Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
When I use Roles and Permission database tables, what is the use of it? Why can't I just manage everything based on just Roles? Is it a good practice to have roles and permissions in large applications?
Hi shivafeb17,
As with any design decision, it completely comes down to what suits you and your application. Using permissions would give you granular control over what a user can do. If you want different roles to be able to perform the same task you can assign the same permission to each role and check for the permission instead of checking for multiple roles.
Again it depends on what level of control you need within your application.
Neil
@neilherbertuk . I had the same thought about roles and permissions. But, I was not sure. Now the doubt is clear. Thanks.
I suppose a permission would help with single responsibility. If you add a new feature, all you would have to do is add a new permission for that feature or task, rather than having to maintain a list of roles that need access to it.
What happens when you add a new role and need to give it access to certain features? You'll need to go through each method, modifying what roles are allowed.
Using permissions would mean you don't have to modify your code each time you want to make a role change as above. You just add the permission relationship to the role.
Please or to participate in this conversation.