Duel roles

I usually use a pivot table and have many-to-many relationship between users and roles. It might be a little complex for your needs, but I often base just use https://github.com/spatie/laravel-permission for managing user access throughout the application.

It can get tricky:

An admin who is also a user with heir own data logs in and sees all, but wants their own data only sometimes.

A lot more if statements involved with duel roles. Kind of why I liked the muti table way.

A little more logging out and logging in, but still easy.

An admin logs out to do bookkeeping. Hits the link that opens the login for a bookkeeper, logs in, and properly gets routed to correct place.

Duel roles can be a headache at first.

Going back to the admin that just wants a simple view of their info. There would have to be extra commands or links to allow them to see things as a regular user.

It's a tough decision to use multi tables or a table with multi roles.

Multi table easier but requires a log out and another login. Multi role table requires a lot more if else statements to figure out if that duel user role can do bookkeeping also.

I am still researching this.

Thanks for reply. I looked over the package, a lot of if constructs needed.

Check the package recommended. It does all you seek, and does a damn good job with many options. Spatie knows how to write laravel code. It's very well documented, very popular (check the stars) and always maintained. You can do the same as they are (using laravel policies, etc), but they've done all of the hard work and made it very easy.

For your various roles and only wanting to see limited data scenario... That's pretty common. What I've done is have a dropdown that allows the user to choose their current role (which is also defined as to what role can change to x,y,z roles) and use sessions to manage that. They basically just change roles on the fly and change back. They don't have to log out, just refresh the page (done automatically). So an admin can change themselves to bookkeeper and only sees what the bookkeeper can see/do, then goes back to admin and seeing all. It's basically just a filter when you think about it. It just alters a db where (if value in session is xzy, use xyz, else use default role on user).

I looked over the package, a lot of if constructs needed.

There will be for whatever you come up with, too. They have a lot of different ways to do things for lot's of different scenarios. You don't have to do all, and you wouldn't. Study the docs and once you pick the method that would work best for your scenario, then there aren't many docs to study. You just focus on that one part.

What I've done is have a dropdown that allows the user to choose their current role

That's a dang good idea I'm going to pursue that.

I can just put the comma separated List in the drop down.

Should be fairly easy as a separate admin area anyway.

Regular users only have completely different area.

@WILK_RANDALL - Giving you best answer, but no pivot table for me, this single table for roles is tricky enough. One bob boo in an if and a user can see things thy aren't supposed to see. So I have to be extra careful with any if's.

@cronix I am going to try the drop down for switching roles, so easy to just pull them from table.

I imagine if an admin and bookkeeper, I would at first have them logged in as admin. But have their roles in the drop down.

Then since only they can see that drop down (will derive from a session array I set up), they can just switch.

That logic should be fairly easy. Thanks both of you.

@jlrdw Hey, whatever works for you. I understand that access control definitely isn't a one size fits all kind of thing.

@WILK_RANDALL - It can give headaches when first setting up, but like anything, it will fall into place.