Laravel Nova broken when setup on existing Vue-SPA app

Hi @aligajani

Nova should definitely work for your project, it doesn't care if you have a SPA as long as it can access your database and you set up the models correctly.

The first error regarding nova:user is because that command assumes a normal User model, but you can easily make any user a Nova user, that is just a convenience command.

If you look in the NovaServiceProvider the is function called gate()

function gate(){
    Gate::define("viewNova", function($user){
       //Perform some condition here that returns true or false
    }
}

This function determines which users can see and use nova, you can add a check for an existing user or role if you have that implemented.

Returning true from here gives the user the ability to use nova.

Have a look here: https://nova.laravel.com/docs/2.0/installation.html#customizing-nova-s-authentication-guard

@ricus Thanks, I managed to fix the initial issue by turning on web middlewares that I had earlier commented out. Regarding this particular gate, I did put up an email in there but it refresh the pages, doesn't log me in.

It is the same email that is signed up on JWT in the same browser. I noticed that gate takes into effect non-local environments, and I am on a local environment.

This gate determines who can access Nova in non-local environments.

@aligajani which issue do you still have left now?

Locally Nova allows any user to log in, as long as the user can be logged in with the guard defined.

Have a look at the guard key in thenova.php config file. you can make nova use non-default guards, possibly try changing that to the same guard you use on your SPA

@ricus Awesome, setting NOVA_GUARD to web fixed it. I am assuming that Nova brings it own login and reset controllers and doesn't tamper with my existing code in any way , except writing NovaServiceProvider in app.php. Am I right?

@aligajani Correct Nova uses it's own code for login / reset and everything else. All you need to do is change the config file, create some Nova Resources and you are good to go.

@ricus I just realised that I can't edit other people's records. I do have a Policy setup in my own model but I don't think Nova adheres or observes that and probably needs it own model policies. Am I wrong here?

@aligajani Nova uses your existing policies to determine if the logged in user can perform any crud operation on a resource.

If you have existing policies linked to Models, Nova will use them, have a look here https://nova.laravel.com/docs/2.0/resources/authorization.html#policies

@ricus Right, thank you. I just made the below work, however, quite tedious setting it up on a lot of models. I am assuming there isn't any one place where I can put this that gives a super admin full rights. Also, from your experience, what is the best practice to white list a bunch of admins that have same rights i.e. full modification access. I know I can have a column in the database, but I was thinking if having it white list by email using in_array() is a bad idea?

public function before($user, $ability)
{
    if ($user->isSuperAdmin()) {
        return true;
    }
}

@aligajani If you don't already have some before check on your policies for an admin account you will need to go add those. This might also come in useful in your project at a later stage.

Personally for roles and permissions I normally go for Spatie's permission spackage: https://github.com/spatie/laravel-permission

Nice thing of this is that there is also a Laravel Nova package for this over at https://novapackages.com/

Nova package: https://novapackages.com/packages/vyuldashev/nova-permission

After installing the above packages managing your roles and permissions will be a breeze. Your ->isSuperAdmin() calls would then change to something like $user->hasRole("admin"); or something similar.

You could also leverage the permissions package for determining who can use nova based on a permission, for instance $user->can('use-nova'); and use that in your gate.

This permission and giving it to users can be manages from the nova package

Thanks for that packages site. Appreciated. I have more questions about Nova now.

How do I create a record as the designated user while being logged in as an administrator.

In my code I’m using auth()->user() but as an admin I don’t want to assign a record to myself but the designated user I’m creating a record for.