Complete Spatie user Roles & permission management tutorial from scratch step by step in laravel 10

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome back so guys in this video we are going to learn about spacy roles and permission in laravel okay so guys we are going to use a spacy package for this so now guys let's get started so first step let's go to our spacy documentation for the laral permissions so now guys let us install this package in our laral application so for that let's install here installing in laravel so just click on it and you reach there so guys this a installation command here let's copy that and open in a new terminal let me Zoom it and yep right click on the mouse and paste it hit enter so now guys let's wait until it gets installed so guys our package is completely installed and now let us minimize this and let's get back to our documentation so here we have done with the installation and now now guys this is optional part you can add this or not okay so let us just add it manually so let's go inside the config app.php inside that app dot we need to move to Providers and paste this class so let's copy this and get back go to your config app.php and move at your providers and add that so we add here that's it save it and now close it get back to your documentation and you should publish the migration and your permission so for that let's copy this and paste done hit enter okay so our files are published here as you see in our config folder we have permission. PHP file now and now guys we need to set up the here has R inside the user model so let's copy this has roll and get back to our app models user.php so in this user.php we have to add that has roles okay and please import the class so here we don't have let me directly import it which will be provided by the PHP intellisense okay so here is our imported class and now guys let's migrate this into our database all the permissions which have we got so you'll be finding one file a migration file here which you see let me just show you inside our database so go to your database migration where is create permission table okay so this is our table guys we are going to migrate this now PHP Artis migrate hit enter so migration is created and now let us see few tables have been come over here so right now you see like we don't have any permission related tables if you refresh you'll get four to six tables okay so you see this is permissions rule rule has permission and model has permissions and model has Ro we'll get back to our editor so now guys let us begin with creating the uh complete crowd operation for roles and permission so guys first we'll be creating with the permissions C operation so let me close everything and let's begin with new terminal here and just create a controller named permission controller so PHP Artis make colon controller permission controller now hit enter so our controller is cre created guys and now you can access that inside app HTTP controller and here you find your permission controller so first step guys let's create a function public function and the function name index open and close CBR so same way you have to create other five functions about create edit update delete so let me just create it like create and then with the edit and then again for update update and then destroy okay destroy that's it and now guys let's go to our web routes so routes web.php and move at the top let's create a resource route route colon colon resource inside that you paste that permissions and then you call your controller so let me just call my controller Here app HTTP controller back slash then permission controller colon colon class okay so we are not going to Target at one function so what we have to do we have to just remove this array and directly paste it okay so if you are using a resource so no array will come and now guys our controller is connected with the route and now let's return View and display the permission page so inside one rules and permission folder I'll keep the permission folder and index blade file so let's copy this and create the path accordingly go to Resource views create a folder name roles permission roll permission so here we are and now let's create one more folder named permission so we have permission and inside this you create a index blade file index. blade. PHP hit enter okay let's again create one more file named create blade and edit blade so create blade. PHP and copy and paste and mention edit blade. PHP so we have total three files now let's get back to the index blade and let's extend our layouts guys so if you don't know how to extend a layout please watch out the video link given in the description how to create a layout using your blade component or a normal component okay X app hyphen web hyph layout so this is my extended layout and now guys you can directly begin with the design so I will start with the container row column md12 and inser this a card card header and a card body so inside this card header I will add a H4 tag like permissions and a tag like add permission okay so let's design this as a button primary flow to end so you can create a URL here URL function and inside that please mention your route so what is the route we are creating here permissions let's get back to our index permission forward slash create okay so now let's get back and see the output for this let's move and see the permissions URL perfect so we have got this UI guys and I just wanted to give some space from Top margin top five refresh cool so now if you click here permission create it just goes to the permission create and reaches to that create method okay now you can copy this again view paste it and here change the path to create blade. PHP okay so we go to that create blade and now guys you can just copy the same whatever you have done in the index blade file let me close this terminal copy and paste inside your create blade file and create permission and this will be our back button now make it to danger and make it as B back and this will be your permission form okay so let's design this form guys in a very quick way so form action method post and the form URL and use a URL and use the same route permission and now begin with the form design margin bottom three label for the permission name and an input tag with the name attribute name and design the input box using bootstop form control class and a simple submit button so margin bottom three button save and design this button button hyphen primary and this button type will be submit so once submit button is clicked it goes with the form action method Pro post and in larel you required a csrf token so once submits it goes to the URL web.php so we have used a resource route so yep it goes directly to the store function so once you submit on this form URL okay so form action add this URL using post method if you submit it goes to the store function so let us create a store function here now so public function and the function name is tore and now guys once the form is submitted you are getting a request so r q EST request dollar request First Step let's do the validation request of validate function inside array use the name attribute name of mentioned in the array bracket so we can be more clear it is a string and it's also unique U and I qu e which is going to be in the permissions table okay so