Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
well, Iam using laravel-permission package by spatie https://github.com/spatie/laravel-permission
To mange roles and permissions
My question is: lets see I have 3 roles: admin, employee and manger.
now each one of these roles has its own unique fields!
"users" table
I was thinking of creating something like this :
"employees _users" table
"mangers _users" table
is this right ?
Yeah.. right.. But if you extend your roles it's very complicated. Because whenever you create a role you need to create a table for that role.
If you have more then 5 roles you may use wordpress meta table concept. Wordpress store all other information for a particular user in one table called user_meta. Table structure is Id | user_id | meta_key | meta_value
If you do this method you don't need to create separate table for every role.
I feel wordpress is very bad at managing things.
Just make your user table with all the fields shared by everyone, an employee and manager table with their unique fields linked to users table via user_id.
Your syntax is correct.
I read about polymorphic relations and that its more "the right way" to do it .. but polymorphic relations is not clear to me..
could someone explain how that will work ? with roles and users ? https://laravel.com/docs/5.5/eloquent-relationships#polymorphic-relations
or should I do it like in my first post without polymorphic relations!!
hmm after playing with polymorphic relations I had it working like this:
database will look like this:
"users" table
- id
- email
- password
- userable_id
- userable_type
- common fields by all the roles ...
"employees _users" table
- id
- about_me
- some other unique fields for employees role
first creating a new service provider and adding "morphMap"
public function boot()
{
Relation::morphMap([
'employee' => 'App\Employee',
]);
}
in App\User model:
class User extends Authenticatable
{
use Notifiable;
use HasRoles;
public function userable()
{
return $this->morphTo();
}
}
in App\Employee model:
class Employee extends Model
{
public function user()
{
return $this->morphOne('App\User', 'userable');
}
}
and so on with any role that has unique fields , but I feel this is getting complicated with polymorphic relations..
whats the benefit doing it with polymorphic relations vs the normal way like in my first post ?
I think the polymorphic 'benefit' is that you don't have to write extra code to figure out if you are dealing with a manager user or an employ user -- which you need to differentiate because the roles have different properties.
but what's weird for me is, from the code you posted, I don't see how this code helps you differentiating admin, or managers versus employee users.
so, this goes back to your original posting. 3 roles, and a user. where a user has a role. and the roles contain the fields that describe each of the role types.
then your permissions become simpler.
e.g. You could have a fire method on a Controller say.
and then you want to authorize fire.
you would just do something like $this->authorize('fire', $role) //I think you'd have to use an update or delete method not 100% sure.
then in the corresponding Policy class (art make:policy ManageEmployees (say)), just look at the users role to figure out if they have rights to fire somebody. i.e. if your not an manager you can't, or if your not admin and the employee you're trying to fire is an manager. ...
just a thought.
Please or to participate in this conversation.