1 year ago

ACL and controller sanity check

Posted 1 year ago by the_lar

Hi all,

Just wanted to check that I'm doing something correctly...

I'm building an app which implements some basic ACL via Roles and Permissions and I've scaffolded the out of the box auth. I've created a User and given them a role of 'Administrator', that has a permission of 'manage_users'.

So now I need to create a manage_users page which only those with the correct permission can access. Here's what I've done...


Route::get('/manage_users', '[email protected]');



namespace App\Http\Controllers;

use Illuminate\Http\Request;

class ManageUsersController extends Controller
    static $access = 'manage_users';
     * Create a new controller instance.
     * @return void
    public function __construct()

     * Effectively the manage users dashboard
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
    public function index()
        return view('users', ['access' => $this::$access]);

And inside users.blade.php

                        Manage the users
                        Sorry mate it's above your pay grade

Mainly I want to check if this is the correct approach and whether it's OK to use a static variable on the controller in the way I have.

Much appreciated Kevin

Please sign in or create an account to participate in this conversation.