let me copy the table name here so we have a permission table let's copy this and paste it give name okay and then guys once validation is done you can use the permission colon colon create method to create the data so if you don't know how to use this you can just follow this documentation let me just show you in the top like basic usage so here you use like here you create the rule permission so I'm using this format now to import this class you have a class Also let's copy this class and import at the top so paste here okay so name column and dollar request of name once permission is created you can return redirect to which page to the permission page so I want to get back to this page okay so this URL permissions and on that you can add a message status and mention the status permission created successfully so now guys let us copy this status and display in our index blade file before the card is a if condition session of status and use alert alert of success open and close CRA session of status so you can give a margin top three for this okay so let's get back to our controller and now guys let us test this whether it stores or not so first let's begin here with the permission create so now guys let's create the permission so permission is basically nothing but about setting Your Role like he can create a role edit a role update a ro delete a role and so on it goes with the other modules also so guys let's tell create role and save so here you see permission created successfully and let me see in our table so we get here cool okay so let's get back and create more permissions like uh he can create and he can view roll let's get back update rooll and delete Ro let's save and we have four records perfect so now guys let us display this permissions inside this permission table so let's get back and here we have on this index function we are going to a index blade file let me just show you so here we are and now let me just design a simple table using bootstrap classes so table and and then and now user table head table row table heading th that is ID name and one action button for edit and delete and then guys table body table row and your data here table data so now let me just show you refresh okay so we have created the table and let's get this datas so it's a very simple way let's get back to our controller and inside this index function just create a variable called permissions equal to and your permission model so permission Kon get function so it will get all the permission record and this permission is a spacy model class okay and now let's copy this variable and pass inside a compact function or just pass using a array it depends on on you how you want to access okay so now we can copy this permission and user for each Loop paste your permission of permission and you can Echo those datas here of ID copy and paste then name and last Ed for the edit and delete button let me just arrange this for each Loop correctly and here a tag which is going to be edit and this is will be a delete let's use a button success for edit and create a route URL which is going to be inside web.php we are using a resource route so resource route follows one structure so I will just just show you here directly permission forward slash and then concatenate and again give forward slash and edit okay and in between you have to mention the ID so this is my ID just copy that paste here done and now you can get back refresh so we have got all these rules list and you get a edit button so let's click on this edit here you are on this URL and which is exactly targeting to your edit function in your permission controller so let me just return and show you like yes yes I am addit so if you refresh now you'll see that yes I'm edit now okay so guys let's remove this and view the file so use a view function to view that page blade file so instead of create let's use edit file what we have created already let me just show you so here we have a edit blade file okay so inside this edit blade file we are going to just copy the same file of create blade. PHP of permission okay so let's copy this and paste here and now you'll be able to see that same form has come on the edit page okay so this is my edit permission let's get back and just change the headings and few more things okay so this is my edit and now you're are going to update the record so if you're using a resource route you have a specific route to update also so just add this permission forward slash and conatin it with the ID which is going to be permission of ID okay so from where are you getting this permission variable so we have to pass that from our edit okay so here we will mention like um in the URL you see that we are passing the dynamic ID here so with this help of dynamic ID we are able to add access in the edit function okay so use a model that is permission dollar permission okay and now let me return and show you what exactly we want so refresh so here you get that edited rooll data you are accessing let's get back and let me just show you on this update Ro so here you get update Ro data okay on this edit so guys we have the ID we have the name so all this variable only we are going to just pass in the blade file as simple now guys just create an array or a compact function and pass the permission variable done let me just remove that and now guys you are able to access this variable inside your edit blade. PHP now you can use a value and paste the variable dollar permission of name so we got the name also and change the button name to update so once you click goes to the action with the method post and Route will be submitted using a put method okay so use a at method which will be P put in a capital letter okay done and now guys if you get back refresh so here you have your data okay edit so once you click on this update it goes to the web route that is your resource route and goes to the product controller at your update function so on this update function you're getting a request like input requests so you can handle that by your request and also you are getting a permissions data like your sending the ID okay so let me just show you onor edit blade you are sending the ID also while form submit so by default it automatically understands that we are sending a complete permission record in a single object okay so you can get that permission okay so you have your permission data and also the input request so first we are going to do the form validation let me just copy this and paste here and we need to check whether is it the same record or not so for that you can use dollar permission of ID here okay so it will just ignore that if it's same record and now you can use the same data to update so here use update method and use this directly variable instead of your model okay and remove this colon colon and then it redirects back you to the same permissions URL and here mention the message as updated successfully done and now guys let us test this whether update is happening or not so refresh so here we have a permission name that is update let me update as edit Ro okay so let's click on update here and here you see that update is changed to edit R okay so we have done with the update also and now guys finally we are going to work with delete option so let's get back to our editor and yep let's go on the index plate and here is our delete