I'm a novice Laravel developer trying to revamp the permissions system on an existing app that uses a very messy, in-house developed system. I'm trying to switch over to a cleaner, more maintainable solution. I'm trying to use zizaco/entrust but I'm afraid there may be some functionality I need that it doesn't support. In addition to checking if a user has a permission, I need to check if that user has permission to interact with a specific database record. For example, I can't just call:
if(!$this->cruser->hasPermission('OwnResourcePermission')) return;
I also need to check if that user owns the resource, or if someone on his/her team does, or if his/her superior does, etc.
So, is there a way to leverage Entrust(or some other permissions library) or would I do something like check the permission AND query the DB to check those other conditions and return if those fail? I'm looking for the cleanest and most maintainable solution but this is a pretty big undertaking for me. It's a little overwhelming and I don't know where to start.
