Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

asss02's avatar

Spatie Laravel Permission Assign a role did not work

I'm using laravel 8 with Jetstream, My site has users and this users are related to many intitutions, so here they have different roles inside the site, So I made a seeder where i create the Roles and also the User and the institutions, everything is fine, then in the blade view I use the directives @can to show and hide information to different roles but here is the problem because it does not show anything, despite of the fact i am logged in with an administrador user it does not show what it is supposed to show.

I must say that I'am not using the User model to relate the roles, instead of I'am usign the UserInstitution model, because here is the logic.

Here is mi model

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Spatie\Permission\Traits\HasRoles;

class UserInstitutions extends Model
{
    use HasFactory;
    use HasRoles;

    protected $primaryKey  = 'user_id';
    public $incrementing = false;
    protected $guard_name = 'web';

    public function user() {
        return $this->belongsTo(User::class);
    }

    public function institution() {
        return $this->belongsTo(Institution::class,'institution_id_f');
    }
}

The Seeder

<?php

namespace Database\Seeders;

use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;

class RoleSeeder extends Seeder
{
    /**
     * Run the database seeds.
     *
     * @return void
     */
    public function run()
    {
        $admin = Role::create(['name' => 'Administrador']);
        $titular = Role::create(['name' => 'Titular']);
        $coor = Role::create(['name' => 'Coordinador']);
        $subcoor = Role::create(['name' => 'SubCoordinador']);
        $int = Role::create(['name' => 'Integrante']);

        Permission::create(['name' => 'home.dashboard']);

        Permission::create(['name' => 'dashboard']);
        Permission::create(['name' => 'institution.index']);
        Permission::create(['name' => 'institution.create']);
        Permission::create(['name' => 'institution.update']);
        Permission::create(['name' => 'institution.delete']);

        $admin->syncPermissions(Permission::all());
        $coor->givePermissionTo('institution.index');
        $coor->givePermissionTo('institution.create');
    }
}

The seeder where I assign the role

<?php

namespace Database\Seeders;

use App\Models\Institution;
use App\Models\User;
use App\Models\UserInstitutions;
use Illuminate\Database\Seeder;

class UserInstitutionSeeder extends Seeder
{
    public function run()
    {
        $institution = Institution::all()->random();
        $user = User::all()->random();

        UserInstitutions::create([
            'user_id' => $user->id,
            'institution_id_f' => $institution->id,
            'institution_id' => $institution->institution_id,
            'email' => '[email protected]',
            'landline_phone_number' => '74859632',
            'start_date' => now(),
            'active' => 'S',
        ])->assignRole('Administrador');

        UserInstitutions::factory(5)->create();
    }
}

The view where i use the @can directive

 @can('institution.create')
                <a href="{{ route('institution.create') }}" class="btn btn-success text-white">Nueva</a>
            @endcan
0 likes
2 replies
geowrgetudor's avatar

I don't think it will work if you use it on UserInstitution because the permission check uses the current logged in user's ID. In your case the permission is attached to UserInstitution ID an that is not your authed user id.

Please or to participate in this conversation.