so guys there are many ways to do uh this delete function like you can create a form tag and just delete or you can use this URL method also but you have to just change some logic in the web.php okay so let me just design this button first using danger and use MX2 and set up the URL so I will create a same URL as here we have in the edit let me paste it and instead of edit let's make it to delete and now guys you need to go back to your web.php and copy this paste here again and just make it to get method and here you need to change the route so as you follow here you have to mention okay and instead of permission ID here mention that I'm getting Dynamic ID Dynamic permission ID okay in the curly brace and now guys we are targeting to a single function so you have to mention that in a class and give comma and tell that function name so we are targeting to a destroy function done so now guys we are getting a permission ID with the URL let's copy that and go to your destroy function and tell that we are getting a permission ID and you have to find this permission ID so now use a permission model colon colon find function and just find that permission ID and from that find that permission ID you can delete this permission record permission equal to and just use delete so you will find that and just delete that and once deleted you can redirect back to the same page on the permission and mention here deleted successfully now guys let us test it refresh okay so let me add a dummy rooll like yeah dummy rooll enter to save okay we have a new record here let's click onto delete let's click here delete so it's deleted and permission deleted successfully perfect guys so guys we have seen a complete crowd operation for our permission so now guys let's begin with the rules so we can manage our uh user management system for rules and permission so yep let's move back and let's close everything and let's be clear with the creating our controller again and now guys just change this controller to roll controller hit enter so your controller created let's move here we find our controller okay so guys to save the time I'm just going to copy the same uh permission controller code okay so let's completely copy this and we'll be modifying it according to our role requirement so let's paste it okay and yep let's go back to our documentation and here we have how we create a role so let me copy this import class of the role first we have pasted the role and now wherever you have permission just replace it everywhere okay so I'll just select here and just do control DD D and paste as a role and now let's change this variable also controll D roles index is done let's move below at the store so here we are doing the same validation role create on the same column so no changes and then with the here mention role and roll let's change this variable also here and here roll and guys again this in the update rle and make it to roll so just change it and here it will be a rules table in the validation and also guys in the top store function I have missed it so mention it's a rules table okay now we can get back and update to R variable whatever you update here roll and then let's move with the delete option here in the model is rooll and here you get a role ID not a permission ID so mention that roll ID and here also roll copy and paste okay so our variable changing is done and now let's begin with the blade files so instead of your permission let's make it to roll folder and paste here roll let's move to edit mention roll that's it and now guys let's begin again with the uh redirect function so we on the store we have a redirect function make it to roles r s and where is another redirect function here in the update and delete we have okay and now guys let's begin with the message changing part here roll created successfully and again roll updated and roll deleted done so guys our control set up and now let's create the files so let me arrange everything and go resource views we have a r permission folder so inside this Ro permission folder let's create a new folder called roles hit enter okay so let me just copy this complete three files of your permission and paste inside the rules so we can save the time okay so now guys let's begin with the index blade file okay so inside this index blade file you need to change all your title and how you display your records so first step let's begin with the title here like just mentioned roles and here add Rule and now change the route here make as rules create and then guys here we will change the variable Like rules so why are we changing this because we are forwarding the rules variable okay this is not linking correctly uh because we have the folder name as rules here okay so make it to roll hit enter so it roll now now we can just check here perfect so it's linked let's go to our roll index blade and paste it rules variable cool and here let's make it to roll and now guys let's just replace roll and here also just make it to rules okay so make sure it is as rules complete so yep and now guys you need to create a route so you can access this index function so yep let's move to routes web.php and just copy this and paste here and mention roles and go to that roll controller roll controller done and now let's try to access the rules page Ro rules Okay cool so we have got the role page guys and let's click on create here so it's h going to create permission page so we need to see whether it's going to correct page or not so here we are on the create function and here a blade file of RIT linked let's go there and here you see we have not changed the title so it is telling create permission let's change it to roles and yep let's change the form action and Method post will be submitting the same and here we'll mention as a rle name and it's going to be the same name attribute so once form submit is go to the action roles with the method post and which goes to a store function on this Ro controller so here we are and once it's submitted we are checking on this unique role name and creating a role so once getting back to the roles page rooll created successfully so now guys let us see whether it creates or not so refresh we are on the rooll create page let's create a super hyphen admin so let's click to submit so here we have saved the record and let me create one more role as admin let's save so here you see we have two roles now so now let us see with the edit and delete option Also let's move back to our edit function so this is our edit function which goes to the role of edit blade file so let's move there and change the title and other things so which goes to the rules and here once pop submits it goes to the action rules with the role ID so Ro role ID make sure you are passing this correct variable inside your edit function okay so we are passing the exactly role variable so we can access here okay so R ID rle name change the label and once update it goes with the action okay and here it takes the route method to put and then it goes with the controller add the update function so on this update function we are doing with the RO validation and then updating the record okay so once done your roll updated successfully so now guys let us test it again so here let me add a new um like staff okay so I have added and now let me change this to staff to user so let's make it