Improve readme description of how defaults work with multiple guards

mostafamaklad · Nov 15, 2018 · 0d5aae7 · 0d5aae7
1 parent 9455395
commit 0d5aae7
Showing 1 changed file with 3 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -540,25 +540,16 @@ However when using multiple guards they will act like namespaces for your permis
 
 ### Using permissions and roles with multiple guards
 
-By default the default guard (`config('auth.defaults.guard')`) will be used as the guard for new permissions and roles. When creating permissions and roles for specific guards you'll have to specify their `guard_name` on the model:
+When creating new permissions and roles, if no guard is specified, then the **first** defined guard in `auth.guards` config array will be used. When creating permissions and roles for specific guards you'll have to specify their `guard_name` on the model:
 
 ```php
 // Create a superadmin role for the admin users
-$role = Role::create(['guard_name' => 'admin', 'name' => 'superadmin']);
 
-// Define a `publish articles` permission for the admin users belonging to the admin guard
-$permission = Permission::create(['guard_name' => 'admin', 'name' => 'publish articles']);
-
-// Define a *different* `publish articles` permission for the regular users belonging to the web guard
-$permission = Permission::create(['guard_name' => 'web', 'name' => 'publish articles']);
-```
-
-To check if a user has permission for a specific guard:
-
-```php
 $user->hasPermissionTo('publish articles', 'admin');
 ```
 
+> **Note**: When determining whether a role/permission is valid on a given model, it chooses the guard in this order: first the `$guard_name` property of the model; then the guard in the config (through a provider); then the first-defined guard in the `auth.guards` config array; then the `auth.defaults.guard` config.
+
 ### Assigning permissions and roles to guard users
 
 You can use the same methods to assign permissions and roles to users as described above in [using permissions via roles](#using-permissions-via-roles). Just make sure the `guard_name` on the permission or role matches the guard of the user, otherwise a `GuardDoesNotMatch` exception will be thrown.