Level 73
@abdulbazith maybe you need a package like this one, which is an extension of the spatie package
Jan 2, 2020
17
Level 5
Role and permission need to be checked dynamically not manually(this works fine) in Spatie package
Guys iam working with a project School Management System.
I used spatie-laravel-permission package for multiple authentication.
Everything works fine, i have added, user, role, permission, role->permission, user->role
All i did and i checked the permission manually like
@role('Accountant')
//Show Salary link in nav bar
@endrole
This above code works fine. But my problem is
the role and permission are dynamic, it is left to the school they will enter the roles and permissions, and the admin of the school has the permission to assign role->user, and permission->to roles.
so think that
@role('Accountant')
//Show Salary link in nav bar
@endrole
the same above code, i dont know the role name which entered by the school, so in the place of checking it is dynamic, how can i check it??
the same problem i will face in controllers, blades etc.
think that i have a nav bar like this
Role
AddRole
ManageRole
Permissions
Add Permissions
Manage Permissions
Students
Add Student
Manage student
Staff
Add Staff
ManageStadd
Student Attendance
Add attendance
Manage Attendance
Staff Attendance
Add attendance
manage attendance
Subjects
Add
manage
Exams
Add
Manage
Fee Structure
add
manage
FeePayment
add
manage
MarkDetails
Add
Manage
StaffSalary
Add
manage
Now the above all is my nav bar. here based on the user role the nav bar display will be changed. how can i check it dynamically.
say for example, a staff role have permission to use the nav bars like add mark, add subject, add exam. but dont have permission to add a student, only the office admin has the permission to add a student.
likewise a account has permission only to add fee structure, fee payment, add salary, the dont have permission to add mark, or exam, or subjects.
I have added the role and permission, everything, but checking the permission is dynamic how can i do that
how i added my role permission is like below
Staff Role->have permission to-> add_mark, add_exam, add_subject, edit_mark, edit_exam, edit_subject
Accountant Role->have permission to-> add_feepayment, edit_feepayment, add_salary, edit_salary, add_feestructure, edit_feestructure.
Just how i can check it??
Level 5
@nakov thank you for your response.
but the link which u sent is also same as spatie nothing different. in that link also the checked like
@role('writer')
I am a writer!
@else
I am not a writer...
@endrole
here my problem is the role and permission is entered dynamically by the school management. so how can i check a condition like below
@role(how condition goes dynamically?? like if logged person is accountant, and he has permission to add salary)
Add the salary nav bar should shown to that user
@else
here the condition maters, how to check it dynamically?
Level 73
@abdulbazith there is no way to check for a condition unless you are comparing it to something you know as a programmer as well..
So the check must contain two sides, one is the dynamic role of the user, and the other one is the programmer side which has to be defined previously..
@role($user->role)
but you MUST know what role you are checking for in order to understand what permission are you giving that role. There is no other way in my personal opinion.
Level 5
@nakov ya you are right.
but how i can check?? is there any solution?? there are more that 7 modules, so for each module do i need to write manually?? but how?
in this package we should do like this only??
@role($user->role) // this works fine am i right?? just if the role sets, or permission given show that else no need,
but for each nav bars, and each blade files in resource i need to do thiss??? is is correct way??
Level 1
Hi, this may be too late, but I'm posting this as it might help someone else as well.
In your case, if I understood correctly, you want to give the client the option to create new roles, and you still need to be able to check for permission for the current user to do certain tasks. If that is the case, I think the following will work.
You can create a UI to DEFINE ROLES. There should also be a UI allowing the client to ASSIGN PERMISSIONS TO ROLES. Also, a similar UI to ASSIGN ROLES TO USERS.
In the db, there shall be corresponding tables to store permissions, roles, roles-permissions & users-roles. Packages like spatie permissions makes this easier.