to user update here okay so it's updated okay it's changed from staff to user okay so guys now let's begin with the delete option for this role so let's get back to our editor on the index blade. PHP offer roles folder okay so here on the r it goes to the URL like this and you need to create a route because this route is not available in the resource copy and paste and here we change the route and make this route to get method and here your accessing a dynamic ID so you can get as a curly brace here and mention rle ID okay and this goes to a particular function that is destroy okay destroy function on the rooll controller so now guys you can get back to your rooll controller add destroy function and you are getting a unique ID that is your rule ID okay and you are finding that rule and deleting the rule cool and you'll get a message so now guys let's get back refresh and let me create a dummy rule hit enter so your dummy rule is created and now let me delete this so here we go it's deleted perfect so done so guys our roll CR also is done and now guys I just want want to create a button here like we can switch between the rules and permission so let me just add a simple include over here let me close this files and inside this R permission I create a file like nav links do plate. PHP hit enter and just create a simple div a tag design this Buton button button primary has rules permissions okay MX2 and this will be info MX2 and just create a route here like URL roles let me copy this paste here and this is going to be permissions and one more guys for the users like we are going to create a users also so let's paste Here and Now guys let's include this file in our all the blade files okay so yep let's move on the role index blade first just use at include function and nav hyphen links so here we have so now guys you can copy this and paste inside your permission also permission index blade and done so now refresh here so we get this rules permission and users we don't have right now so guys let me just design them in a center I just add a class Cod called container and from margin top just give them three that's it so you can just change this button as warning okay so it has a different color okay so now guys let's begin with the main concept like adding permissions to the role so this super admin will have a role of like he can add the rules he can add the permission he can add the products categories and so on and admin also can do the same and coming to the user so user will have its own permission and if you have a staff like uh let me just add a new roll staff here so if you have a staff he cannot delete the product nor update the product nor add the product but he can only see the products only admin can add update delete but staff cannot add update delete only he can view the product so guys let's add those permissions for this rules okay so now guys let's get get started so let me create a simple button like add or edit permission for this Ro okay so yep let me close everything and let's begin with the fresh so getting back to this roles so we'll be going inside the resource views and we have a ro permission folder inside that role folder we have index blade okay and now so let me copy and paste and change change the button name as add or edit rule permission okay done and now guys you can create a new URL give permission permissions so now guys you can copy this and create a route and go to your routes web.php and we are working in the resource folder I mean rules part okay so you can just create a route colon col and get method and paste that route here and this is going to be a dynamic Ro ID so let us use open close CRA and mention Ro ID Here and Now guys let's target to One controller that is your Ro controller at a specific function so let me just copy and paste here so let's create a function so add permission to roll so let's copy this and go to our rooll controller so we are on the role controller now and yep at the last let's create a function public function and the function name add permission to roll and then guys first we are getting a role ID from the URL yep and first we are going to find that role so dollar role equal to your role model use a find or fail function find or fail function and use the rule ID so if the rule is found then you're going to return and view this rule in a form so because we have to show all the permissions in the blade file and then you are going to update like that right so let's give the path guys let me just copy from the top so yep roll permission folder and inside that add permission okay now you can create a blade file let's move and create a new file called add permission blade. PHP hit enter all set and now let me just copy from the edit blade file let's copy this and paste completely here so first step I will just tell like this is my rule rule colon and your rule name exactly what you have dollar rule of the rule name so we can just copy that variable here and pass inside this view dollar R okay we have sent it now now you can access this Ro variable insert your add permission blade file and now guys here we are going to just Loop all the permissions whatever we have stored in our database so guys let's get back to our controller and at the same add permission to roll function you are passing all the permissions also so let's tell permissions equal to your permission model colon colon just get all okay or use get method to get all the data and guys make sure you're importing This Cloud so here you select with the model part okay not contracts so I selected with the model and now you are passing this variable permission permission and paste here permission variable and now let's go back to our add permission blade. PHP and now guys we have to change this action which we have already created like this let me just copy this same URL and paste here okay and you need to change this R ID to your Dynamic ID so let's concatenate here dollar roll of ID okay roll of ID and then you're going with the put method itself and now let's Loop all the permissions whatever we have sent from our controller so just change this label and now let me just design a the UI here so this is my Ru and column inside this column I will add my input and this input name will be like permission of array okay so I have multiple permissions here because I'm going to Loop that so let's use for each Loop and get the variable so we have passed this variable right let me just make some spaces so it will be more clear now let's paste here so we get this permission let's add permission and now let me just contrl X and paste here column md3 will be looping so guys this is going to be a checkbox and let me keep in a label here open and close inside that label let's paste the input let me break it down so we can understand it clearly okay so this is my value and this is the form control and this is my input end here okay so copy this permission of ID here in the value and then at the last after the end of input dollar permission of the permission name okay and now guys let us see the output first so yep let's move Let me refresh okay so add or edit roll permission let's click on it so here you see that we have create role view roll okay so this is a checkbox but it's not looking correctly why because we have a design here let me remove that and now it looks fine okay