Roles

Usage

Here you can create different roles. The admin role can not be deleted. You can disable the access to parts of your app for users with given roles.

Say you have a method in your controller, that should only be accessed by admins and teachers:

auth()->user()->authorizeRoles(['admin', 'teacher']);

If the signed in user does not have any of those roles a 401 (unauthorized action) error will be returned. You can also put this in a Middleware if you want to only grant access to users with certain roles to multiple routes/pages. What if a route should be accessed by any user, but you need to display different content to different roles? Easy. Just do this in your template:

<!-- Check if user is signed in -->
@if(auth()->user())
<!-- Check for one of these roles: teacher, admin -->
@if(auth()->user()->hasAnyRole(['teacher', 'admin']) == true)
<p>This will be viewed by all admins and/or teachers!</p>
@else
<p>Anybody else will see this.</p>
@endif
<!-- Check for admin role -->
@if(auth()->user()->hasRole('admin') == true)
<p>This will be viewed by admins only.</p>
@endif
@else
<p>You need to sign in to view this section.</p>
@endif