Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon What are the steps to use the php artisan moonshine:policy command
    Laravel MoonShine php artisan moonshine:policy policy class access control Laravel policies MoonShine policies Laravel authorization


What are the steps to use the php artisan moonshine:policy command


To use the `php artisan moonshine:policy` command in your Laravel application, follow these steps:

1. Open Terminal: Navigate to your Laravel project directory using your terminal or command prompt.

2. Run the Command: Execute the following command to create a new policy class:

bash
   php artisan moonshine:policy

3. Locate the Policy Class: After running the command, a new policy class will be created in the `app/Policies` directory. This class will be bound to the admin panel user.

4. Implement Policy Methods: Open the newly created policy class and implement the necessary methods for your resource. Common methods include:
- `viewAny`: Check permission to view the index page.
- `view`: Check permission to view a single resource.
- `create`: Check permission to create a new resource.
- `update`: Check permission to update an existing resource.
- `delete`: Check permission to delete a resource.
- `massDelete`: Check permission for bulk deletion.
- `restore`: Check permission to restore a soft-deleted resource.
- `forceDelete`: Check permission to permanently delete a resource.

Example implementation:

php
   namespace App\Policies;

   use Illuminate\Auth\Access\HandlesAuthorization;
   use MoonShine\Models\MoonshineUser;
   use App\Models\Post;

   class PostPolicy {
       use HandlesAuthorization;

       public function viewAny(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function view(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function create(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function update(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function delete(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function massDelete(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function restore(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function forceDelete(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }
   }

5. Register the Policy: Ensure that the policy is registered in the `AuthServiceProvider` if necessary, linking it to the corresponding model.

By following these steps, you can effectively create and implement a policy for your resources in MoonShine, enabling fine-grained access control in your Laravel application.

Citations:
[1] https://moonshine-laravel.com/docs/resource/advanced/advanced-commands
[2] https://moonshine-laravel.com/docs/resource/advanced/advanced-authorization
[3] https://moonshine-laravel.com/docs/resource/models-resources/resources-authorization
[4] https://laravel.com/docs/11.x/artisan
[5] https://github.com/SWEET1S/moonshine-roles-permissions
[6] https://github.com/natthasath/demo-laravel-moonshine
[7] https://github.com/SWEET1S/moonshine-database
[8] https://moonshine-laravel.com