so here you see cool so guys uh let me just make this more smaller like colum md2 and will be more clear cool so guys we have listed all the permissions so now let us write the query to update this get back and so once you click on update it goes to the form action with the same URL let me copy this and it goes with the method put so so let's go to our web.php and let's paste it so here we find the same URL right so I'm going to remove copy and paste here you're going to change the method route method to put and it's going to the same URL and let's tell here instead of add permission let's make it to update permission or give permission to a r okay so let's copy this give permission to a rle and we'll create that as a function here so public function the function name open and close CRA and now guys First Step you are accessing the RO ID so you have a role ID on this form submit you are getting the role ID and all the permissions you are getting from this input request so let's copy this get back to your controller here let's access the request dollar request and your Ro ID and now do do the validation so request of validate function and here you mention that I need permissions from this input okay so you can copy this just mention it is required and there are many validation guys like about array validations and all you can just find out and do that so we are concentrating on rules and permission part so now let's find the rule equal to your rule colon col find or fail function so first I will check my rule ID is correct or not so if the rule ID is correct then you will sync the permissions for this role okay so let's get back to our documentation and in this basic usage let's come below and you'll find that yeah sync permission to a role or assign permission to a role there are many ways to assign it okay so let's copy this and paste here let me remove this so guys instead of this variable permissions so you have to tell like request of your permissions permissions okay so what is this permission it's nothing but your input form that is your checkbox so we are taking that all and just syncing that so once synced you can return and redirect back return redirect back retired back with the message like uh permissions added to roll okay to roll done and oops I have missed here like mention status here okay so you can copy this when you submit this form it redirects you back to this form itself okay so it doesn't take you anywhere else so you can just show that message here um get back on this add permission at the top of the card just use if condition in a session session function of status copy this and alert alert success and open and close and paste your session of message and guys coming back to your validation also so you can just use this just add that at error okay and mention that in a single code and you can add that as span text danger and dollar m a message that's it so this will be your validation for the input request of your permission done so now guys let's get back let's submit the uh uh permission so for this super admin he can create the rule view the rule edit Rule and delete rule so let me just show you inside my database so rule has permission okay so let me just show you here you don't have any record right now so once you submit let me submit okay so there is no permission named one on guard web so here is our sync problem so guys for that let's get back to our add permission here and here in the value we have mentioned the ID so instead of ID you have to mention name so now guys let's save it and get back let me refresh and now guys let's add this permissions to the super admin role let's click on update perfect so permission added to rule okay so let me just show you inside my rule has permission table cool done so yep guys now let's get back and once it is added guys it should be also checked here right so here you see that it is not checked but we have added it so let us write that condition Also let's get back to our add permission View and inside this input box only we have to just write some code so let me open and close CBR and mention uh in Array a r r a y array function and here you have to pass pass your the permission name or ID and also all the permissions we required okay so we need to create one more let me just comment right now and get back to your rule controller on this view add permission to roll blade view inside this you have to get all the records so roll permission so we have all the rle permissions and here here you can use the database query directly or you can utilize your permission model so I will mention in this DB of table so let's import the DB class here okay so I'll just copy this and use add the top so DB and let me move top and paste here just add use at the beginning and now get back so my table name that has permissions so this is our table like rule has permission here so copy this get back paste Here and Now guys let's use a where condition and you need to check ruer has permission table rule uncore ID column comma dollar rule ID rule ID so here you have that you have find the rule and from that rule only I'll get it and let me break it so it will be clear to understand and now guys let's plug the role has permission. permission ID so which means this column name okay so permission ID and R ID we have two let me just copy that column name permission ID and you can paste here so now guys same thing we are going to copy and paste again here so this is creating like a key and value like associ type and now whatever it is just get all roll permission and now let's pass this and send it so now guys let's copy this roll permissions and get back to your add permission blade file and in this array let's use that okay and then let's put a condition like if it is found then make it to checked else keep it null now let's get back refresh and you see that all the checkbox are checked here so let me just add few more permissions let's go on the permissions and add like you can create permission let me make it this way save okay make it back view permission so edit or update permission anything you can set so I follow like updating okay so you can update the permission and then get back and just change this to delete permission save it cool so guys you see that our permissions are created let let's go back to roles and on the super admin we are add or edit roll permission so here you see we have a super admin and these permissions are not given so if you want to give you can just give him okay now if you update so all the permissions are given and here it's checked also cool so guys we have done like adding permissions to a role hey guys welcome back and this is the part two of laral 10 roles and permission tutorial so guys as we have seen in previous video we have created the complete roles crud operation and also the permission crowd operation and also about add or edit the permission for that particular role okay so now guys let's get started with creating the user crowd operation and assign the multiple rules for that particular users okay so now guys let's get started so let's move to this uh route called user users and create this route so yep let's go to our web.php first and just create a resource route so yep route colon colon resource function insert that just paste that URL called user and now you have to call your