Level 75
Mar 20, 2016
2
Level 3
Best practices for handling multiple roles
I'm just curious about what people think is the best way to handle multiple user levels on a site. A good example is a marketplace, you have general users and you have contributors. The contributor would have more information that needs to be stored like contact details, maybe a portfolio, etc, but the general user really only needs to be able to log on and purchase things. How I have been doing this sort of things is to have your base users table for authentication, and then if they require additional information I set up another table for the contributors, and just reference it with the User ID.
Is that the best way to do that sort of thing? I figured you would be better off with an additional table rather than having a lot of extra columns in the one table.
Level 47
@jlrdw thank you again :).
I think of the user table as need to know information about all users, like name, email and avatar (if applicable). Pretty close to the default migration as I use auth() facade heavenly. Like you are doing @QuckBen is what I'd do. I need the users name quite a bit, but profile data not so much. So I put profile data in a different table.
I generally add the roles and permissions to every app (but my personal website, just a Boolean for admin in users table) even if its role based or just one role. This makes updating significantly easier if/when a client or another dev needs to add to the functionality later. No need to touch the database as the tables and models are there already. Jus a couple controllers, views and middlewares and update exciting views as needed.
Though bottom line your description of why is spot on, and with out roles you have the has() method to check if a user has contributer table associated. If not just a member, but I assume you'll have admin types too where at least roles can ease the checking issue.
Please or to participate in this conversation.