Roles and Permissions

When an identity is created it may belong to one or more roles. For example, John may belong to the Administrator and Editor roles while Mary may only belong to the Editor role. Roles are stored in the database in the roles table, and have the matching Role model. Roles are exposed to the developer through the HasPermissions trait.

Every role can have a number of different permissions attached to it, and users that are in that role are said to have all permissions assigned to any of their role. The permissions that your application uses are defined in the Permission enum that was created during installation. As your application grows, you should add permission definitions to this enum.

The HasPermissions trait that you should apply to your authenticatable models (typically User) defines functions for the developer to use in order to interact with roles and permissions:

Name	Description
getPermissions	Get a list of this authenticatable model's permissions.
hasPermission	Check if this entity has a specific permission.
hasRole	Check if this entity has a specific role.
roles	A `HasManyThrough` relationship to this model's roles.

Note: A Has-Many relationship is also defined between users of the HasPermissions trait and the Role model, under the name of roles.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Roles and Permissions

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Overview

Introduction

Installation

Roles and Permissions

Authorization

Simple authorization

Role-based authorization

Permission-based authorization

Policy-based authorization

Resource-based authorization

Clone this wiki locally