupdateAnyUpdate multiple resources at once
DELETEdeleteDelete a single resource
DELETE_ANYdeleteAnyDelete multiple resources at once
RESTORErestoreRestore a soft-deleted resource
FORCE_DELETEforceDeletePermanently delete a resource
REORDERreorderReorder resources in a collection

Usage Examples

With authorizeAction() Helper

php
use ModuleManager\ModuleManager\Enums\AuthorizeAction;
use Modules\Blog\Models\Post;

// Check permission for a class
$canCreate = authorizeAction(AuthorizeAction::CREATE, Post::class);

// Check permission for a model instance
$post = Post::find(1);
$canUpdate = authorizeAction(AuthorizeAction::UPDATE, $post);

// Use in conditional logic
if (authorizeAction(AuthorizeAction::DELETE, $post)) {
    // User is authorized to delete this post
    $post->delete();
}

With PolicyChecker Facade

php
use ModuleManager\ModuleManager\Enums\AuthorizeAction;
use ModuleManager\ModuleManager\Facades\PolicyChecker;
use Modules\Blog\Models\Post;

// Basic check
$canView = PolicyChecker::from(AuthorizeAction::VIEW, $post)->validate();

// Multiple checks - ALL must pass (logical AND)
$canManage = PolicyChecker::from(AuthorizeAction::CREATE, Post::class)
    ->and(AuthorizeAction::UPDATE, $post)
    ->validate();

// Multiple checks - ANY should pass (logical OR)
$hasAccess = PolicyChecker::from(AuthorizeAction::VIEW, $post)
    ->or(AuthorizeAction::UPDATE, $post)
    ->anyOf()
    ->validate();

In Blade Templates

php
@authorizeAction(AuthorizeAction::CREATE, \Modules\Blog\Models\Post::class)
    <button>Create Post</button>
@endauthorizeAction

{{-- Or with a model instance --}}
@authorizeAction(AuthorizeAction::UPDATE, $post)
    <a href="{{ route('posts.edit', $post) }}">Edit Post</a>
@endauthorizeAction

Benefits

Using the AuthorizeAction enum instead of string values provides several advantages:

  1. Type Safety - Compile-time checking prevents typos and errors
  2. Code Completion - IDE auto-completion shows available options
  3. Refactoring Support - Easy to find all uses of a particular action
  4. Standardization - Consistent naming across your application