controller so what will be the controller let's create One controller guys first let me comment this or else it will throw an error so let let's create a controller called user controller so user controller hit enter our user controller is created now you can access that let me align everything and let me close all the unwanted files now okay so we are on the web.php now go to apps HTTP controller where you will find your user controller let me copy the path and paste inside the route so guys let's paste Here app HTTP controller user controller colon colon class that's it and now it's connected with the resource route yep now you can go to your user controller and guys let us create a public function with the function name as index open and close let's return and view the blade file so which goes to the RO hyphen permission so and create a user folder inside that call a index blade file so let's move to Resource views and inside that views you have a rule permission folder inside that rule permission folder create a user folder okay and now let's create a index. blade. PHP file perfect so our file is created and now you'll be able to access the route cool so we are on the blade file guys and now let me just extend and add the format of layout so you can go any of your files and just include that okay so let's extend our layout paste here and yep let me just copy everything and paste it okay so first step guys we are just going to change the title like user uh users and here user change the url to users forward slash create and then let us just change this username and display email also and then action so here change the variable to users and what is our variable here we have not passed it let's pass that users variable equal to user model colon colon get function so you get the data and now pass this variable in the array format here pass users of dollar user and now guys you can copy and access the users variable okay now let us Loop that users as user and get the user ID usern name and we need one more column that is user email so we get that user email and let me remove unwanted URLs here so we have a edit and delete button so we can update the URL I mean IDs here and change the url to users okay let's copy this paste here also perfect done and now let us see the output now refresh so you see okay our model is not imported let's go so here I import the class user okay let's get back refresh cool so so our user view is designed guys and now we can get started with add user click here and it reaches to the URL like user forward SLC create so guys this is error like that create function does not exist because we are using a resource route so it's giving that okay so now let's get back and go to your web routes so this is our user which is resource route and inside this user controller you have to create your create method or function so guys public function the function name create open and close CBR let me just zoom it so let's return View and go to the folder that is Rule permission user folder and inside that let's go to create blade file so guys let's go to our yep let me arrange it let's go to Resource views inside that we have roll permission folder and inside that user and let's create a file create blade do PHP file okay and now guys you need to design the form like here in this user view let's get back and let me just copy from the Roll Part like create blade. PHP let's completely copy and paste here done and now guys we are starting from the container row and column md2 and a simple card which start and ends here and now guys let's change the title which is going to be user create user and this is a back button where we are redirect ing back to users so when the form is submitted you're going to the URL action called user with the method post and here is your csrf token and now guys let's give all the input Fields whatever required for the user creating okay so first it will be like your name so let's keep this now copy and paste paste paste okay so second is our email and then third is our password and fourth will be our rules so all the rules you have to mention like what all rules you can assign so we can do that in a select option so here I'll mention rules in Array format because we are going to select multiple so let me Design This select as a form control here I'm form control and it is multiple okay and now guys here is the option so you can list all the rules so select Rule and use a for each Loop to Loop the rules of rule and use option tag to open and close and dollar rule and then guys same thing we are going to copy and paste in the value also done and now guys and now guys once we click on this save button we go to the form action which takes you to the user route so let's go to the web.php and here is our user route so using this resource method it directly goes to the store function so let's create a function public function the function name will be store open and close and then guys you are getting a request from the form so get request of dollar request and now let's create a user variable and call the user model colon colon create method so we can get the details of the user so guys before creating the records we need to do the validation so for that you can directly use here request of validate function and inside this directly call all the fields like name equal to inside single codes let's set the validation it is required it is a string and Max will be 255 okay so same way guys for other fields also let me just show you what fields we have one is name then next is email and then next will be the password and finally a rle okay so you can just copy that and paste here so password and then email for the email validation let's mention email instead of string and give a max value and also you can add a uni and mention the table name users the column field is email and accept ID is not required here now guys the password Here we are mentioning a string and Max will be can mention at least 20 and minimum we have to give eight at least okay and then guys finally we have one rules that is you can copy and mention here like rules and it is required okay now coming back to our create method here so first we are going to create a record for the user so let me add the name column field from the user model and the value so input request name copy and paste and it's going to be email so copy and paste email and then password okay so password is going to be hashed so let us make it to like hashen make function and paste that request of password and now let's import this password hash okay so I will just show you so this is my imported class for this hash and now guys we have created the user so so once user is created you get the data okay so you get the data here and now let's use the um function for assigning that so you can find in your documentation so here you see that we can use the sync roll option also and let me just show you in this using permission wire roles okay so assigning roles here you see like you can assign single and multiple also roles at once but we need to use the sync syncing part and let me just show you where yep here is it so all current rules will be removed from the user and replaced by a given array okay so it will just remove everything and it will update the new Ro for that okay so let's copy this and get back and paste here perfect