-2

I'm trying to follow the documentation on authorization, but am having some problems grasping how it will work in the end.

Where does it store the permissions? And does it work with roles?

If it does work with roles, how do you apply a role to a user?

davejal
  • 6,009
  • 10
  • 39
  • 82

1 Answers1

2

The permissions are defined in the code you write in the Policies or in the AuthServiceProvider.

If you want to apply roles by user:

  1. Generate the appropriated migrations (e.g: roles, roles_users).
  2. Save the roles you want for each user in the database.
  3. Define the relationships between the tables.

  4. Add/update the permissions (abilities) to use the roles you've defined in the AuthServiceProvider or in Policies.

    Example

    class AuthServiceProvider extends ServiceProvider
{ 
//...
    public function boot(GateContract $gate)
    {
        $this->registerPolicies($gate);
        $gate->define('read-very-confident-info', function ($user) {
            return $user->roles->contains(1); // suppose id 1 means user can read very confident info
        });
    }
//...
}
whoan
  • 8,143
  • 4
  • 39
  • 48