The permission system leverages Laravel Gate. It allows you to create roles and then assign those roles to users. You can also assign permissions directly to users via the database.
To view roles, simply log into the admin panel and then go to the Roles page. From here, you can create and manage all of your roles. You can assign permissions to each role as well. It should be noted that LAP comes with a default Admin role, which always has all permissions. This Admin role can not be deleted, and will always have all permissions regardless of how many new ones you add in the database.
To assign roles to your users, simply go to the Users page in the admin panel. When creating/updating users from here, you will easily be able to assign any roles you want to any users you want.
Permissions must be inserted directly into the database via the Permission model. Permissions should contain a group name so that they can be grouped together in the UI.
There is also a helper method in the Permission model in order to quickly create a permission group:
app(config('lap.models.permission'))->createGroup('Users', ['Create Users', 'Read Users', 'Update Users', 'Delete Users']);When using the CRUD generator, this is automatically done for you when migrations are run.
Since the permissions system leverages Gate, we can use it in order to check if a user has a particular permission.
Via middleware:
$this->middleware('can:Create Users')->only(['createForm', 'create']);Via blade templates:
@can('Create Users')
<a href="{{ route('admin.users.create') }}" class="btn btn-primary mt-2 mt-md-0">Create User</a>
@endcanVia code:
if (Gate::allows('Create Users')) {
// allow them to create users
}