Adding Access Control to Laravel Nova - Building Onramp in Laravel, Matt Stauffer Livestream

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

we might have to switch to just using my crappy camera if I can't get that working let's take one more time and see if it works and if not all right let's crap camera day no idea why that happened but we're just gonna go with a crap yeah I know that but it's just let's see which camera is that that's the built-in iMac camera it's not really what I want but hey as you can see me so all right so I'll probably have to redo that same thing when we switch over to the actual streaming so hey everybody welcome to the latest issue of technical difficulties with your friend Matt so here's what we're gonna be doing today we are going to be working on howdy howdy howdy howdy when you're working on Nova so propria access so let me actually share the screen with y'all and so we can talk about what we're doing together I'm a little flustered with the whole camera issue so just trying to get everything where I want it to be all right so let's go to full sharing and yep the camera here is not working either so let's switch over to my overlay real quick so I can get this camera hopefully functioning ish oh this is frustrating okay we are working on on-ramp hey nerd rekt nerd roid I'm doing good so yes so here's the the general deal Mondays we work on zuzana zap Fridays we work on on ramp so Monday's are learning laravel days and fridays our own ramp days so what we're doing on on ramp today I change the stream title in twitch but I guess it didn't work so that's frustrating let me go check that real quick I change this I went into twitch and logged in and changed it to say on-ramp technical difficulties everywhere twitch is sewing the right title right now okay maybe YouTube showing the wrong title okay so it must just be the YouTube that's the problem or something I don't know anyway hey JT alright so hey friends thanks for hanging out so this is what we're doing a reset fixing giving up on technical difficulties dealing with the wrong camera being our connected 1 and we are working on unwrap so with honor last time we added Nova and what I'd like to do with Nova there's a lot of things I'd like to do but the thing I think we can kind of segment out to a single session is allowing other users other than me to use nobo and so what I'm thinking right there is what we're gonna do is we're gonna add two different user types in Nova and appropriate access permissions freeze each and then we're gonna test access controls for the two other user types and then if we have free time we're gonna actually allow those user types to do interesting things okay so that's what we're planning to do for today alright so right now the only people who can log in are those who are gated by I'm trying out vs code today so Justin just in terms of technical difficulties we're gonna have even more technical difficulties as I learn a new IDE so the people who can use it right now in non-local environments are me so what we're gonna end up wanting to do is do a gate that actually has something to do with people's role instead so the interesting thing is my guess is that because this is those who can access nova and long non-local environments this is actually going to be hard to test locally and I don't remember I've done this multiple times but I actually don't remember how I did it last time but I kind of feel like what we're gonna essentially do here is we're going to make a policy a user policy so let's just try ours and make policy user policy and see where that takes us oh now use your policy we want to add user sorry Paul so user pop the policies would affect whether or not they can access the modules and the tracks and other users so I guess actually we do kind of want those what we really want is just something that allows us to use a role based system for our users and so there's a lot of different types of systems that are out there for access roles in laravel and if you've done any streaming with me you're probably familiar with the idea that I always want the simplest possible option so you do just look like like a label ACL or a layer of all roles or stuff like that you're gonna see lots of different options there's tons of different people have it there's a very complicated package that spot C has is there's some lighter packages but the thing is there's also the majority of ACL can be done in ACLs access control can be done directly from no I got it so I can see hey Alex stinky stinky stinky stinky stank my a is a with an umlaut in German so I'm always trying to do my German e-mount noises so what I want to do is try and use levels native ACL as much as possible and not worry about it in terms of billing some big complicated system because really in essence what I'm imagining it's basically our user has a new thing that's called role a property so and it's basically going to be for now let's just make it a string and that the roles are gonna be admin let's see admin editor and user and we'll kind of go from there so I'm gonna do that I'm gonna say artisan make migration add roll column or maybe field thanks for following AK Canali add roll field to users table and then table equals users I think that's how you do it not model equals yeah I think that's what we want add role field the users table cool so by doing passing that table equals equals users we got this prefilled in sway to do less work there what are you squawking about ot meant I forgot I had T line sitting here alright Teelin if you're not familiar with it is a Titan tool that basically applies Titans preferred coding styles or to your as hints to your IDE so we want to do is add a new column that right now we're just gonna make it a string you can ask me later why I don't believe in he numbs and MySQL and so table will drop column and it's gonna be called role and the default will be user oops and we'll probably want our user factory to factory people at various roles alright so it always takes me a second to remember what the best way to do an a random array helmick's there's three options or a random the function or and the the lair val thing and then there's also faker has a random element I believe this is the most consistent one because it pulls the an entry if you don't have keys and values but if you have keys and values it pulls the value instead of a key so I think I this is where I want to default although like I said I'm still getting used to this IDE and I have to okay that's the way it does it okay cool all right so our options are admin editor and user hey cocaine dealer one all right so let's see how our tests are looking everything's broken array R and must be array random so that's user factory-new that call that's why tests are good they tell you when you're typing the wrong thing okay so let's go back to our so we've got our users are randomly generated as having that lets go to our nova user resource and we want to set it up so that okay what are we squawking about here like I said new IDE alright Tila it says should be alphabetically got it right that's oh these ones aren't alphabetical got it okay cool so in our Nova user model I want to be able to put the role in there as an option so