Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

jlanzas's avatar

Permissions optimization in blade

I'm currently working on a system which uses Roles & Permissions to control its security. I have implemented Bouncer successfully. However, there are times where an user will have access to only one "report" inside the reports submodule of a bigger module. Instead of creating a role with a single permission I have added that permission directly onto the user. And everything works ok. No problem there.

Here is my question. Lets say I have a module call Purchases. Inside Purchases I have Products, Orders, Suppliers, Reports, etc. In my blade I have the following syntax:

@if( $user->isAn('role1', 'role2', 'etc'))
<h1>Purchases</h1>
<ul>
    @can('view-orders')
    <li>
        Icon - Orders
    </li>
    @endcan

    @can('view-suppliers')
    <li>
        Icon - Suppliers
    </li>
    @endcan

    @can('view-reports')
    <li>
        Icon - Reports
        <ul>
            <li>Report 1</li>
            <li>Report 2</li>
            <li>Report 3</li>
        </ul>
    </li>
    @endcan
</ul
@endif

The problem now is that my user may only have access to reports directly without needing to be assign to a role. Looking for roles assigned to an user is no longer the best approach.

I found a solution but its to search every single permission at the begging just to paint the main module and the search the submodule individually.

Any ideas will be greatly appreciated and I hope I have explain myself.

0 likes
1 reply
BezhanSalleh's avatar

You need to separate the logic for your modules or submodules that are accessible only by permission. Suppose in your example if you want your users to be able to view reports no matter what their roles are, given you want them to be able to view the reports based on the permission alone; you would need to implement the logic as follow:

<h1>Purchases</h1>
    <ul>
    //first checks the role and then the permission if has it allow if not you know
    @if( $user->isAn('role1', 'role2', 'etc'))

            @can('view-orders')
            <li>
                Icon - Orders
            </li>
        @endcan

            @can('view-suppliers')
            <li>
                Icon - Suppliers
            </li>
            @endcan
    @endif
    //here only checks the permission if has the permission allows it.
    @can('view-reports')
    <li>
        Icon - Reports
        <ul>
            <li>Report 1</li>
            <li>Report 2</li>
            <li>Report 3</li>
        </ul>
    </li>
    @endcan
</ul>

cheers mate!

Please or to participate in this conversation.