Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

zaster's avatar

Complete User Management Using Jetstream

As i understood the basic user role management is already there in jetstream

What i want to achieve is Multi Auth + Roles + Permissions

Can i use the spatie permission package to achieve this or should i use only jetstream

I wan to add a lot of permission levels such as

1.role-list

2.role-create

3.role-edit

4.role-delete

5.product-list

6.product-create

7.product-edit

8.product-delete

etc...

There will be at least 3 user types(Multi Auth) and since each user type will require to have unique fields in the database. I decided to have 3 dedicated tables. So there will be the general user table and then usertype1 table , usertype2 table, usertype3 table

Am i going in the right direction?

0 likes
8 replies
Snapey's avatar
Snapey
5 years ago
Best Answer
Level 122

jetstream contains nothing related to roles and permissions

You should carefully consider doing multi-auth because it always ends up being a confusing mess. I NEVER use or recommend it.

Users are users. don't segregate them. Use authorisation to control what they can do. if you need to store different profiles because they are vastly different then consider having multiple profile types not multiple authentication models

http://novate.co.uk/using-laravel-polymorphic-relationships-for-different-user-profiles/

(my post)

3 likes
zaster's avatar

@snapey

Ok. Multiple profile type it is then.

Now can i use a plugin like spatie's laravel-permission + jetstream + Multiple Profile approach to achieve full user management ?

1 like
Snapey's avatar

yes but you may need to create a user interface for things like creating roles and applying permissions to it

zaster's avatar

@snapey

jetstream contains nothing related to roles and permissions

JetstreamteamServiceProvider.php contains this

/**
     * Configure the roles and permissions that are available within the application.
     *
     * @return void
     */
    protected function configurePermissions()
    {
        Jetstream::defaultApiTokenPermissions(['read']);

        Jetstream::role('admin', __('Administrator'), [
            'create',
            'read',
            'update',
            'delete',
        ])->description(__('Administrator users can perform any action.'));

        Jetstream::role('editor', __('Editor'), [
            'read',
            'create',
            'update',
        ])->description(__('Editor users have the ability to read, create, and update.'));
    }
Snapey's avatar

I am corrected, i forgot that, sorry 😣

3 likes
FoxRocks's avatar

I was very happy to find this post in my search on this. I'm at the same point in my app @zaster and have some more questions. I'm clear on what Jetstream is doing in user management, what I'm not clear on in the example given in the docs (as you posted) is what the "server" part is all about, is that the name of the model? I've been playing around with this for a bit too long now trying to figure it out for myself, so I'm hoping to find someone experienced in this area. Did you end up going with the Spatie package? How did that go? What issues did you face? In my app I have users, teams and then products that are subscribed to by the team. Because of that I had to shift a lot of the logic from being user based to being team based, and so part of me is expecting this to be the same thing, but then again as @snapey said, it's best to keep that all on the user...but then how do I link it to the team so the user has the appropriate permissions on each team? So many questions! LoL 😆

zaster's avatar

@foxrocks i am still on the progress of building this app

I have decided to implement the permission stuff at the end, and at the moment have decided to go with gates and policies (Not with Spatie package)

I am also using one users table (With more table fields, didn't go with polymorphic relationships to kind of make things simpler)

I think it is better to create a new question since this is already solved. In that way i guess you would be able to get more opinions by much experienced programmers.

1 like

Please or to participate in this conversation.