it's probably gonna be some kind of a drop-down it's my guess see this thing right here this team hunt squawk that says you shouldn't have a leading slash I thought we had fixed it I might need to update my teal and because this leading slash is fine if it is a representative string so I'm gonna keep that as it is alright so we want to be able to add a new item here called role import facades don't use aliases and you might need to have the team int folks watch this stream to catch the bugs and we're finding into Yulin ok cool so what we want is a select and I'm trying to remember no arrow at comm slash docks I think it's call this select but you just go to the fields and you figure out if you're gonna define a field you've got all these different field types and I just got to remember we're just starting anova if you've watched this you've only seen us install Nova so with Nova when you're defining the things that are editable in an individual resource you've got all these different field types and so we're about to add an entry to our users table so that we can define on any given user what role they are did I make a live stream game some cues about twitch chat you did make them live stream thanks for hanging out and somebody else can teach you about how twitch chat works because I'm a total noob here alright so the reason that I can't edit this user is because I made that Nova policy a second ago so let's real quick get my github desktop set up to the correct repo and know I can get rid of that user policy because by default the user policy does not let you do anything so and I shouldn't have done that right now so now when i refresh this see Nova magically reads your policies if you just delete it I'm surprised it does that do a composer dump autoload and okay there we go so when I'm editing this user I want to be able to change what their role is and so let's go back over here and make a new one so what I was showing you is that in nova docks can show you all the different field types and so you've asked the question let's say I just added a new field called role what do I want my options to be and you want it probably to be a drop-down which would be a select although you might want a radio field or something but we're gonna do select for now so you put your options in here right now we're just hard coding these options but I imagine eventually will end up making an enum class of some sort that represents our options just like we have for other things around here and so you've got this thing and again new IDE so I've got to remember how to import things or figure out how to import things okay cool and so what do we want this thing to be named we want it to be named role and our options for role are admin editor and user and so then though the right side of the the labels and then the left side of the actual keys so okay cool so let's go back to our user editor and look we've got a role right now this this mat stuff for user has no role because we haven't migrated yet so let's migrate and now it should be a user there you go so the next thing we should do is boot mats tau for user because users shouldn't be able to go in here right so let's go into our code and I'm interested to see whether you can test who can get in through here my guess is the easiest way would just be to make a unit test that checks the via Nova the IDE is Visual Studio code I've been using sublime text for quite a while but I'm gonna I've been having a lot of trouble with my vim my vim plug-in in there to the point where it's really slowing me down and everyone at Titan is switching over to the S code so I figured I'd finally give it a try alright so I think we can probably write tests against this gate to see who can get in so let's see if we can do that real quick so artisan make test Nova access test and then Nova access tests and all right so what do we want to test user our users with roll user cannot access Nova and then we'll do that same thing except this one will be with roll editor well actually no that's not true they should all be able to access Nova just kidding everyone should be able to access Nova sorry everybody I was remembering wrong what we're gonna do so this is not actually gonna work for now we probably will eventually do something in here because we want to be able to test whether they can access certain parts of Nova but most of that is going to be defined not by a specific Nova gate but rather by policies on these resources so I'm not using my brain correctly let's reset drink a little bit more coffee alright let's get back to it man I am still so bummed that this camera didn't work I think that's distracting me that on my cameras your y'all seeing like the top of my head and then my torso should sell advertising like right here on my shirt okay so we are what's the first thing we should do well let's make sure this works actually can I can I update the editor great cool okay so we're not going to test to that because that would be just testing that Nova functions so we've made me an admin user so why don't we make it so that we can assert that admin users cannot edit our user users cannot edit modules or tracks so what I'm kind of thinking here is that users can't do any of the traditional Nova editing because users is anybody who signed up for Nova right and so what we're instead going to do is make it so that all that users can do in Nova is access a special section that allows them to suggest things and so we're gonna actually probably create a new he called suggestions because otherwise we're gonna have to allow them to edit things like the resources you know module and then be able to like you know create but only create in a certain form and all that kind of stuff and that's really complicated because all of a sudden we would introduce like not yet approved things that you know random users have suggested and so what I'd rather do is have a have a specific section in the site that is for these users to look at and I'm realizing that that's a little more complicated so let's step back a little bit say what do we want people to do who are editors and so I'm the only admin so an editor would be someone who I privileged an on-ramp and said whatever changes they want to make in this tool I trust that it's the right decisions for this tool so I think I would say I probably don't want them to edit users let's say that's only something that admins can do but let's say all the content editors will be able to make changes to ok so these are pretty powerful editors so let's drop this nova access test and instead we're gonna do policies around modules and stuff like that so let's make a policy for modules because that's one of the things that we built out and OVA already and so we want to make it so that users and admins can edit modules and see them ANOVA but user like users can no sorry editors and admins can see how Nova users cannot so we're gonna make a module policy and I think the way you do it is model equals module like that but we'll see if that works hey John all right mob jul policy ok yep so now it is type hinting so if anybody's not familiar with policies and they're evolved what they are is access control things where you're defining that these users can view the other thing create