I am using Laravel spatie package. I want to create a permission module for each controller and each controller has create, read, update and delete. Foe example, I have product controller and I don't want to create permission for that controller like => "create_product", "read_product", "update_product" and "delete_product". What I want is I want to name the permission as product and sub permission for that with create, read, update and delete in same column. Please share me some solution how can I achieve this. Thanks in advance!
What I use in laravel is the policies. Each model has its Policy with the create(), update(), destroy(), ... and other functions. You can add your own logic in these functions.
You can check the documentation for more details: laravel-official-documentation
Related
Hello there I am working on a project in Laravel in which i need to assign permission to each user so that i could verify on each blade file or controller function to check whether the current user has the permission to perform this. Moreover, the side nav links are also generated using these permissions dynamically.
I created two tables:
1: User => [ID, Name .....]
2: Permissions => [ID, Name, user_id(fk)]
To solve this problem, i have stored all the permissions of users in session at the time of login. So that i can verify all permissions on each page and generate links fetching from session.
Is that good approach or there is any better solution for this
It would be good if you had share more code but i can see what you are want to archive. Firstly you dont need to store in the Session because you have already a relation between user Object and Permission. Add to your User model this lines of code:
public function permissions() {
return $this->belongsTo(User::class);
}
Then you have access in your blade or controller to the permission. Small example in the controller:
$user = User::find(1);
dd($user->permissions);
// you can write a condition to check if user has Permission etc.
Yes you can store this is the session. But the more better option will be to get the permission through relation object like
user::find(1)->permissions()
Well if you're asking "better solution" ... but I Not sure if it's too late for this information since you're already developing the project. However, I would recommnend this package for your long term management (for both user and dev).
Spatie Laravel-permission package
It has Role based permission and Direct permission design (which is similar to your design). Once you installed the package then role and permission tables are created for you.
Once you created desired roles with permissions, it's easy for you to manage which page to allow for which role and which button show be shown.
You can check roles in your controller for those who can view this page.
In blade, you can check both roles and permission for which button to show or disable.
Hence, your don't need to worry about session settings or session expires. It's better for maintaining and development in future.
The Spatie package has simple syntax and easy to work with.
Installation:
composer require spatie/laravel-permission
Syntax:
Basic usage and syntax
There are plenty information or tutorials out there.
I'm attempting to use UUID's for my user ID's in Laravel and to support this I need to modify a vendor migration (in this case the Voyager admin panel) to change the user id type.
Is there a way to do this?
You can create this type of migration file: https://github.com/laravel/fortify/blob/1.x/database/migrations/2014_10_12_200000_add_two_factor_columns_to_users_table.php
I have designed a store with Laravel 6 ,and used laravel-permission 3 for user management. I'd like to restrict every crud action by a definite permission (e.g. add product, delete product).
There is a short description about using wildcard permission in Spatie, but I'm not sure about it. I don't know where is the best place in defining these restrictions.
Here is a route sample for creating and editing product and their middleware (restrictions by permissions).
Route::get('/create','Controller#create')->name('create')->middleware('permission:add product');
Route::post('/store', 'Controller#store')->name('store')->middleware('permission:add product');
Route::get('/{product}/edit', 'Controller#edit')->name('edit')->middleware('permission:edit product');
Route::patch('/{product}/update', 'Controller#update')->name('update')->middleware('permission:edit product');
I suggest that use Laravel’s Model Policies, you can find more information in the link below.
https://docs.spatie.be/laravel-permission/v3/best-practices/using-policies/
Furthermore, You can find an example of implementing a model policy with this Laravel Permissions package in this demo app:
https://github.com/drbyte/spatie-permissions-demo/blob/master/app/Policies/PostPolicy.php
I'ts just for practice and I need how to set up an Auth in Laravel but in the same table User. I know I have to use the default model User.php. I added my new column "type" where here I'm going to manage common users and admins. I edited and migrated that, also according to docs I created my guards and register providers but I don't know whats next. I know how to do it with another table but in the same table I have no idea how. I don't know how this Laravel's files works.
I added couple of fields to my user table and everywhere I read it said I also need to update the new fields in the app/Services/Registrar.php file. But I cannot find the Services folder anywhere! This is a new installation in Laravel 5 and here is the screen shot of my directory structure:
What happened to the Services Folder? When I test, I can see that the User::create() works but I dont know where its declared since I cant find the Registrar.php file.
I added couple of fields to my user table and everywhere I read it said I also need to update the new fields in the app/Services/Registrar.php file.
This was removed in Laravel 5.1.
https://laravel.com/docs/5.1/upgrade#upgrade-5.1.0
Secondly, the App\Services\Registrar class used in Laravel 5.0 is no longer needed. You can simply copy and paste your validator and create method from this class directly into your AuthController. No other changes should need to be made to these methods; however, you should be sure to import the Validator facade and your User model at the top of your AuthController.
You are using 5.1 version and it doesn't have such directory or service. This version uses AuthenticatesAndRegistersUsers traits for registering users.