You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
spatie/laravel-permission doesn't store details about individual records. It provides authorization infrastructure at the model level.
To control at the record level in a given model you can do that inside your app. Possible ways in your app include making your model have flags for things like a record-type or a record-status, and then set a Policy which enforces authorization based on that flag (possibly in conjunction with a Permission). Or if you're trying to control author-only access to a Post or something, then track the author_id and use a Policy to ensure that only author_id which matches auth()->id() can do certain actions.
A recent Medium article covers some of these concepts if you're looking for more reading on the topic: https://m.serversideup.net/laravel-gates-and-policies-in-an-api-driven-spa-dbe172d13518 There are lots more articles on Authorization concepts on Medium as well.
hi,
it's possible to give a user an edit permsion to one post/something?
is this possible with "spatie/laravel-permission", i dont see examples for this there?
best regards,
daniel
The text was updated successfully, but these errors were encountered: