Demo of an API using Laravel resources, policies and gates to authorize access to fields and nested resources

You can follow the commits to review the steps taken.

Features:

use the Spatie Laravel Query Builder for dynamically included nested resorces
authorize access to a nested resource using that model's corresponding policy
authorize access to particular fields using resource gates with a custom abilities map (see https://laravel.com/docs/5.8/authorization#gates)

I recommend this talk by TJ Miller at Laracon. I followed his code examples in parts.

License

Built on top of Laravel. Laravel is licensed under the MIT license and so is all of this code.

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
app		app
bootstrap		bootstrap
config		config
database		database
public		public
resources		resources
routes		routes
storage		storage
tests		tests
.editorconfig		.editorconfig
.env.example		.env.example
.gitattributes		.gitattributes
.gitignore		.gitignore
LICENSE		LICENSE
artisan		artisan
composer.json		composer.json
composer.lock		composer.lock
package.json		package.json
phpunit.xml		phpunit.xml
readme.md		readme.md
server.php		server.php
webpack.mix.js		webpack.mix.js