Laravel Spatie Permission package to manage roles and permissions in your Laravel application

This package allows you to manage user permissions and roles in a database.

Step 1: Install the Package

Run the composer command to install the Spatie permission package:

composer require spatie/laravel-permission

After installing, publish the config and migration files:

php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"

You will see:

config/permission.php → Configuration file

Migration files for tables:

roles
permissions
model_has_roles
model_has_permissions
role_has_permissions

Step 2: Run Migrations

Run the migrations to create tables:

php artisan migrate

Now your database will have the required tables for roles and permissions.

Step 3: Add the Trait to User Model

Open your User model and add the HasRoles trait:

use Spatie\Permission\Traits\HasRoles;

class User extends Authenticatable
{
use HasRoles;

// other model code
}

This allows the user model to be assigned roles and permissions.

Step 4: Create Roles and Permissions

You can create roles and permissions either via tinker, controller, or seeder.

Using Tinker

php artisan tinker

use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;// Create roles
$adminRole = Role::create(['name' => 'admin']);
$userRole = Role::create(['name' => 'user']);

// Create permissions
$createPost = Permission::create(['name' => 'create post']);
$editPost = Permission::create(['name' => 'edit post']);
$deletePost = Permission::create(['name' => 'delete post']);

Step 5: Assign Permissions to Roles

$adminRole->givePermissionTo($createPost);
$adminRole->givePermissionTo($editPost);
$adminRole->givePermissionTo($deletePost);// Or assign multiple permissions at once
$adminRole->syncPermissions([$createPost, $editPost, $deletePost]);

Step 6: Assign Role to a User

$user = User::find(1);

// Assign a single role
$user->assignRole('admin');

// Assign multiple roles
$user->assignRole('admin', 'user');

Step 7: Assign Permissions Directly to a User (Optional)

$user->givePermissionTo('create post'); // Check if user has a permission $user->hasPermissionTo('create post'); // returns true or false

Step 8: Check Roles and Permissions

You can check roles and permissions in controllers, middleware, or blade files.

In Controller

if ($user->hasRole('admin')) {
// Admin logic
}if ($user->can('edit post')) {
// User can edit post
}

In Blade

@role('admin')
<p>This content is for admin only.</p>
@endrole@can('edit post')
<button>Edit Post</button>
@endcan

Step 9: Protect Routes with Middleware

Spatie provides route middleware:

Open app/Http/Kernel.php and check:

'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class,
'permission' => \Spatie\Permission\Middlewares\PermissionMiddleware::class,
'role_or_permission' => \Spatie\Permission\Middlewares\RoleOrPermissionMiddleware::class,

Use in routes:

Route::group(['middleware' => ['role:admin']], function () {
Route::get('/admin/dashboard', [AdminController::class, 'dashboard']);
});Route::group(['middleware' => ['permission:edit post']], function () {
Route::get('/posts/edit', [PostController::class, 'edit']);
});

Step 10: Using Seeder for Roles & Permissions

Create a seeder:

php artisan make:seeder RolePermissionSeeder

Inside database/seeders/RolePermissionSeeder.php:

use Illuminate\Database\Seeder;
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;class RolePermissionSeeder extends Seeder
{
public function run()
{
// Permissions
$permissions = ['create post', 'edit post', 'delete post'];
foreach ($permissions as $permission) {
Permission::create(['name' => $permission]);
}

// Roles
$adminRole = Role::create(['name' => 'admin']);
$userRole = Role::create(['name' => 'user']);

// Assign all permissions to admin
$adminRole->syncPermissions($permissions);
}
}

Run seeder:

php artisan db:seed --class=RolePermissionSeeder

Summary

Roles → Group of permissions (admin, user, editor)
Permissions → Specific actions (create post, edit post)
Users → Can be assigned roles and/or direct permissions
Middleware → Protect routes by roles or permissions
Blade Directives → Easily show/hide content

Categorized in:

Laravel,

Laravel Spatie Permission package to manage roles and permissions in your Laravel application

Step 1: Install the Package

Step 2: Run Migrations

Step 3: Add the Trait to User Model

Step 4: Create Roles and Permissions

Using Tinker

Step 5: Assign Permissions to Roles

Step 6: Assign Role to a User

Step 7: Assign Permissions Directly to a User (Optional)

Step 8: Check Roles and Permissions

In Controller

In Blade

Step 9: Protect Routes with Middleware

Step 10: Using Seeder for Roles & Permissions

Summary

Understand Laravel Eager Loading Concept step by step

Export and Import data using Laravel Excel (Maatwebsite Excel package) with examples

Leave a Reply Cancel reply

Press ESC to close

Step 1: Install the Package

Step 2: Run Migrations

Step 3: Add the Trait to User Model

Step 4: Create Roles and Permissions

Using Tinker

Step 5: Assign Permissions to Roles

Step 6: Assign Role to a User

Step 7: Assign Permissions Directly to a User (Optional)

Step 8: Check Roles and Permissions

In Controller

In Blade

Step 9: Protect Routes with Middleware

Step 10: Using Seeder for Roles & Permissions

Summary

Understand Laravel Eager Loading Concept step by step

Export and Import data using Laravel Excel (Maatwebsite Excel package) with examples

More in this CategoryLaravel

Leave a Reply Cancel reply