the thing and then when you're looking at update and delete and force delete you're not just talking about whether they can do that in general you're now talking about whether they can actually look at this update delete this specific module can they restored this specific module so sometimes it's gonna be you hey if you have the permission to do this you have the permission to do this but sometimes it's your ability to modify this module is gonna be tend on your relationship with this module were you its creator or whatever else hey miko welcome so let's come in here and say who should be able to view the modules thing editors and admins so there's a couple different ways to do this one of the things that you do something like this NRA roles is you user and then you know edit our admin that's that's one way another way is to add methods on the user that have to do with is at least an editor hey Chris things like that or role is greater or than or equal to and a lot of people like to use integers for their roles because then you can use simple comparisons right user role is greater than two is equal to that the problem is when you use those integers it's very magical to me and I don't really like it that much this is the simplest one let's think a little bit about whether we want to do something simpler with this also one of the options we can do is do something like this is at least editor and we can kind of stub out the idea in here and then if we like it then we may end up moving it on to the user itself and so you can do something like this because this is just basically an extract refactor of this idea is that not what I just copied all right so this would end up being [Music] user is at least editor user or something like that so let's just take a look at that and see first of all okay cool so no but honors that and so the moment I come in here and I am a user I can't get in that modules thing at all so we just locked it down so that users cannot do it that's the simplest possible thing the interesting thing is that didn't actually change where they can do the rest of these things and so one of the things that is common is to do a global one in policies what is this Tina is so because I did a private function up top and Tina doesn't like that so that would have gone down here yeah sure you know what I'm okay if it's public I don't really care so one of the things that we could do so there's things that you can do in policies outside of just these ones that are Auto filled and there's like a before and an after I think so let's just look at the level Docs for policies because there's a few let me find it intercepting gate checks here you go so you got your before so basically before allows you to say ignore all of these if somebody is XYZ then we're just gonna pass them through and it's usually the super admin concept and usually right now that's basically you know going to be me whatever the thing is that we're doing you can do that so this right here would intercept it for everything but on a policy there's one that I believe is also called before let's go take a look that would do the exact same thing yeah here you go so on a policy you would have a foreign method that basically so so we're going to do that because right now we're gonna allow editors and admins to do everything so we actually don't even need to worry about that on the view any because we're actually just going to turn this into the before and so now we just basically say if the user is at least an editor then return true so now we don't have to write it in all of our methods all right cool so let's go write some tests for this real quick so let's call it make test module access test call it that for now just to be super safe so I never was into what's that called super Sayan the uh the thing that you're referencing there I have never actually watched but I am aware of it your stupid Super Saiyan is how what it is okay so module access tests so the simplest thing we want to do is basically just assert that somebody who is a user so that basically any time you find yourself testing something in the browser you want to write a test for it so users all right users with user role cannot view or let's just call it edit module so let's just kind of just broadly do that Dragon Ball Z thank you that's what it was so you want to make a user with that role you want to remember that your new IDE you do imports differently nope okay all right so we created a user and then we want to so there's a couple different ways to test the user you could do things with like user gate or with Impala policy gate but one of the things you can do is just say this assert false user can and I think it's gonna be edit and then the class I think is how it's gonna work so module class new IDE come in I think that's what we want right there and so user without editor admin roles can edit modules well that's not actually what we're testing because there could be right now this test only tests that a user with the user role cannot edit modules and so let's say we're to add three other roles this wouldn't wouldn't be testing those three other roles this one would only be testing this particular one so you want your tests to really line up with what you're actually testing in case later you need to test something else so okay so let's just run this one real quick and see alright so that looks good so let's see if we get the inverse here so users with editor role can edit modules and so we're gonna start true so yes what I was saying earlier is that levels um thanks John so laravel ACL system is built-in magically everywhere and so once you define that policy every other aspect of the rest of laravel is gonna smell that there's a policy and say OOP there's a policy I'll apply it and so that's why you get things like Nova just automatically reads the policies and boom it's done you know to think about it and you notice the fact where an earlier one at a user policy that didn't allow me to do things all of the little buttons that would allowed me edit those users just disappear it's and it's amazing so what we do here is that this user every user gets a can method on Eric and then cannot method that allows us to test these policies and we have to write any of this all we had to do is write the module policy and it's Auto discovered that it's connected to the module and so that's it we don't even have to bind this policy and now when I say user can for the module class it goes and inspects this module policy and it passes it in and because we have this there's a global before it'll just basically well so this global before is the one that's gonna allow these people to get a yes and then since since this person here doesn't get hit by the global before on the Edit method it's gonna go down to update that's actually checked to make sure that we're using update instead of edit and then we'll go here and it assumes false unless you return true so let's actually go update instead and I am curious whether when you're running these tests with the strings like this because this is not how I used to do it but people have suggested I used to actually manually call the methods in the module policy in my tests I wonder what happens if you just do this and one of the nice