Laravel 9 User Roles and Permissions

Hello,

I try to create a basic authentication scheme with one administrator user who will create users and dynamically assign roles and page access permissions to them.

I tried this implementation using the Spatie package with UI. I was based on the spatie page suggested videos (https://www.youtube.com/watch?v=7PpJsho5aak&list=PLxFwlLOncxFLazmEPiB4N0iYc3Dwst6m4), but this guide was not working for Laravel 9.

Then I tried implementing this example (ommiting the products): https://www.itsolutionstuff.com/post/laravel-9-user-roles-and-permissions-tutorialexample.html

This worked partially. I needed node.js in order to run npm install && npm run dev command (could this be avoided?).

Unfortunatelly, the styling of the page is not showing as expected and more important there are some malfunctions (eg the users get logged in immediately upon registration, or the standard user can delete othe users).

Is there a simpler way to implement this? We just need one administrator user who will grant roles and access permissions to users.

Thank you a lot!

OussamaMater

3 years ago

Level 37

I am pretty sure that tutorial is old, they just kept updating the Laravel version in the title and some edits in the article.

The npm install && npm run dev is not needed if you're not using the bootstrap scaffolding they are using in that tutorial (which we no longer use after the release of breeze and jetstream).

There is no simpler way, only in case you have two roles, a normal user and an admin, that way you can create an is_admin column in the users table where it's false for everyone else but the admin, and you perform the checks based on that boolean value.

If you do have more than one role, I highly recommend using a package as it simplifies the process, the most used packages are

https://spatie.be/docs/laravel-permission/v5/introduction (the one you used and is working perfectly fine with Laravel 9, you just watched a very old tutorial, and the docs are more than enough)
https://laratrust.santigarcor.me/ (simpler than spatie package, but does not have as much features, so if you are doing basic stuff maybe go with this one instead)

konrms

3 years ago

Level 1

@OussamaMater Hello and thank you!

Unfortunately most guides are obsolete. We should work with spatie. We need a user interface and the administrator should assign roles and access permissions.

I have also created a basic authentication scheme based on this example (this works flawlessly) https://www.nicesnippets.com/blog/laravel-9-custom-login-and-registration-example

I can just register some users and log them in/out. But this must somehow be paired with spatie...

OussamaMater

3 years ago

Level 37

@konrms and what seem to be the problem? you don't have to worry about role/permissions table, spatie will generate them for you.

Now if a user register he will have a default role/permission, and on your dashboard where you have all the users listed, you do have that edit button for sure, once you wish to edit a user, you can attach a permission or role directly.

Please have a look at these basic examples, based on your use case, that's all you'll need for now:

https://spatie.be/docs/laravel-permission/v5/basic-usage/basic-usage

Please or to participate in this conversation.