[L5] User Authentication and Roles

Hi All,

I'm new to Laracasts and I'm already learning a great deal from the lessons. I am trying to figure out how to proceed with my app, which is being built for teachers and students. I'm using the Users model that ships with Laravel 5 and I've pulled in the Entrust package to help manage my roles (Student & Teacher).

A Teacher is responsible for creating a Class, and is a one to many Relationship (one teacher has many classes). For example:

    public function classes()
    {
        return $this->hasMany('App\Models\Class', 'user_id');
    }

A Student is a "member" of one or more classes, and is a many to many relationship (students BelongToMany Classes, and Classes BelongToMany Students). For example:

public function classes()
{
    return $this->belongsToMany('App\Models\Class', 'class_students', 'student_id', 'class_id');
}

I'm trying to wrap my head around how to manage these relationships in Laravel. Essentially, what I want to do is be able to query Auth::user()->classes()->get() and return a collection of classes, which would be different based on the User role. Extending the User model is introducing problems because I can no longer use Auth::user()->classes().

class Class extends Model {
  public function students()
  {
     return $this->belongsToMany('App\Models\Student', 'class_students', 'class_id', 'student_id');
  }
    
    
  public function createdBy()
  {
    return $this->belongsTo('App\Models\Teacher', 'user_id');
  }
}
class Student extends User {

//...
    
}
class Teacher extends User {

//...
    
}

I am wondering if I need to set up some kind of polymorphic relationships, or if I am thinking about this in the wrong way. Please let me know if I need to provide more information!

[email protected]

11 years ago

Best Answer

Level 3

I'll reply to my own question here. I'm not sure why I didn't think of it before, but it seems obvious now that this type of issue can be handled by implementing a "Groups" table in addition to the Roles and Permissions supplied by the Entrust package. For example:

class User extends Model implements AuthenticatableContract, CanResetPasswordContract {

    use Authenticatable, CanResetPassword, EntrustUserTrait;

    /**
     * The database table used by the model.
     *
     * @var string
     */
    protected $table = 'users';

    /**
     * The attributes that are mass assignable.
     *
     * @var array
     */
    protected $fillable = ['name', 'email', 'password'];

    /**
     * The attributes excluded from the model's JSON form.
     *
     * @var array
     */
    protected $hidden = ['password', 'remember_token'];

    /**
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function groups()
    {
        return $this->belongsToMany('App\Models\Group', 'group_user', 'user_id', 'group_id');
    }
}

class Group extends Model {
    protected $table = 'groups';
    /**
     * @return \Illuminate\Database\Eloquent\Relations\BelongsToMany
     */
    public function members()
    {
        return $this->belongsToMany('App\Models\User', 'users_groups', 'group_id', 'user_id');
    }
}

This way, users can be assigned Roles via Entrust (Student/Teacher) and simply be assigned to groups that represent their classes. Within the group their Role/Permission set would dictate what they can and cannot do.

Please or to participate in this conversation.