💡Roles & Permissions

We are using Spatie Laravel Permission composer package to manage role and permission

"spatie/laravel-permission": "^5.7"

Config Roles and Default Permission

You can find "config\enums.php" for default roles and permission. you can add roles as show in below array

return [
    'user' => [
        'roles' => [
            [
                'name' => 'Super Admin',
                'default_permission' => '*',
                'custom_permission' => []
            ],
            [
                'name' => 'User',
                'default_permission' => [
                    'admin.dashboard',
                    'admin.changeLanguage',
                    'admin.users.profile.edit',
                    'admin.users.profile.update',
                    'admin.users.password.edit',
                    'admin.users.password.update',
                ]
            ],
        ],
    ]
];

System can have default roles as many as you want. you can also add roles runtime in system after setup.

Default Permission

Each role must have default permission key to decide it's default permission when executing seeder script. if * is provided like Super Admin then it will assign all permission to that role. Or else you can specify list of permission that will be going to assigned to specific role like User in above example.

Custom Permission

When you execute seeder script you will get all permission based on route names but sometime you may need some custom permission that can't be related to any route or it's names. in this case you can give this permission names list as array in custom_permission for specific role and seeder script will create permission (if not exists) with this name and assign it to the specific role in which custom_permission is added. You can use that permission name in your code to manage permission access. as show in below example

return [
    'user' => [
        'roles' => [
            [
                'name' => 'Super Admin',
                'default_permission' => '*',
                'custom_permission' => [
                    'user.item.usage.1',
                    'user.item.usage.2',
                ]
            ],
            [
                'name' => 'User',
                'default_permission' => [
                    'admin.dashboard',
                    'admin.changeLanguage',
                    'admin.users.profile.edit',
                    'admin.users.profile.update',
                    'admin.users.password.edit',
                    'admin.users.password.update',
                ]
            ],
        ],
    ]
];

Update Roles & Permissions

After updating your route file you need to run Optimize Clear Command

php artisan optimize:clear

We have already written script in seeder "database\seeders\RolesAndPermissionsSeeder.php".

So You just need to run seeder to get Default Roles & permission as per "config/enums.php" and routes names as permission. Once execution is completed then you can user permission it in your code.

php artisan db:seed --class=RolesAndPermissionsSeeder

Permission to ignore

If you don't want to add some of your routes in permission as you want to make it open then you can add those route names in "config/enums.php" : permission_to_ignore array so script will ignore those route names while creating permission.

return [
    'permission_to_ignore' => [
        'route_names' => [ // To ingore route names from permission  creation
            'LaravelInstaller*',
            'LaravelUpdater*',
            'debugbar*',
            'backup*',
            'verification.*',
            'language*',
            'log*',
            'admin.changeLanguage',
        ],
        'controllers' => [  // To ingore Controller from permission creation
            'LoginController',
            'ForgotPasswordController',
            'ResetPasswordController',
            'RegisterController'
        ],
    ]
];

PreviousHow to Use & Setup

Last updated