I'm working on my first production Laravel project; and just have some questions about using the Spatie permissions package if anyone is kind enough to share their approaches.
Where is the best place to set defaults? I've read on the docs that a DB seeder is recommended, so I'm assuming that I would have to run the artisan command to seed these as part of the deployment process?
Secondly; say for example I have already deployed my initial application with some roles and permissions defined; the client then asks me for more roles/permissions. What is the best workflow here? Should I edit the original seeder file or create a new one? Not sure of the implications of then running the original DB seeder with data that is already holding Users' roles and permissions in the database.
For setting defaults, a DB seeder is a good approach. You can create a seeder file and run the php artisan db:seed command to seed the database with default roles and permissions.
For adding new roles and permissions after the initial deployment, it's recommended to create a new seeder file instead of editing the original one. This way, you can keep track of changes and easily roll back if needed.
To avoid conflicts with existing data, you can use the truncate method in your seeder file to clear the permissions and roles table before seeding it with new data.
Here's an example of a seeder file that clears the permissions and roles table and seeds it with new data:
use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class PermissionsTableSeeder extends Seeder
{
public function run()
{
// Clear existing data
Permission::truncate();
Role::truncate();
// Seed new data
$adminRole = Role::create(['name' => 'admin']);
$userRole = Role::create(['name' => 'user']);
$createPostPermission = Permission::create(['name' => 'create post']);
$editPostPermission = Permission::create(['name' => 'edit post']);
$adminRole->givePermissionTo($createPostPermission, $editPostPermission);
$userRole->givePermissionTo($createPostPermission);
}
}
Further more to the reply from Lary above; if I add a new seeder file which truncates the permissions and then adds all the original ones plus the new ones; does anything else have to be done with roles applied to Users? Is that data never touched with the truncating above?
@jonnyhocks I've gone over this a few times on different projects
A good one was an artisan command that can be run at any time and just ensures all the roles and permissions are in place. You can test if the permission/role exists and if not create it, or remove a permission if it does not exist in the current list.
The command should be idempotent meaning it can be run at any time and won't break anything.
The other approach is to create a migration, remove the Schema:: section and add the new roles and permissions
The migration approach means that it can be run once and once only.
IMO Migrations are better as they are applied automatically in tests, wheras the artisan command needs to be explicitly added in tests.
