Entrust : where should I create roles ?

I am in the same boat. Were you able to find any feedback ?

It really depends on your structure. You can put it in your usercontroller or other controller that makes sense for smaller projects. You can also create a new class and decorate the controller . There are plenty of ways to do this.

Hey @manshu At first I added it as a migration, I didn't like the idea to have it in the controller. In the end, I discovered that since version 5.11 Laravel includes powerful ACL features so Entrust was not needed in my case.

I too would like to use Laravel's ACL, in the mean time I've been using Entrust. I added it to my UserController:

    public function rolesStore($userId, UserRoleStore $request)
    {
        $user = User::findOrFail($userId);
        $user->attachRoles(Role::findMany($request->attach));
        $response = $this->response->collection($user->roles, new RoleTransformer, 'roles');
        return response($response, '201');
    }

Also doing something similar in the RolesController to attach/detach permissions..

Oh, perfect. I'll watch it tonight and see what i can get out of ACL. I will come back for help.

The ACL in the "out-of-the-box" laravel does not save things to the database, everything is defined in code via a Policy and using the Gate class.

Entrust gives you a bit more control because you can just change the database (no code change/release required).

$subscriber = new Role();
$subscriber->name = 'Subscriber';
$subscriber->save();

goes into a migration in the up() method or you can just manually create these records in the database. Then there is a role_user table where you can match up roles to users. This is course-grained like admin, manager, user, etc. so big chunks suitable for maybe a group route

If you want even more granular stuff (like an extra level), then you can layer in the permissions part. These may be on each of your controller functions but this is not necessary