so guys our role will be synced here so our roles are little different so what we have to do we have to get all the rules request so let's remove this and just paste dollar request of roles so this is nothing but your input field which you are getting in a array format okay so you have got that and pasted here so now guys we can just redirect back so return and redirect to the page users and with the message let's set a status and tell user created successfully with roles okay done so guys now let us test it get back to our browser refresh once okay we have a undefined variable rules okay get back and in this create method we have to pass dollar rules equal to all the rules col Co and just use a get method to get all the rule now import the rule class import and here is your spacy permission model Rule and imported now let's copy this and pass in the blade file so this is my variable rules dollar rule okay so now let's copy this and go to our blade file and you'll be able to access this variable named rules now you can get back refresh perfect so here you see all the details are shown guys so guys we just need to show the name and we need to pass the name only so for that we can get back and let's not touch here instead we'll work in the controller part itself so while getting the rule I want to just pluck the and pass the name as a key and the value will be okay so we are passing as a associative array here using this plug function now let's save and get back refresh so here it's not able to get so for that let me try with all function and now refresh perfect so it's working fine guys so we can just select with the admin staff whatever you want to give yep now let's try to save the data so before that let me just show you my uh users table here so I don't have any users right now and also the model has roles so this model has rle table is nothing but user has rules so just understand this model as user okay so user has roles of that as simple now guys let me create a super admin so name will be super admin and superadmin gmail.com password one 1 2 3 4 5 6 7 8 and select the permission for the super admin and also he will be admin okay so now let's click on Save cool so user created successfully with roll and here you see your record has been inserted so let me just show you in my browser I mean database so here user has model table has two records that is Rule one and two which is super admin and admin okay so model ID is nothing but the user table ID so you can just find that here user ID let me create one more user which will be admin a normal admin okay so adminadmin gmail.com password 1 2 3 4 5 6 7 8 and just select the rule admin okay not super admin let's click to save so here our user is created successfully and we have two users let me just show you okay user ID to and now guys you can just go to your model has roles so in that you see we have one more new record that is with the RO ID to okay so here Ro ID to that means it is admin Ro and the user ID and now guys uh I want to show all the roles which we have added I want to show in this user table view so for that just get back and go to your index blade at this I want to add a column called what roles you have so add this roles and let's create one TD tag and now guys give a if condition and we need to check that rules is not empty so using a empty function and here just add a not symbol and now guys what you are actually checking like user roles so dollar user off you have to get that uh function name like get R names so let me just show you in the document ation if we go in this basic usage we find there so let me just move below and come below here we have like get the name of the users rules okay so you can copy this which returns a collection that means it has an array data let's paste here okay so we got the user and now let us try to use this and loop the data so first use for each Loop for each open and close clyra paste it so we have got the user role name as as dollar R name let's copy this and you can just print in a badge or any design format so let me just add a label here open and close and just paste that label names and let me Design This label as a badge so b a d g e b a d g e hyphen primary and just use mx1 and now guys let's see the output refresh cool we have got the data but it's not visible let me just so this badge classes has been changed in bootstrap 5 so let's try with something else refresh perfect so here you see super admin and admin and this user has only admin okay and now guys let's continue with how to edit the user data with its rule okay so now guys let's get started so for that you have to create a edit function let get back to our user controller and now create a public function function and the function name edit so yep so when we are editing we are getting a ID let me just show you that so this is my edit button guys which we are sending ID in the URL so you need to to access it so let's get back to our web.php and if we are using a resource route by default it provides us okay so you don't have to worry in this you have to just mention like user dollar user that's it and now let's return and let's see the output so refresh so now guys let us click on edit and yep so we have got the user detail perfect so now guys let's get back so let's get back and we have got the user record and now let us open a blade file like we need to go to that blade file for editing the user record so let me just copy a path here and paste and now let's make it to edit blade. PHP now you can get back to your folder that is resource views Ru permission folder inside that r permission folder let's create a edit blade file inside user folder so yep we have created the edit blade file and now guys let's copy the complete user create form and paste inside the edit blade form okay and now guys let's change the title here edit user and this will be the back button and same form for the submission but here we are going to pass the ID so guys let's concatenate forward slash here and then mention that user of ID we have to get the user variable so you can just pass this a user variable like yep user of dollar user and this dollar user we can just remove this and you can access the variable directly cool so now guys you see in this edit blade file we also have the variable called rules so you need need to create that also let me just add this dollar rules so what are we doing actually here we are just copying it so let me just copy this completely and paste here done and now guys you can just pass this roles also so copy and paste and let me just paste the variable okay now you will be able to access this roles detail also and now guys once we click on this edit form we need to by default you have to select the selected rule I mean given roles so let me just show you in my example okay let's refresh this cool so we are on the edit user and here we need to fill all the user details let me just get back and go to our edit blade file user edit so we are here now and in this form let's add the value attribute and just paste dollar user of name so let's copy this complete value attribute and paste for the email also yep email and email is not always changeable so you can make it to read only and here in the password you can just skip that and now guys coming back to the rules we have to select the given rule Let me