thing actually let's let's keep it because if we do edit this should be false - because edit is not what we defined we didn't define edit we defined update so let's see what happens when we run edit and my guess is this one's gonna be false - so we'll just filter out the module access test syntax because I made a typo somewhere I deleted a closing brace all right so right so this is what happened this one is a failure why because we're checking to see if you can do something but we didn't define it and if you don't define it it says no you can't do that thing you didn't define so what what should we have defined is update because that's what the actual policy says okay so what users with editor roles can edit modules user can't update hey Junaid tonight so this is interesting so again this is not how I used to write these tests what I used to do is I would basically make a module policy or I'd use the gate helper or something like that but let's just you know we could just say new module policy and then I'd basically like actually test the methods on there the reason I've been told that it's better to do it this way is because this is actually going through Larry Bell's ACL system which means you're gonna get things like the before so actually this does too but yeah so I would do um untrusting okay so why are we getting a failure on this one user can update module class so I feel like we should hit this before and we should see that the user role want to make sure that we're not getting this wrong okay duh Matt okay cool so thanks for following the wolf let's play yeah thanks visit to 23 the wolf let's play laravel is a PHP based framework sort of like Ruby on Rails except it is laravel on PHP yeah thanks y'all totally missed that so one things you often do here is that instead of passing these things in you would create factory States for these so you'd create a state for user a state for editor and stuff like that and we may end up doing that a little bit later but yeah it's totally because I'm an idiot and just forgot to change this so now I want to go back and test that thing that we tested a minute ago what's going on number one frustration I've had with VIU's code in the you know three hours that I've used it so far is the command D multi-select does not work the way I want it to all right cool so this is what we expected this one is failing because are they both failing if this one's failing because edit is not something we defined so if we go back to the thing we actually defined now it's working as we expect it and so let's actually rename both of these from edit to update since that's really what we're testing okay cool so now let's real quick do this for the admin and then get back to some actual Nova stuff well then the cool things about is this is Nova stuff right this is using Nova as much as possible it's just relying on the built in functionality of the framework all right kind of quirky nitpicky but you said there's a cannot so it wouldn't be better assert that it's true ask yeah why don't we do that I think it's a great idea no my editor is not the zoom day-to-day this is I turn up my font and make a higher contrast thing and I also make my screen much lower resolution before I stream because a lot of people watch these on the phone and so even this is kind of hard to see in the phone so I'm always trying to make it easier and easier in that all right so Vistage 23 said why don't you use why don't you assert our cert true on cannot I'm not actually now that I think about I'm not sure cuz it will feel a little weird that all three are true because your brain is gonna take a second longer to go over it cannot but let's just see to make sure yes so that does work I kind of think well you know what uh six of one half dozen another yeah I'm gonna keep it as a false because I think that it helps my brain just a tiny little bit that we're testing the same thing but we're making different assertions about it but that is very very much a personal preference and thanks for bring that up visit 223 okay cool so have we broken any of the rest of our tests no we have not alright so we now have the ability to define that only editors and admins get this before catch that allows them to do everything they want with modules and so if I'm logged in as a user I shouldn't see modules at all and if we were to go test all the API routes ourselves manually it wouldn't let us do any of them so now let's go make ourselves in an editor and we should be able to do it all right so I'm an editor now and I had to refresh because of the way it does caching but now all of a sudden I see modules and I go to modules and I can make changes to the modules now one interesting thing we could do is make it so that editors can't edit existing modules they can only create new modules there so there's a lot of differentiation we can do and I'll probably end up kind of tweaking and nuancing that as I think about who I want to make editors and what things I actually want to ask them to do so yeah people interpret differently expecto Thalia personal preference type thing can you extend laravel to add assert user cannot yeah certainly if you want so there's always the question of if you're writing stuff like this you know like and actually I wouldn't be surprised at all if there was like an assert can when you pass the user but the thing is this is this is so clean right like people are very so what I'd like to do is like use the conveniences when they really make a big difference in the readability of it but assert false and assert true are so common and then you say okay like so you're just so used to what this means I'm gonna assert that whatever happens inside these prints is negative and then what is it I'm asserting false on user can do this thing okay cool edit any versus edit own is a common thing yeah totally and in edit any versus at it own that would be in here the thing is right now there is no own nobody nobody gets to own a module and so either you have access to see all the modules access to edit all the modules access to add modules and or no access whatsoever or maybe the ability to suggest those things so and that really the big question here is going to be how am I going to a lot what interesting things are we gonna allow common users to do in Nova and the primary goal for it is because right now if you go to the on-ramp repo almost all the issues are about content and these content issues are things like anything with this content to add are about because right now there's no easy way for someone to come in and suggest hey here's a piece of content I think you should consider and I think this is fine for now but I'd like to No hey if you have an idea for a piece of content going to Nova we have a little custom thing that just allows you to suggest a piece of custom content that's it Alejandra what are we building we are building on ramp which is a tool for people to learn how to become laravel developers as quickly as possible today what we are working on is adding Nova which is an admin panel tool for laravel we added it in the last stream and in this stream we are working on user roles why aren't you using the database transaction trait so the refresh database trait in our test is a new trait as