I am making custom permissions,
I would like them to be divided into sections e.g. orders, customers etc. and each section would have some permission e.g. edit, delete, add.
Just to check if a particular user has access I would have to start with the Section model?
Because I can't do something like Auth::user()->permissions()->with('sections')->contains('name','display')->contains('sections','order')
I would like to simply check if the user has access to, for example, order.display.
I have a feeling that this section does not make sense here.
How to do it? I know there is a spatie(laravel-permission), but there is a role division there.
Example schema of the database (user_permission is a pivot):
My advice is if you're looking for something simple, drop the sections table and just have all permissions in the permissions table. Say you had a section called dashboard in permissions you could have view_dashboard edit_dashboard etc. Then to check the user is authorised, implement the hasManyThrough logic below Official documentation
(untested)
public function permissions()
{
return $this->hasManyThrough(Permissions::class, UserPermissions::class);
}
public function permission_check($permission_to_check)
{
return $this->permissions->contains($permission_to_check);
}
You could then eager load permissions() on the user model to reduce DB queries if you are checking permission in many places.
Hope this helps, let me know if I can assist further :)
Related
I am very new into programming and trying to make some work on Laravel / Voyager.
I have a Customers table and on this table there is also Customer_Representative field where I can select / assign customer representatives from dropdown list.
What I am trying to achieve is I want each users with their assigned roles (Customer Representative) to list customers only assigned for them.
I am using this below code, but I am not able to see list of customers that other users created. I can only see the customers I / Admin created but If I login with their details I can see their assigned customers.
So as an admin I want to be able to see all customers, so I can also edit them with my login credentials.
public function scopeCurrentUser($query)
{
return $query->where('Customer_Representative', Auth::user()->id);
}
I saw many suggested to use if but I couldn't figure out how to do it.
Appreciate your supports !
If I understand correctly, you want to display:
admin users - all users
non-admin users - only assigned users
You can either change the query in controller, but if you want to do it in scope I suggest something like this:
public function scopeCurrentUser($query)
{
return $query->when(auth()->user()->is_not_admin, function ($q) {
$q->where('Customer_Representative', auth()->user()->id)
});
}
You change the auth()->user()->is_not_admin to your condition for non-admin validation. The scope utilizes the ->when() function to append the condition to query only if the condition (in this case if authenticated user is not an admin) is true.
So if authenticated user is not an admin, his query will be filtered by Customer_Representative.
I have an api that I am implementing multi-tenant based on an additional column in the tables.
For this I created a trait that implements a
static::addGlobalScope() and static::creating().
I have a user_idXtenant_id table. In this table I store the accesses that the user has.
My Route looks like this:
Route::get('{tenant_id}/products', function ($tenant_id) {
return App\Products::where(['tenant_id' => $tenant_id])->get();
})->middleware('role_or_permission:admin|seller|get-products');
Route::get('products', function () {
return App\Products::get();
})->middleware('role_or_permission:admin|seller|get-products');
The idea is that in the first route it is verified if the user has access to tenant_id and if he has access, return only the products of that tenant_id (here Polices can be useful and solve the problem).
The second route, on the other hand, must return all products of all tenant_id that the user has access to. For this, I use static :: addGlobalScope() to set the tenants that the user has access to in this way:
$builder->whereIn('tenant_id', $tenants);
The question is how to check in GlobalScope if tenant_id was filled in the model. So, if it is present, I only check the permission and if it is not present I include the tenant_id that the user has access to.
I hope I have been able to adequately exemplify the problem.
Any help is most welcome.
Thank you!
I'm discovering the Repository Pattern for my Laravel project but I have to say that I'm a bit lost once a model has several dependencies and the examples on the web are always basic and don't answer the question for more complex use cases.
Let's imagine a user on my app. He can have badges, he has different things on the app that will be slightly modified when he first performs the action (when he first sees the comments, I tell him once the different things he can do, etc), he has several "counters" to record the number of comments he made, the number of friends he invited, without having to count each entry each time.
