Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi all,
I went through a few forum posts here and there but want to clarify for myself, with your export help, what is the way to sort out roles and permissions in a Laravel application.
The application I am looking at has roles + middleware and policies to restrict access to resources.
Is there a better way to do things? I am asking because I have to add a new role in a Laravel application and it seems super unproductive and risky to go through the whole code base and update every bit to allow/restrict access for the new role.
I have seen in some .Net applications that they have roles (admin, super-admin, etc.) and a table with permissions (edit_post, create_user, etc.), and then they pick and choose the permissions to configure the new role, is it like industry standard? Is there even a better way?
Thank you in advance!
I suggest reading the docs about it
https://laravel.com/docs/10.x/authorization
There are som packages that can be used, but with only a few roles, they are usually overkill.
You can also watch these free lessons on it
https://laracasts.com/series/laravel-8-from-scratch/episodes/62
https://laracasts.com/series/laravel-8-from-scratch/episodes/69
Please or to participate in this conversation.