Restricting data access based on user role in laravel
Question
I've the following scenario: I've employee role, which can add and edit only thier own data. Also there is manager role which can view the data of all employees. The data is stored in database. Where should I put the validation in this case.
1 answers
solution1
0 ACCPTED 2018-06-25 07:12:04
You can use gates to check if a user has rights to do certain actions. Based on these you can fetch the data that is allowed for this user.
You can create a gate like so:
Gate::define('access-all-records', function ($user) {
return $user->isManager; // Or any other way to find this out
});
And fetch data like this:
if (Gate::allows('access-all-records'))
{
// Fetch all records
}
else
{
// Fetch data for this user
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Role Based access to routes in laravel
Laravel 5 role based access control
Restricting ticket access to user
Laravel voyager policy based on user role
Login in laravel based on role and status of a user
laravel 8 - Return array based user role
Laravel 5 scope for selecting rows based on user role
Laravel handle user redirection in trait based on role
Laravel user role access content in view
create specific upload folder based on user role and limit access to other folder in laravel elfinder
Related Tags