of a couple versions ago that basically pulls in it combines basically database transactions and whatever the other one is so I think our I always forget which one it is but basically this is this is the there's there's three different database traits that laravel provides for your testing and this is the latest and most water modern way of thinking about it so there used to be one that was database transactions and then one that was I forget what it was but it basically nud up an entirely new database every time instead doing transactions and refreshes the current preferred one junaid as in aid sorry B distraction using layer well since for difficult to write tests every time I regret it any solution of that yeah write the tests as early as possible give yourself a lot of grace and every single time you find yourself so if you're in a brand new code base every single time you find yourself building a new thing and constantly going in here and changing a user thing whatever that's the thing you should test and if you're working with an existing code base the easiest thing to test is the thing that would be most likely for you to lose your job because then you know what stresses you out every single time you write it change to your code you have to go click through that route or whatever because you're worried about it go right outside in acceptance test if you can't get it working in in laravel and PHP unit then do it with dusk so you're actually just clicking buttons but whatever it takes cover your butt and those are the easiest and most valuable tests you can write and start from there and also just if the more you watch people do testing the more comfortable the ideas of what testing look likes works for you so the thing that got me testing the most was working with Adam Webb long before he wrote his the testing TDD book for her laravel and he and I pair together all the time and he had a much better understanding of testing than I did at that point problem this still does now and so just working day to day and watching and asking the questions of each other of how should we test this thing is just doing it that made it easier to do so for example here what I just wrote was a policy and so what am I trying to do I'm trying to ensure that users can do can do one thing and editors and admins can do another thing and what did I do I open up the browser change myself from a user to an editor and add to an editor to an admin to test manually that the thing is doing what I want so what's the next thing I do I test automated Li that that's how it's going so by the way I'm just noticed that my audio shows clipping a little bit so if any of you are hearing it clip just let me know testing is so much harder than Drupal and WordPress yeah Larry what makes it so easy what are your thoughts in tinkerer well app I think it's cool I think it's a fun idea I've got it I had it open a second ago oh yeah I got it I think it's cool I love the idea thank you for subscribing donor jäger 3 speaking of german chairman as it gets what's up thanks for joining I'm very happy to have you here can we associate a language of the editor and admin so they can manage language specific content user a has Spanish as their first language so they're trusted to validate and add Spanish content huh we could interestingly right now I think that I'm gonna start from a level of trust I think we're I think that anybody who I've given permission to be validating attic Spanish content I don't worry that much that they're gonna break it's definitely clipping okay thank you let's hopefully that's a little better I don't see a clip there okay cool and y'all if one of the things that I'm constantly changing my environment between recording with suzana recording on my own and then making YouTube videos and so it's taking a while for me to always like reset my environment back to where I want it be for each new a new thing so not everyone gets Adam Wathen I'm not sure what that means another one gets to work with him yeah sure but he has a course test-driven laravel that everyone should watch but somebody mentioned that there was some lyric ass content about it's very good but honestly just hang out here I mean we're doing testing so if you want to learn how to test I'm testing everything I'm doing and also watch the on-ramp commits I recently pushed in I took a pull request from somebody else and I added functionality and a bunch of tests so go take a look in here and Marisa who often hangs out on the stream built this whole wizard concept and it introduced a lot of ideas and so if you just go tests down here you got some tests here and so you can see like how I'm writing tests when I'm not stream with you and also what to do is I'm leaving around so Jason McCreary has a good course in testing as well oh cool I did not know that he has a he has a single-page thing on testing that I think is really good and I'm really glad you mentioned that it was just like a blog post that was sort of like a like a sort like a book on a blog post type thing and yeah start here for sure this is good I mean so I got to be honest I've never read through this whole thing as someone who doesn't know testing but I think Jason's a great guy and this looks like a pretty easy to read guide and it's free so alright thanks Dustin I really appreciate it I own everything Adam has ever sold yeah Adam is brilliant ok cool so let's go back to what we were doing we want to finish making our permissions good ish and then we're probably going to build out the rest of the Nova resources and then if we have time I had mentioned allow users to do interesting things so let's real quick talk about what we did we built a are added roles to users build a module policy talked a lot about getting started with testing donor jäger laravel is a PHP framework sort of like rails but for PHP instead of ruby and on-ramp is a tool that I'm building to make it as easy as possible for people who want to learn laravel and get jobs as level developers to be able to learn everything they need to know right off the bat for free and this one little application today we are adding an admin panel called Nova to laravel to make it possible for people other than me to make modifications to the data because up until now all the data has lived in git we just moved the data in the databases so now I'm the only person who could administer it which is why we're adding Nova so people other than me can come in and administer the data that powers on-ramp thanks for joining and thanks for asking all right so we added roles to users we built a module policy for gating access to modules in Nova we talked a lot about Gangstar with testing so what I'm going to do next yeah that's the testing post things we are going to finish doing access permissions on the things that we built so tracks and users and then we'll go add some more Nova resources because there's more concepts in our app other than just modules and tracks that's just as far as we made it last week so let's um let's see what else we're gonna make we're gonna make a module policy Maldonado's test so we can really duplicate those four tracks cuz tracks and modules are very similar so we can let's see where as policies live as at policies so yeah so