Level 102
You can probably look into how the teams feature of that package works, and expand on that: https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions
Mar 7, 2022
4
Level 2
"Scoped" Roles
I'm interested to know if anyone has some suggestions on how to tackle what I guess would be called "scoped roles".
My app includes Companies. The combination of two Companies is a Team. In Teams there are many Projects.
I want to have variety of roles such as Viewer, Editor, Approver and Admin that apply either at the specific Project level, or broader Team level (ie all Projects for a given Team), or most broadly the Company level (ie all Teams involving that Company).
I plan to use Spatie Permissions, with each role having underlying permissions.
I think the solution may involve adding custom pivot fields to the 'model_has_roles' table, these being project_id, team_id and company_id. For a given pivot entry, one of the three columns would scope the role assigned to the particular User model.
(I know Spatie Permissions has a Teams feature but I don't think this is of use for me. I want the same Roles globally, just that they be scoped to some sub-context.)
But I can't collect my thoughts from there and I suspect there may be a better way and would appreciate any wise words or pointers.
Level 2
@Sinnbeck Yeah thanks, I have done that, but as I alluded to in brackets it probably actually doesn't apply. I have a Team model, but it's not really a Team in the same sense as multitenancy.
Level 102
@rossco555 Yeah I didn't mean to use the functionality directly but rather take the concept and build your own. :) And sorry I actually didnt notice that you mentioned it yourself.
I have looked around on packagist and there does not seem to be anything that can do what you need sadly.
Level 2
@Sinnbeck Again, thank you. I have done this by adding the pivot columns I mentioned (which I think is what the Teams feature adds one of). But I don't really want to have session to save the current project/team/company so I'm still trying to work out how to take frontend state for these and then return the scoped permissions after. That's the hard bit I'm looking for help and suggestions with :)
Please or to participate in this conversation.