skip to Main Content

i have a team, project, user, role, permissions relationship in laravel.

User can have many teams, a team can have many projects and user can have User role, team role and project role. How can i get the user permissions for every project, every team and for user only? Let me show you the tables to explain better.

User table

  • Id
  • name
  • current_project_id
  • current_team_id
  • role_id
  • etc

Teams table

  • id
  • name

Projects table

  • id
  • name
  • description

Roles table

  • id
  • name
  • type(user,project,team)

Permissions table

  • id
  • name

Role_permission table

  • permission_id
  • role_id

project_user table

  • project_id
  • user_id
  • role_id

team_user table

  • team_id
  • user_id
  • role_id

The user only can have 1 role for 1 project, 1 role for 1 team and 1 role for user, it should be admin or user.

I’m trying to get the user project roles like that, also i’ve skipped the teams code, because i think that is very similar to projects code.

class User extends Authenticatable
{
    public function projectRole()
    {
        //I can't find the way to insert project_id like in where, because current_project_id is null in boot
        return $this->belongsToMany(Role::class, 'project_user')->where('project_id', '=', $this->current_project_id)->first();
    }

    public function projectPermissions()
    {
        return $this->projectRole()->permissions;
    }

    public function permissions()
    {
        //I can't find the way to get all team permission, project permissions and user permissions
    }

    public function role() : BelongsTo
    {
        //Only can be User role, Admin or Support
        return $this->belongsTo(Role::class);
    }

    public function userPermissions()
    {
        return $this->role->permissions;
    }
}

class Role extends Model
{
    public function permissions()
    {
        return $this->belongsToMany(Permission::class);
    }
}

I want to use permissions as a gate, to pass to inertia front end, i’m trying something like that

Gate::before(function ($user, $permission) {
            return $user->projectPermissions($user->currentProject)->contains($permission) || $user->teamPermissions($user->currentTeam)->contains($permission) || $user->teamPermissions($user->currentTeam)->contains($permission)
            || $user->userPermissions()->contains($permission);
        });

2

Answers


  1. Have you tried Spatie Permissions Library, it may allow you to create different roles that work with middleware.

    Once installed you can do stuff like this in controllers/models:

    // Adding permissions to a user
    $user->givePermissionTo('edit articles');
    
    // Adding permissions via a role
    $user->assignRole('writer');
    
    $role->givePermissionTo('edit articles');
    

    And in Laravel Gate:

    $user->can('edit articles');
    

    Further to that you can use the Teams Permission feature:
    https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions, that you can extend for Projects or Teams.

    Login or Signup to reply.
  2. according to your explanation, I acted in this way:

    Tables *************

    project_user Table:

    Schema::create('project_user', function (Blueprint $table) {
        $table->unsignedBigInteger('project_id');
        $table->unsignedBigInteger('user_id');
    });
    

    permission_role Table:

    Schema::create('permission_role', function (Blueprint $table) {
        $table->unsignedBigInteger('permission_id');
        $table->unsignedBigInteger('role_id');
    });
    

    role_user Table:

    Schema::create('role_user', function (Blueprint $table) {
        $table->unsignedBigInteger('role_id');
        $table->unsignedBigInteger('user_id');
    });
    

    Models *************

    User model:

    /**
     * Team Relationship
     *
     * @return BelongsToMany
     */
    public function teams(): BelongsToMany
    {
        return $this->belongsToMany(Team::class);
    }
    
    /**
     * Project Relationship
     *
     * @return BelongsToMany
     */
    public function projects(): BelongsToMany
    {
        return $this->belongsToMany(Project::class);
    }
    
    /**
     * Role Relationship
     *
     * @return BelongsToMany
     */
    public function roles(): BelongsToMany
    {
        return $this->belongsToMany(Role::class, 'role_user');
    }
    

    Team model:

    /**
     * User Relationship
     *
     * @return BelongsToMany
     */
    public function users(): BelongsToMany
    {
        return $this->belongsToMany(User::class);
    }
    
    /**
     * Project Relationship
     *
     * @return HasMany
     */
    public function projects(): HasMany
    {
        return $this->hasMany(Project::class);
    }
    

    Project model:

    /**
     * Team Relation
     *
     * @return BelongsTo
     */
    public function team(): BelongsTo
    {
        return $this->belongsTo(Team::class);
    }
    
    /**
     * User Relation
     *
     * @return BelongsToMany
     */
    public function users(): BelongsToMany
    {
        return $this->belongsToMany(User::class);
    }
    

    Role Model:

    /**
     * Permission Relation
     *
     * @return BelongsToMany
     */
    public function permissions(): BelongsToMany
    {
        return $this->belongsToMany(Permission::class, 'permission_role');
    }
    
    /**
     * User Relation
     * 
     * @return BelongsToMany
     */
    public function users(): BelongsToMany
    {
        return $this->belongsToMany(User::class,'role_user');
    }
    

    Permission Model:

    /**
     * Role Relation
     *
     * @return BelongsToMany
     */
    public function roles(): BelongsToMany
    {
        return $this->belongsToMany(Role::class, 'permission_role');
    }
    

    First, we create our desired roles. for example:

    role 1:
    name = Super Admin,
    type = user

    role 2:
    name = Team Supervisor,
    type = team

    role 3:
    name = Project Developer,
    type = project

    4 .
    5 .
    6 And as many roles as you want.

    Now we assign desired roles to our users. These roles are stored in the role_user table.

    Then, based on these roles, you can determine the duties of each user in each project and team.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search