copy at policies module policy to app policies track policy and then copy app and where is this module tests feature module access test two tests feature track access tests okay let's just go edit those and then oh you know what remember the whole thing where I'm having trouble with vs code and multi-select this won't present itself really strongly when I'm trying to rename a whole bunch of things it is I'm now gonna take forever because I can't figure out how vs code does multi-select yeah and y'all are gonna have any opening sublime text literally just do this cannot update tracks goodness should be I'd be done by now in sublime text but that's a cancerous cuz I need to learn it's okay I'd click this DD and then start typing but look envious coded deletes the first one but not the rest of them why you ask I have no idea no okay now I do of them but not all three all right we're just gonna go up on that somebody's gonna teach me later and then seventeen people are gonna chime in in the YouTube comments about a year after I put this online telling me about how I should have handled it okay track access test let's run the track access test it's gonna fail because we haven't done it track access test just change a binding to command D this is why we always crawl back to phpstorm a to it so there's a ton of people that Titan who really love working with code and I'm sure that I will figure this out so I'm not being a hater I'm sure that I'm gonna switch to it and think it's gonna be great ctrl alt down so command alt show command option I hope that's not it let's try it command alt shift down okay command alt shift down if that is a native beat keybinding no that's not it that's that's multi line select not a multiple select Milosh says just change the command e but that the binding is changed to command e I have added the sublime command alright cannot redefine or reclaim the modular policy that's because we renamed at track policy but we didn't actually change the class in here so let's just go there track policy okay cool no it does work because literally copying it was all we did okay so sorry everybody I'm bouncing around a little bit and I know it's probably hard to follow if you're new here so what we did was we added a new constants of week let's let's go back bit by bit we added the roles filled the role field to our users and then we also went into our Nova user record and said when I'm editing users in Nova I want a drop-down and select drop-down called role options of admin editor and user okay so and then we also went to our factory and said if I'm generating a random new user give them one of these potential roles all right so let's start with those and commit that so add role to users all right and then after that we built out module track access and policy so our so we're not as access testing policy so we're not done with that we're going to do that for users as well and then we'll kind of go from there no worries who's gonna press alt f4 photophobia funny it should work yes much I know it should work but it doesn't work that's the problem and I've spoken with several people at Titan to say oh it works for me we thought we had fixed it because we tried to change the key binding there was some dim key binding then I got rid of but it turns out it didn't fix it and I'm not gonna sit around for too long and deal with it I'm just gonna whine about it and then keep going and fix it hopefully between now and our next dream command key that's the solution okay so what are we doing we are also making a user policy and you know what because of that I'm just gonna do it this way make policy user policy model equals user and make test user access test and then we'll just copy those things over so user policy we're just gonna grab the user gate and so one of the things you noticed is in all three these policies we have this in array user role editor admin and one of the smells for reef actors is that if you see the same piece of code three times that means that's when you want to start thinking about don't repeat yourself because now the knowledge of who should get super admin access to these is now across three policies and when you hit three places that's when you want to start asking the question of is this something I should extract out and so that's where we would probably end up putting something on the user where we do something like is at least editor or something like that so or can edit content or something like that so we're probably gonna do that because we've now extra copied this same list in three different places and that's a smell okay so let's go over to our user access test and then our user policy our track access test and we sit here wish I had better agent ability in my IDE let's grab these three you know what copied or generated and we're still gonna have to do string manipulation in here okay so frustrating you know I just remembered I switched to this so I have functional vim bindings so I actually could just use my vim bindings here but too late okay cert false user can okay so why are we getting squigglies under that what am I missing here this do you in error what search for yep thank you so much I just don't think I want to do that I'm militia I really appreciate but I just don't think I want to do that on the stream because we don't have a lot of time on stream and I don't want you to all have to sit around and watch while I fight with my IDE instead you can just watch me program a little more slowly and then whine like a baby about it okay let's see how we're doing okay cool so I face the same saturation and make a trait that contains all policies and use that trait and every policy if I need yeah that's an interesting idea as well is to make that a trait where you basically pull in this before you pull in you know so one of the things I had done earlier in the stream has done something like you know private function user is at least editor and then you pull that in as a trait but I don't mind the idea that there might be other times when we want to know the users at least in admin so what we could do here is just say public function is at least editor and then that's where we would move that code into right here [Music] I'll do that in all of our policies so you basically do that instead and then you remember your semicolons no I think I'm okay okay at least admin and I'm okay with this it feels a little gross to have like is at least because then that's assuming it's gonna be a perfectly hierarchical and growth and like move up and what if the roles aren't perfectly aligned that way well if you say is at least admin or editor then you don't need to because the the phrase at least means at minimum and so an admin is at least an editor and an editor is at least an editor and so then you could also say something like function is admin or something like that you know if you wanted to so and we may build that later if we need it we're not gonna build it now oh the delay oh that's so frustrating we were true we'd try to configure my twitch settings such that it was a really minimal delay so sorry anybody who gets that problem with the lag okay hawk ass so let's go to grab this same method and we're gonna go over the user policy and the module policy and module