Spatie Laravel Permission: Example Project Review
Vložit
- čas přidán 24. 07. 2024
- Today I'm reviewing a popular package Laravel Permission by Spatie, based on its usage in another open-source project called Mealing.
Package link: github.com/spatie/laravel-per...
Mealing project source: github.com/JustinByrne/Mealing
Related resources:
- Laravel Roles and Permissions: All CORE Things You Need To Know • Laravel Roles and Perm...
- Two Best Laravel Packages to Manage Roles/Permissions laravel-news.com/two-best-rol...
- - - - -
Support the channel by checking out our products:
- Try our Laravel QuickAdminPanel: bit.ly/quickadminpanel
- Enroll in my Laravel courses: laraveldaily.teachable.com
- Purchase my Livewire Kit: livewirekit.com
- Subscribe to my weekly newsletter: bit.ly/laravel-newsletter - Jak na to + styl
In fact, the "hack" to grant permissions to "Super Admin" is advised and explained in the docs of Spatie Laravel Permission
I love this package. I've used it in 4 different production projects.
yes, me too,. i've use it in 2 large project. that is the best packages of Spatie. They has many useful packages
What is the difference by Spatie & authentication by Laravel ui please,
Thank you! We love your videos and thoughs!
Whats the differencia of using middlewares in the controller rather than Gates like in the video ? I mean, the first protects de routes, and the other only provides if the user has authorization, right ?
Очень полезно и жизненно! Спасибо)
so touching for an excellent video
im getting the "there is no permission named ....." has anyone else come across this when trying to seed?
why cann't find seeder files ??
$this->authorize() didnt work when we use api
what about multiple model
thanks, what if changed table name from user to admin, how can work with this packag
The package allow you to rename the tables. Just publish the config and change it.
I love you man, thanks a lot.
Thanks a lot Povilas.
I have a problem with spatie permission in resource routes, I can't define each route with specific permission do you please have any idea how to set the permission for resource routes in web.php
NB : i know i can Defined them in controller constructor but i'm preferring to find a way in web.php
Thank you in advance
I haven't set permissions in route resource myself. So no advice, sorry.
Have you solved the problem? I'm thinking of using the package and concerned about resource routes too. But isn't it a good idea to use check roles in web.php and check the specific permissions in the method of that resource controller. Let's say we have 'user', 'author' and 'admin' roles. Authors and admins can see the posts in the admin panel but only admins can delete. I think we limit that with 'author' and 'admin' in the web.php so users can't get in the admin/posts page. And then we check the permission of 'post_edit' in the edit and create methods. It's just a quick idea. Please leave your comments about that.
@@sahin8649 Hello, exactly this is what i did to solve it. I checked the permission in method of that controller.
Could you maybe make a video about the new Teams permission feature in the spatie-permission package?
New feature? Can you give me a link to some info about the release of it?
@@LaravelDaily pls do it :c
I would like to ask how it exactly works: How is the role connected with user table ? In example: I have already existing table users with all users, do I have to create any column which has to be connected with table "roles" from the spatie package, or its somehow directly connected with roles table just thanks to that trait line code in model ?
Yes it's directly connected to that trait. For more details, read the docs of the package.
@@LaravelDaily oh thank you for fast answer, I am glad that I dont have to create anything new in my already existing database and I just have to use that Trait line in my model there :)
Thank you teacher 🙂🙌🏻
Thanks a lot Povilas!!!
Do you plan or recording about FILAMENT ADMIN???
Yes I have one project in review queue which uses Filament, but for now I'm not sure whether my review would be useful. We'll see
@@LaravelDaily this is awesome!!!
Nice tutorial, very clear and understandable. Что думаете на счет того, чтобы вынести все эти строки в константы и использовать уже их а не писать везде строки?
Можно и в константы. Строки по сути не супер длинные и их ассортимент не большой, можно и так печатать. Но в IDE с константами будет легче работать - меньше шансов опечататься.
Great, I have integrated Jetstream with spatie, all right but only one problem with roles of spatie not working when show the profile page of Jetstream livewire. I have created two roles: Admin and User, and I have created too Roleseeder with permission and roles for all page and profile, but profile page not working with spatie and "User" role show error 404,what's going on? Do you have one idea?
Thanks
Can't answer in a short CZcams comment, without debugging with your full project code
@@LaravelDaily
I have already solved the problem, it was specifically generating jetstream in the following route, you can change the url:
your-project\vendor\laravel\jetstream
outes\livewire.php
What database client you are using sir?
Table Plus
Why permissions and roles cache not working? after get user with permission or roles, always query from db. I need caching this
Not sure if caching is a good choice here, because what if roles/permissions have changed since last request of the user? I prefer to get the permissions in live mode, and I'm ok with a few quick DB queries for it.
@@LaravelDaily some issue here github.com/spatie/laravel-permission/issues/1674 . You can help?
@@LaravelDaily Good point I think Spatie doesn't cache all things (3 Queries get to run on each page), but for the rest, Spatie permission package automatically refreshes the cached data if you change any permission.
Reference: github.com/spatie/laravel-permission/blob/master/src/Traits/RefreshesPermissionCache.php
Thanks a lot to introduce these packages
How can we send our projects yo review?
Yes but I have a queue now so realistically I can take new projects for review in September.
I went through the docs but I have a question
Let's say we have ability to create schools
And we can add admin to that school
Now how do you check if an admin is trying to change something that belongs to another school
I'll probably make a function like
Public static function($school_id){
return auth()->user()->school === $school_id;
}
Is there any way to achieve this
The Spatie package also contains Teams as well as Roles, so a User can belong to a Team. So, create a Team for the school and assign users to that Team/School.
@@rosselliot8971 too late 🤣🤣
Hi, can you also make a video for laratrust?
There's Laratrust and Bouncer, which work in a very similar way. Not sure if my video would add something useful more than this video about Spatie permission as example, and more than official docs of those packages.
hello sir thanks for this video i want to add tdd in my project with spatie but when i want to add code and test i get this error
Class "Spatie\Permission\PermissionRegistrar" not found
did you have any solution or video for this problem .
how i gave role to my user in tdd.
nice viedoe thank you
Thanks
omg i love you all my proplem solved by you
thanks you
The fk. I wish I heard about this package a few months ago. It would've saved my ass from hrs. of debugging.
💖💖
Thanks , clearly explained
Really helpful. Thanks :)
great
Teams is so dang confusing for me :(
any idea how to make this code cleaner?
public function query(Order $model)
{
return $model->newQuery()
->where('client_id', $this->client->id)
->with(['details:id,order_id,product_id', 'details.product:id,main_image_id', 'details.product.image']);
$visibleStatuses = []; // statuses are: completed, pending, accepted, canceled
foreach (OrderStatus::asArray() as $value) {
if (Auth::user()->can('view ' . strtolower($value) . ' orders')) {
array_push($visibleStatuses, $value);
}
}
$query->whereIn('status', $visibleStatuses);
return $query;
}