Level 80
@carcleo You have users. You then assign roles/permissions to users. Use a package such as Spatie’s (https://github.com/spatie/laravel-permission) for this if you are unsure how to implement this from scratch.
Jan 20, 2025
16
Level 2
Admin and SuperAdmin. How to do?
I would like of explanation about of how create the login (UAC) with
Admin and SuperAdmin and Usernormal
Admin and SuperAdmin use the same environment
/admim
/usernormal
or its separade?
/admin
/superadmin
/usernormal
The SuperAdmin do everything that Admin do more new Admins commons and also register new admins /usernormal
Level 2
@martinbean Ok, i will go waith for another idea, but thank you. you do not understood my doubt
Level 8
Hey @carcleo, what @martinbean suggested is the 'standard' way of doing this type of thing for 90% of use cases. Can you explain the difference of why this won't work for your case?
1 like
Level 73
It depends a little on the use case, are we talking just three roles?
- User
- Admin
- Superadmin
Then I probably wouldn't use roles per se, I would most likely just create tables that contains the user ids of the admins and super admins. However if this is going to grow with additional types of users then roles is the way to go.
Level 2
@Tray2 in this true, yes, there is more uses cases. But i is fixeding my attention at admim ambient (admin area) with admin e superadmin users.
For each can have your separed area
/admim
/superadmin
ou both at the same area?
Level 73
@carcleo I would just to /dashboard regardless of the user type.
1 like
Level 75
Use authentication for login.
Use authorization to determine what a logged in user can or cannot do.
An admin is a user. A superadmin (???) is a user. A janitor is a user. A person using the site is a user. The owner (head m- in charge) is a user.
I have had apps where even a big chief admin can't mess with certain accounting data. View yes, modify no.
I suggest you forget things like "super admin", and deal with what a particular user with their role can or cannot do.
Suggestions only.
Level 2
@jlrdw Then, i am entering to worl Laravel now, so being, everything is new to me yeat. I did so :
/admin
/magazine
/client
/......
But it apear that this model did changes. Correct?
Level 2
People, i think that you all not understand.
I wnat ideas about routes.
/superdmin
/admim
/usernormal
or
/admim
/usernormal
The Super would have a ambient only for his or he can use the /admin same?
Level 6
@carcleo I believe that you don't need to separate routes for SuperAdmin and Admin; just differentiate between roles by middleware, gate, or policy
1 like
Level 2
@Go3shom
Can you give-me a example.
Please?
Level 80
@carcleo The middleware docs literally has an example of restricting routes to specific roles: https://laravel.com/docs/11.x/middleware#middleware-parameters
I’ve also blogged about the topic before, since it comes up so frequently on this forum: https://martinbean.dev/blog/2021/07/29/simple-role-based-authentication-laravel/
1 like
Level 75
@carcleo I would highly recommend that you take the 30 days to learn laravel course.It is free. It will give you an idea of how authorization works.
1 like
Level 122
@carcleo you keep using the word 'ambient' but this is not correct in this context, so we are struggling to understand what you mean.
1 like
Level 75
Level 6
@carcleo
I mean that "/superadmin" & "/admin" may be combined into one "endpoint"; "/admin" -as an example-, and differentiate between them by making "Gates" or "Policies" which documented under "Authorization" section
Please or to participate in this conversation.