What to do if user should assign permissions but shouldn't edit permissions? #87
Comments
|
You should use your own Policies and restrict the edit/update Also concerning the create permissions you could use the viewAny method on your permission policy and also hide the create role button via the create method on your Permission policy |
|
But how would i hide it from the sidebar? There are users which don't need to see the permissions and roles on the sidebar, as they can't create or edit |
|
Hey @yehudahkay I think that you need to do something like this: (new NovaPermissionTool)->canSee(function ($request) {
if (auth()->user()->hasRole('admin')) {
return true;
}
}), |
|
The problem is that is there non admin user who should be able to give a user permissions, he won't be able to with that code. If on the other hand he can give permissions, he can also view the permissions menu. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi and thank you for the package!
I would like certain users to assign permissions to users but not edit or create the actual permissions. If I don't include the tool on novaserviceprovider.php than I get a 404 error when clicking to view a user.
The text was updated successfully, but these errors were encountered: