I have to create a DB structure (Relational) and then the permissions check for a system where a user can have multiple roles (and inherit permissions from a Role) but over certain instances.
So a user can have a role of
editor over the instance with id 1 but can also have the role of
viewer over the instance with id of 2.
I'm using laravel and the idea at the end would be to have gates/policies
At the moment I did this using the following tables:
- users (id, name, ...)
- roles (id, label, name)
- role_user (id, role_id, user_id)
- permissions (id, label, name)
- permission_role (permission_id, role_id)
- instances (id, name, ...)
- instance_role_user (role_user_id, instance_id, ...)
So I have the relation of User and Role, and the relation of that with the specific Instance is on
instance_role_user table but I'm having troubles getting this relations work in Laravel so I can have a simple way of checking it like this:
$user = User::find(1);
$instance = Instance::find(1);
$canEdit = $user->can('edit')->on($instance);
I tried with packages like Spatie/laravel-permission and Bouncer but couldn't get those to work as I expect.
Any ideas or experience dealing with this using Laravel?