Level 88
Yeah, you can do this. Inside your policies, you have access to the current logged in user. From there you can perform any query you want to check against the right data.
Jul 12, 2020
1
Level 1
Grouped policies - multiple models
Hello,
I have an question about policies. In my application, I have teachers and students. Students and teachers are stored in / are using Users table. To define teachers and students, I'm using pivot table "teachers_students" with teacher_id and student_id
I have also some relationship table like "student_docs", "students_notes", etc.
I want to give access to these table for teachers who own this student. So, my questions are:
I need to create policies for each table, students_docs etc? I want to give access to student and all his relations table for teacher but I don't really know how to do it.
I want to something like:
- Teacher wants to edit docs of his student
- Laravel check user_id of edited doc
- Second check in pivot if user_id match to teacher id
Please or to participate in this conversation.