policy and we're gonna do this okay cool so in theory we've now basically just built out basic pope or died user the module policy I made a typo probably forgot the semicolon yep okay great so we basically just built out basic policies and build policies and access tests for modules tracks and users and they're just really dumb policies that just basically have this whole Super User concept that's all or the editor admin concept of things okay cool so let's take a look at our episode notes and say what have we done they don't pay policy so we basically done that same thing for tracks and users and then tested the policies we built okay so we've got 20 minutes no wait not 20 mins we got eight minutes had my timeline off so adding two new user types and appropriate access permissions for each test access controls for the two other user types and then bonus a lot of those user types to do interesting things that would be kind of fun but as we thought through it and thought about what we want to be really controlling here I think it's more important for me to allow us to edit the rest of the resources so in on-ramp you've got a lot of different ideas and I think the most interesting one for us to expose access to is terms in the glossary so let's go make a resource for terms so you say artisan Nova resource I think it is yes no resource artisan Nova resource as an ox asked what keyboard I use this is the Kinesis advantage - which is the ugliest keyboard you've ever seen in your entire life but it's also really really really really really good ergonomics all right so Nova resource this resource is going to be the term resource because we're working on glossary terms so let's go over to here we should see it just show up I believe oops total brain-dead thing you don't name it term resource you name it term and it expects to have the exact same name as the model and so another resource term is a resource for the terms model so it's showing them but it's showing them with the ID which is not we actually want or economic keywords for the 1 yet Dustin sigar says do you create separate resource for this page and detail page no Nova when you create a resource it creates that all the pages you need for that resource so this terms that we just did these are our terms collections HTML and CSS so by default we get this list page and then you also get the detail page for it you get the Edit Page for it and you get the create page for it now as you can see they're all empty because we haven't added fields to them yet but you don't have to create individual things is just all there Ford for you out of the box in Nova which is one of the brilliant pieces about it currently rocking a freestyle - yeah freestyle - it's freestyle tool that same we would lay out this one has cuz the thing that was hardest for me when switching to this keyboard was the layout no okay so the freestyle - is as a Kinesis but it's the normal layout so I think our go Doc's just like this one has this very work weird layout and it's got a name yeah so all the modifiers and spaces and stuff live on your thumbs this is the same as mine and this is a huge learning curve like I still have not quite adjusted to this this layout of the keyboard alright so if we were to go to our new resource we made a resource named app Nova term dot php' so remember we have an app term dot php' model this is our eloquent model over here that defines how the model interacts with the database now all of a sudden we have a new class also called term but this one lives under app Nova so this is not a model this is a Nova resource but that instantly knows hey the model I'm connected to is this one and so one of the things I like to do is not use strings like that but instead get the class off of it like that and so the question is if you're just showing a term what should be the column that it uses for its primary identifier and the answer is not ID the answer is the name so let's go there oh that's that's how it shows up if you're searching so what's our term collection I think I did that right anyway it's okay because when we get down here I'll get there Oh cuz search okay name so now if I do this I search for collections will see it there and so if I made it searchable by name but then the title will still the ID I believe we would get collections but then it would show ID one yeah so that's not what we want so we both want to make the title be the actual field that we think of it as and we also want to make its actual search ability happen based on the useful ones so now we want to make fields for the rest of our things alright questions in here ortho layout yeah more regarding resource what if you have more details with relationships and join table then you create separate resources nope just keep watching and I think it'll become a little bit clearer as we build out this resource searches for terms the search titles the thing that shows up the results yep exactly thanks Raman okay so what are our fields we've got a name field and description field and I think that's primarily it for the glossary one thing to note as these are translatable thankfully in our last stream we already pulled in a translation thing so I believe both the name and the description are translatable ya name description are both translatable so there's a field that we used on our last thing which I think was the module maybe oops Nova module and so let's use that one yep translatable so we have a translatable field here and so we're going to use that for both of them because they're both going to be translatable so the name is going to be translatable and the description is going to be translatable so our description is going to be longer than our name so we're not going to use single line on it and we ran into a problem last time where we had to specifically set the description the index locale even though it shouldn't have had to do that so let's get rid of it and see if it breaks on this one too so and the cool thing is the way we found that translatable things we just went to nova packages comm which is a titan product and we searched for a translation translatable i think our translation or something we discovered that there is a field called translatable there's actually multiple fields called that and so we grabbed this one although it looks like spot c has one of their own and instantly we could just make a translatable fields in here alright but you got a import new ide sorry everybody and so now we should see okay so i think this is where we had that problem this in theory this translatable package is is supposed to be pulling the english translocate because that's our default locale but for some reason instead it's not and so what we ended up having to do last week and we're having to do it here as well is in the f nova module as we had to tell it manually to do the index locale in english and i don't know why and i think it may be a bug in this package and I remember being very frustrated out that last time but now we're just gonna do it and not even worry about it so there we go now we obviously don't want this description to show up on the index like this because that's just making this overwhelming so there's a series of things that you can do in Nova to define when these columns