Open in app

Sign in

Write

Sign in

Empower Your Laravel Application with Spatie Role-Based Permissions!

Sauvik Kundu
3 min readMar 13, 2023

--

Empower Your Laravel Application with Spatie Role-Based Permissions!

Laravel is one of the most popular PHP frameworks, known for its simplicity and flexibility. It provides various features to develop complex applications with ease. One such feature is role-based permission management. With role-based permission management, you can easily control access to different parts of your application based on the roles assigned to the user.

One popular package for implementing role-based permission management in Laravel is Spatie Laravel Permission. In this blog, we will take a look at how to use Spatie Laravel Permission with an example.

Installation

To get started with Spatie Laravel Permission, you need to install it using Composer. Open your terminal and navigate to your Laravel application directory. Then run the following command:

composer require spatie/laravel-permission

This will install the Spatie Laravel Permission package and its dependencies.

Configuration

After installing the package, you need to publish its configuration file using the following command:

php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag="config"

This will publish the config/permission.php file, which contains the configuration options for the Spatie Laravel Permission package.

Next, you need to run the migration to create the tables required by the Spatie Laravel Permission package:

php artisan migrate

This will create the roles, permissions, and model_has_permissions tables.

Usage

Once you have installed and configured Spatie Laravel Permission, you can start using it to manage roles and permissions in your Laravel application.

Creating Roles and Permissions

To create a role, you can use the Role model provided by the Spatie Laravel Permission package. Here's an example:

use Spatie\Permission\Models\Role;

$role = Role::create(['name' => 'admin']);

This will create a new role with the name ‘admin’. You can create as many roles as you need in your application.

To create a permission, you can use the Permission model provided by the Spatie Laravel Permission package. Here's an example:

use Spatie\Permission\Models\Permission;

$permission = Permission::create(['name' => 'edit articles']);

This will create a new permission with the name ‘edit articles’. You can create as many permissions as you need in your application.

Assigning Roles and Permissions

Once you have created roles and permissions, you can assign them to users or models in your application.

To assign a role to a user, you can use the assignRole method provided by the Spatie Laravel Permission package. Here's an example:

$user->assignRole('admin');

This will assign the ‘admin’ role to the $user model. You can assign multiple roles to a user by calling the assignRole method multiple times.

To assign a permission to a role, you can use the givePermissionTo method provided by the Spatie Laravel Permission package. Here's an example:

$role->givePermissionTo('edit articles');

This will assign the ‘edit articles’ permission to the ‘admin’ role. You can assign multiple permissions to a role by calling the givePermissionTo method multiple times.

Checking Permissions

Once you have assigned roles and permissions to users and models in your application, you can check if a user has a certain permission before allowing them to perform an action.

To check if a user has a permission, you can use the hasPermissionTo method provided by the Spatie Laravel Permission package. Here's an example:

if ($user->hasPermissionTo('edit articles')) {
    // Allow the user to edit articles
} else {
    // Deny access
}

This will check if the $user model has the 'edit articles' permission. If the user has the permission, the action will be allowed. Otherwise, access will be denied.

Middleware

To make it easier to check permissions in your Laravel application, the Spatie Laravel Permission package provides a middleware called permission. You can use this middleware to check if a user has a certain permission before allowing them to access a route.

To use the permission middleware, you need to add it to the middleware array in your route definition. Here's an example:

Route::get('/articles', function () {
    // Show a list of articles
})->middleware('permission:edit articles');

This will add the permission middleware to the '/articles' route and check if the user has the 'edit articles' permission before allowing them to access the route.

Spatie Laravel Permission is a powerful package for implementing role-based permission management in Laravel applications. With Spatie Laravel Permission, you can easily create roles and permissions, assign them to users and models, and check if a user has a certain permission before allowing them to perform an action.

Sauvik Kundu

Laravel
Spatie
PHP

--

--

Sauvik Kundu
Sauvik Kundu

Written by Sauvik Kundu

36 Followers
12 Following

Experienced in developing scalable, reliable, and fast-performing web applications using PHP, with a focus on Laravel. https://www.linkedin.com/in/sauvik-kundu

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams