I'm building a Laravel application. I need to discriminate between a guest, an admin and an owner. I plan on using Confide and Entrust. Let me give the example with a todo-application:
First part of the question: The guest can only access the frontend, the admin can access the backend to add/edit his 'own' projects and to do items. The owner can get a view on all projects of all registered users, can also see stats on how many projects and tasks, how many users are using the app, reset passwords for a given users, ticketing system etc....
I would create three roles: guest, admin and owner (using Entrust). Then I would (in the router file) say that all routes starting with admin would need to be authenticated. But how to solve this for the 'owner'. So I have the following situation:
1) Routes for guest: Route::group(array('before' => 'guest'), function(){....} 2) Routes for admin: Route::group(array('prefix' => 'admin', 'before' => 'auth'), function() { ...} 3) Routes for owner: ??
How to fix the owner routes: Is it as easy as doing: Route::group(array('prefix' => 'owner', 'before' => 'auth'), function() { } or should I take the owner as part of the 'admin' section and do the discrimination in the controllers?
Second part of the question: how can I ensure that a user that subscribes to the app is automatically assigned the admin role.
Third part of the question: how can I ensure that only 1 owner can access the application with full rights?