show up and so we want this one to be I forget exactly I think it might be hide from index but there's a whole but hide from index yep that's it so now we'll have this one but we won't have it on the index and we'll make put commas where they don't belong glad you're making Nova live programming I've been using Nova since day one that's awesome we also have the link to resources in the term oh yeah we can do that in just a second and that will be the relationship that cigar was asking about alright cool so when you now go here to look at the resource you can see because of that that a package that we used all the different translations of it which I think is really really really clever it's very convenient and then when we edit this term let's just say we're gonna give CSS a Spanish version and I'll just call it CSS but Spanish so now if we go over here and we've got our CSS term and we switch over to Spanish BAM CSS but Spanish and then in parens we so showed it so it actually shows you the UNIX version as well very cool I also noticed that this says casting shall sheet which is kind of cascading style sheets but whatever alright cool so we have that functioning but one of the things that John mentioned is that there's actually one more thing on a term in a term can link to resources because for example if you want to if you want to learn about CSS well then we want to link you over to the resources that we have in our tool about CSS so let's go look at our term module and real quick throw them in there and then close out stream is it saved as Jason yeah translations are saved as Jason it's using the spot C translatable package I think and so it's called laravel translatable and this has nothing to do with Nova this is just a nice package that basically you take a normal thing and then you save it as Jason and then it does fall backs and a lot of clever stuff but then once we had already built it that way for the front end then there's a nova package that hooks directly into it that makes it this right here this user interface here super super convenient which I love ok so really quickly before we go for the day old on let's actually add what we did what do we do we added a term resource and we added translatable name and description fields to the term resource and then preferably we're going to be able to get through adding a relationship to its related resources it's a little confusing because we have the term called resource in our app which is basically let's switch to English because I speak English when you're learning over here there's resources but then nova calls its base element thing a resource as well so eventually we're going to need a resource resource which will be less than enjoyable to figure out and what I'm probably gonna have to do is rename the nova base resource to something called nova resource or base resource or something which I don't love yep I see used to volatile so I was going to go into our app term dot PHP and I was gonna drive over here and this right here we want to see what our are okay so we've got our resources that is belongs to many resources so then you want to go into Nova documentation and say I want to add a nova dollar Bella column slash dogs I want to add a belongs to many and so we look for our fields and you've got it belongs to many right here and so there's a literally a field in Nova that reads this belong to many off of your model and just instantly populates it so let's throw that in there resources and then again new IDE belongs to many yep and let's see how that treats us and then we're gonna be done after this all right so let's go to our collections [Music] access to undeclared static property app Nova resource model I wonder whether I imported the wrong ones somewhere here I'm curious I think I need a stack trace off that I don't think with the stack trace out of these but let's check just to make sure it's possible to actually get it to do get a stack trace over there so let's see what we get fatal throw error nova source resource dot php' I'm actually wondering whether that has something to do with the fact that they're both named resource I don't know how that would happen yeah it's exactly as thinking about the resource resource yeah I don't want to rename our resource just because Nova has that so I'd rather all these things that are extending resource here are extending a resource class that we own which means we can rename it hopefully assuming that Nova isn't part when we do that I'm curious why we're running to this problem right now my guess is that this right here instead of pointing to our class is pointing to this one yes that's what it is you can't do it belongs to many like this until you've actually built the Nova resource for it so we needed a Nova resource for our resource resource put a resource in your resource you can resource your resource so this wouldn't work anyway normally this would throw an error but because we actually have a class named resource it's instead farting so what we need to do is deal with that next time so let's take notes about that let's things to do later renamed Nova apps slash Nova slash resource to app slash Nova slash base resource and then create Nova resource resource and then relate mmm resource to modules and terms and Nova using Noah fields cool those would be our next steps and then of course we need to build a policy and tests access tests for terms and resources cool so that's our next steps for next time if you have questions about any of this between now and then hit me up on Twitter at stuff format or you can go to the comments on this YouTube I'll put this I usually put the YouTube play backs of these up about a day later I might actually get this one out later today you can put comments in there hit me up on Twitter we'll be back with this one Friday next Friday at 11:00 a.m. same time and then we'll be back next Monday at 2:45 Eastern and Suzanna and I will continue to build her family tree app and she actually just informed me that she'd like to use graph databases so we're gonna be learning about lighthouse and graph databases on Monday can you schedule a live coding video for lazy collections maybe I also could potentially write a blog post about it if it's something that people really need to learn about you can check out the gist for the apology logic I think you'd like it I'll take a look later thank you all for joining you are all wonderful let's put on the outro music real quick really wish I didn't hear this music y'all don't know how much I wish I was hearing this same bat-time same bat-channel thank you all so much for joining was a total pleasure and I really appreciate y'all's contributions and questions you

Info

Channel: Matt Stauffer

Views: 2,474

Rating: undefined out of 5

Keywords: development, education, laravel, laravel for beginners, laravel learning, laravel tutorial, learning, learning laravel, live, live coding, live stream, livestream, matt stauffer livestream, onramp to laravel, onramp.dev, php, programming, vue js, laravel nova, web development, web development tutorial, laravel from scratch, laravel admin panel, laravel acl, laravel roles

Id: wfHyeg0kFNE

Channel Id: undefined

Length: 65min 16sec (3916 seconds)

Published: Fri Nov 08 2019