Then in the code, you need to check whether a particular user has the PERMISSION to do the task. DON'T CHECK for ROLES, check for PERMISSIONS only. This way you can let the client create as many roles as they want and assign any of the pre-defined permissions.
The only thing you need to have is the list of permissions in advance, because, the coding logic of allowing or denying the access depends on that. Let the client create as many roles and assign any of the pre-defined permissions.
I hope the above helps.
1 like
Level 73
@abdulbazith no this won't work @role($user->role) you will have to know the role that the user has in order to show the navigation item.. There is no way to know it dynamically. How are you going to know what do display? Which item to include? Makes no sense to me.
Level 5
@nakov ya you are right.
But now what should i do? then do i need to ask the school management about their roles, permissions and i need to fix that in the db, and need to write the condition??
so if any changes need they should contact the developer? is this a right format?
Level 73
@abdulbazith roles should be already defined and those should not change in my opinion. You can add new one, but you the developer, knowing the role, and know where to add it in code.
Then a role can have multiple permissions, and the permissions can be dynamically added to a user as well. Then whenever you introduce a new feature you will add accessibility to that feature to a certain permission only, and the permission can be assigned to a user/role by an admin. But the permission is created by you the developer, not by someone from the school, that way you know the name of the permission and where in the code you need to apply it. So when you discuss the features, you are discussing the permissions, and you are the creator of the policy.
This is how I do it, there might be a better way out there. :)
Level 5
@nakov thank you thank you.
i understood, as you saying that, role can be handled by the user, but the permissions must be handled by the developer only.
so that we can easily make condition in nav bar am i right??
so permissions must be handled by myself only you are saying. but assigning user-> to this role can be done by the school admin, am i right??
so the role, and permission must be done by the developer,
is my understanding is right??? if wrong kindly guide me
Level 73
@abdulbazith both role and permission can be assigned by someone at the school. But must be created by you the developer. And you must know each role and each permission in order to use it in the view or in controllers to use the respective authorization policies.
Level 5
@nakov yes , yes you are right,
now only my mind gets an idea of that, i understood, so that as a creator of the roles and permissions, i know where to wirte the conditions,
the school admin can just assign to a specific user, its their part.
But the roles, are decided by the school. accountant, teacher, parent, student, principal, correspondent, these are decided by the school,
so i need to get these roles from the school and i need to feed it in db???
Level 73
@abdulbazith yup, that's what I will do. Get the data and what each role responsibility is, and code it accordingly.
Then in the future if a new feature needs to be added, and there is an extra permission for it, you create the permission and let the admin of the school assign the permission to a role or to a specific user.
Level 5
@nakov thank thanks a lot for these much clear explanation. got it
great. thank you.
if possible see this thread also:
Level 5
@nakov i have a small doubt in this kindly clear it.
i have role Teacher, and i have total 10 permissions,
so if the teacher role have 7 permissions, then in my nav bar i have 10 items means, for each option i need to write the check condition like below
@role('teacher')
item 1
@role('teacher')
option 2
@role('teacher')
option 3
@role('teacher')
option 4
.
.
.
so on i need to check like this?
and if i need to check more than one role means how it possible?? for each item i need to check every condition like below?
@role('teacher') or @role('admin') or @role('accountant') ... . .. . . so on // like this i need to write many condition
item 1
@role('teacher')
option 2
is my question is right?? or anything wrong?
Level 73
@abdulbazith if you need a check for each item, then your condition will be so very ugly and easy to miss an item.
I would create separate files, for example: views/nav/teacher.blade.php
and in it the navigation that should be used for a teacher and same for other roles.. Then in the main layout file just do this:
@role('teacher')
@include('nav.teacher')
@endrole
Level 5
@nakov thank you for your response.
still having small doubts, so i made it as new thread. please refer that
Kindly refer please
Level 5
@nakov thank you for your response. your answer worked fine kindly possible i have edited my new thread with same permission doubt
Kindly refer please
Please or to participate in this conversation.