This is a boilerplate for opinionated Laravel 8.0 admin panel build with AdminLTE 3.0 theme, Alpinejs 2.0, Livewire 2.0, supported with tests and optional feature branches.
- Have total control of the code
- Summary
- Feature Branches
- Installation
- Care for the code
- Files scaffolding
- Authorisation
- Licence
- Contributors
Sometimes packages are to too big or too cumbersome to use. Other times package doesn't have a critical feature that you are looking for and you are doing some hacks to get around it.
What you are missing is having control over the code, and now you have it! Don't like how a new user is added. No problem. You can amend the code however you like. No more forking packages and messing with their code. The idea is to create branches of standard features and make them available for others to merge them into their master branch.
- Laravel 8.0, Alpinejs, Livewire 2.0, AdminLTE theme 3.0 ✔️
- Login ✔️
- Forgot Password ✔️
- CRUD for Users ✔️
- Welcome email for a new user with a link for setting up a new password ✔️
- CRUD for roles (basic auth system) ✔️
- Option to assign route based permissions to role ✔️
- Profile with change password, email and user's image option ✔️
- Confirmation email to confirm a new user's email ✔️
- File scaffolding ✔️
- CI included (github actions) ✔️
- Over 200 tests included ✔️
Here is the list of supported feature branches. By merging them into master you unlock new features.
After installing Laravel you should run those commands:
cp .env.example .env
npm install
npm run dev
composer cghooks update
Let's face it. Sometimes we are sloppy, and we don't take the best care of the code. I added some useful packages (isn't it ironic) to take as much burden off developer as possible.
- Before you commit, the code is auto-styled according to Laravel standards using matt-allan/laravel-code-style package.
- Next nunomaduro/phpinsights package inspects the code and alerts if code is not in the best shape.
"php artisan insights --no-interaction --min-quality=90 --min-complexity=85 --min-architecture=90 --min-style=95"
- When testing brianium/paratest package runs tests in parallel.
./vendor/bin/paratest --processes 2 --runner=WrapperRunner
- Are tests still slow? johnkary/phpunit-speedtrap package finds the slow tests for you.
- Lastly brainmaestro/composer-git-hooks package is utilized so everything is done automatically. See how
For CRUD actions you might consider using built-in files scaffolding command. It generates files for Index, Create, Show, Edit and Delete actions like this:
php artisan make:ltd-component bla --index --create --show --edit --delete
You can omit any of the options. If you wish you can update the stubs
files as you like.
There are comments in scaffolded files acting as a reminder for you to amend the code. You can find then by typing: index-review
, create-review
, show-review
, edit-review
, delete-review
. Factory and Model scaffolding aren't included in this command.
Laravellte uses role - permissions based authorisation system. Only users with Admin role can add new roles and assign permissions to it.
For new resources permissions are added through PermissionsTableSeeder. By convention the main permissions type are index, create, edit, show, and delete with resource in plural prefix. Example: users.index. Having said that, you are free to add your own. However you'll have to review/amend the code.
Based on convention route names must be on of those types: index, create, edit, show, and delete.
See example.
For livewire components the convention for naming them is as follows: you have to use one those types follow by resource name and then Component. e.g. IndexUserComponent
All Livewire components must use HasLivewireAuth trait. Here is implementation.
When adding permission to the role, there is an extra filed called owner_restricted. If owner restricted field is true for any index page user with that permission can only see its own resources. However, in order this to work, resource must have owner_id filed and VisibleTo global attached in boot method.
If owner restricted field is true for show, edit and delete types, user can only amend resources that he owns.
For create types owner restricted is ignored.
In the core of it is ForRouteGate that handles authorisation. The honourable mention goes to Authorisation Middleware.
- Apply permissions to the role.
- Make sure that Authorisation middleware is applied to resource's routes Example
- Make sure routes and permissions are named resources.index (according to convention) Example
- Make sure VisibleTo global scope is applied to models Example
- Make sure HasLivewireAuth trait is applied to all Livewire Components Example
For Admin Role permissions restriction do not apply.
Licensed under the MIT license
Janez Cergolj |
Horacio Degiorgi |
Chris Thompson |