Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How does MoonShine handle authorization and CRUD operations


How does MoonShine handle authorization and CRUD operations


Moonshine handles authorization and CRUD operations through a combination of built-in features and integration with Laravel's authorization systems.

Authorization

1. User Roles and Permissions: Moonshine allows the creation of user roles (e.g., Author) that can be assigned specific permissions. For instance, an author can be restricted to viewing and managing only their own articles, while being prevented from accessing others' content. This is achieved by defining roles and associating them with specific resources[1].

2. Policies and Gates: Moonshine utilizes Laravel's Gate system for authorization. Developers can define custom authorization logic in the `AuthServiceProvider`, where they can specify which actions users are allowed to perform based on their roles. This setup allows for granular control over resource access and actions[2][3].

3. Configuration Options: The authorization system can be customized in the `config/moonshine.php` file, where developers can enable or disable authentication and define their own guards and providers. This flexibility allows for integration with existing user authentication systems[2].

CRUD Operations

1. Basic Operations: Moonshine provides an intuitive interface for performing CRUD operations on resources. Administrators can easily create, read, update, and delete records through the admin panel without needing to write complex SQL queries. The operations are designed to be straightforward, leveraging Laravel's Eloquent ORM[3][5].

2. Customizing Actions: Developers can customize which CRUD actions are available for each resource. For example, they can disable the create or delete actions for certain roles by overriding the `getActiveActions` method, allowing for tailored experiences based on user permissions[1].

3. Integration with Laravel Features: The CRUD functionality in Moonshine is built on top of Laravel's existing capabilities, making it easy to integrate with other Laravel features and packages. This includes the ability to utilize Laravel's validation and data handling mechanisms seamlessly within the admin panel[5].

Overall, Moonshine's approach to authorization and CRUD operations emphasizes flexibility, ease of use, and integration with Laravel's robust framework, making it a powerful tool for developers building admin panels.

Citations:
[1] https://www.youtube.com/watch?v=fCGEd87ieEQ
[2] https://moonshine-laravel.com/docs/resource/advanced/advanced-authentication
[3] https://github.com/SWEET1S/moonshine-database
[4] https://github.com/natthasath/demo-laravel-moonshine
[5] https://laravel-news.com/moonshine-laravel-admin-panel
[6] https://moonshine-laravel.com
[7] https://www.youtube.com/watch?v=StLhum9ALpg
[8] https://github.com/moonshine-software