My database looks like this:
users table:
id
pseudo
name
password
...
badges table:
user_id
badge1_xxxxxx
badge2_xxxxxx
...
I have a very limited number of badges so I decided to create a column for each of them and as soon as a user wins a badge, I get his entry (in OneToOne relationship) and I indicate that the badge in question has been won.
onboarding table:
user_id
seen_comments (boolean)
seen_results (boolean)
...
As you can see, I store each action I'd like the user to do in different columns and as soon as he has done one and I've been able to modify my app accordingly (by showing him an arrow, etc), I put the column in question to true.
user_counters table:
user_id
count_comments
count_invited_friends
...
I don't consider a user to be a user if he doesn't have an entry in each of the tables (I could have done everything in one table but the users table seemed to me to become huge). The only relationship used is OneToOne between the user and the table in question.
Should I do this ?
class UserRepository {
public function register($data) {
// Create the user
$user = User::create($data);
// Create all its dependencies which are required if I want to consider the user as fully registered in my DB
$user->badges()->create();
$user->onboarding()->create();
$user->counter()->create();
// Return the user
return $user;
}
}
Or should I create a Repository for each of these elements and create the entire user in a UserService ?
How far should I separate things and when does it become overkill?
Is there something that I don't understand in concept of Repository ? If so, could you give me some links that you found useful because I feel like I ran out of ideas for search keywords.
Thanks
I am trying to start an application but it's not for managing hospital, it will be for doctors and patients. Where there will be multiple types for users will be able to login such as Doctor, Patients/Guardians.
Doctors can have multiple clinics at multiple locations and doctor can manage patient records. Once the patient account has been created by doctor then patient can take appointment from doctor or update his appointment status and many more stuff will be there next.
The thing is how to go with the ERD?
I will have
User //User accounts used to login in to the system
Doctor
Patient
Guardian
Role
Permission
These are the models I have currently created, but they don't seem right to me.
Should I remove role columns as I already have different tables for different pre-defined roles?
Or should it be there? But how to manage permissions on users if no roles table is there?
Also, most importantly, how to go with one to one with users? I mean should I go and create functions in user model such as:
public function doctor(){}
public function guardian(){}
public function patient(){}
Or is there a better approach to follow?
If they are all users, you can extend different users from a base user model.
If they require different columns in database, consider single table inheritance.
If roles are static, I would create a class called UserType and have constants of each user type mapped to an integer. In the database, the user table will have a type column which is mapped to this integer.
For example:
class UserType {
const DOCTOR = 1;
}
In your application you'll be able to check the type of user by doing $user->type === UserType::DOCTOR
In the Eloquent itself, you can extend newFromBuilder method to check the type attribute and return the child class (like Doctor) instead of User. So even when you do $user = User::find(1);, you'll still get the class Doctor.
When creating users, you can just create Doctor itself but make sure in __construct to set the appropriate type attribute.
So now you have a base User class, your shared functionality can go here. Specialised methods such as relation to clinics can go in the Doctor class.
This is somewhat similar to the above: https://github.com/Nanigans/single-table-inheritance
I created a relation between User and Event. I added a pivot element 'part_sure' to the pivot table and updated the models appropriately:
Now I have a problem with accessing this pivot element. If I try to do this...
... it doesn't display anything! No error but also no value.
Looking with this command...
... what is accessable in the pivot element:
As you can see, the part_sure element is not there.
My user model:
My event model:
I really don't know why this isn't working. Tried to google it for almost an hour. I would be really happy if somebody could give me a hint!
You're calling the events method from the User model, but you aren't showing us the User model.
What does your User model look like? Just like you did with the Event model, you need to specify the extra pivot column in the User model.
User model
public function events() {
return $this->belongsToMany('radclub\Event')->withPivot('part_sure');
}
You may need to edit radclub\Event with the proper namespace.