Access to the admin panel by roles if they are dynamic?

K

Konstantin B.2018-12-20 19:49:59

Laravel

Konstantin B., 2018-12-20 19:49:59

The site uses an extension to work with roles and privileges httpoz/roles
Now everything is simple, there is a role or privileges, you can enter the admin panel, but now there will be improvements and it turns out that not all roles can enter the site, and plus they can also be created from control panel, so it’s not entirely clear how it’s more correct for all roles to make it possible to log in
. The package itself doesn’t play much difference and you can change

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry, 2018-12-27
@dlnsk

I looked at the module you cited httpoz/rolesand I consider it not only useless, but also harmful. When you work with roles, it is categorically impossible to check the presence of a role in the program text. Only permissions for specific actions can be checked, and the role must contain all available permissions. Otherwise, you will hang yourself as soon as the manager needs to be forbidden to do something.
I can recommend my article Laravel 5. Hierarchical RBAC for the smallest ones and the h-rbac module it talks about.
I want to make a reservation right away that in this version of the module all roles and permissions are defined statically as an array (which is convenient and sufficient for 90% of projects), but (quote):
So, if you want, you can write a provider that will store the roles in the database and work with them dynamically.