refresh okay so we have the value here and we need to select like super admin has the permission of admin and super ad me so by default you have to select so for that let's get back to the user controller and now guys let's select that user rule so user roles equal to and then guys you have to get the selected user data so I have this user data here and now I need to get all the rules of it so you can handle that from this rules uh you can just find it so here you see you have rules uh with rules so you can access use this let's get back so we have rules of and use the pluck function I mean the same thing the same condition let's put it here semicolon okay so now we can pass this user rules user rules and dollar user rules copy this variable and go to your edit blade file and just use in a in Array format let me just break this down so it will be more clear okay so option breaks here and yep so inside this use a in Array function so inore array function first you have to pass your role and then comma and dollar user Ro okay so if it is found then you will tell like selected as null so let's mention selected okay so save it and now guys you can just get back refresh cool so you see that by default it is selected admin and super admin and go back and just select for this admin user let's click here admin user and you see that rule is admin okay so now guys let's begin with updating this user data so yep let's get back to our editor and when you update this form so let me change this button name as update so update this user form with the role it goes to the action and this will be sent with the post method using a csrf token and also the route method which is going to be put so mention the method which is put okay and now guys once you submit it just goes to your uh web.php and checks in the resource route and it will go to the update function so we don't have update function let's create it public function function name update open and close cies and now guys let's get the request whatever we get from the form request of dollar request and then get the user model okay so user of dollar user now guys you can access the current user data so dollar user of update function to update the user record so let me just copy from above from the store and yep guys we have to do the validation also so let me just first copy the validation and paste here like dollar request and doing all this validation we are going to remove this email part from the validation like we are not accepting email only okay and here to update the record we have to uh copy this Fields so let me just copy this and paste here Here and Now guys we are not going to update the password also so when we require that time only we have to update so this is going to be a conditional part so guys for that I'm just going to create a variable outside like yeah data equal to inside array we are pasting it and let's uh merge the data here before that I want to check do we have any uh password or not so we can just add not and make this as empty mty function if it is not empty then use this password as a r here and append that okay and make sure you're adding a plus symbol so plus equal to you have to mention so it will concatenate that and now guys finally whatever we get we just add here $ data all set so guys we have done with the user update part and now we have to also update the rules for this okay so when you click what about this role if I select uh admin and staff also so at that time you have to manage that part also okay so for that the same uh syncing permission you can just do it let me copy this and paste here so once updated you can sync the role whatever request of role you get done and now guys let's redirect back once updated so let me copy this and paste here like redirect back to the same page and tell user updated successfully with the rules okay so now let's save and get back so refresh once so here guys this admin user have a rule of admin and let me add one more rule that is staff and now let's click to update so you see uh we have some issue I think we have some validation issue so let us just get back to our editor and here just add each field like below this input at error use the input field name attribute name here and just using a span tag add a text danger and open and close CRA dollar message let's copy this paste for the email like we are not doing the email part so just ignore that we are working for the password so we can update this password also and also the roll spot so just paste this Ro that's it now get back and refresh and now guys let's update once again here okay the password field is required so it's not mandatory while updating so you can make it to nullable also okay so just ignore that part and now let's click to submit here you see user updated successfully and I did not select the rule let me select the staff also Now update perfect so here you see guys for this admin user you got the rule as admin and staff too okay so I can just show you here done and now guys finally about the deleting part like delete the user so let's go and yep let's begin with the delete part so you have to go to your index and here is your delete URL so let me copy this and create a route because this route doesn't provide in the resource route so you have to create it separately using a get method and in that you provide this route so guys mention the ID that is user ID and it goes to a controller which is about your user controller so let's copy this controller path and paste here and give command single codes and go to a destroy function so let's copy the function name destroy and create a function with the same name that is destroy function open and close and now guys you are sending a dynamic that is user ID so you can access from this as a parameter okay and now you get the user ID so let's search for that user first like user model colon colon find or fail function and use this dollar ID and now guys you can just use this dollar user and use a delete function to delete the user record perfect and now guys let's redirect back to the same page which is user users only and update the message here user deleted successfully okay so I don't know it is going to delete with the rules also so let us see what happens now so before that uh let's go and refresh here so let me add a new user like dummy user so dummy at gmail.com password 1 2 3 4 5 6 7 8 and select the role admin and STA and user I give three rules so yep and you may see in your user model has rules so you have total three rules for this particular user ID 3 let's delete click to delete perfect so user deleted successfully let's see in our database for the users table in the users the user record is deleted and now let's see in the model has roles so here you see it automatically deletes it okay okay so why because the spacy package uh database design is written like that so it will delete that record also okay so you don't have to worry about that perfect so guys we have seen about how to uh fetch the users with the rules and add the user and assign a role to that user and also edit and update the user with its role and also delete the user data okay hey guys welcome back so guys in past two video we have seen how to create the complete spacy user rules and permission Crow operation management from scratch okay so now guys in this video we will be seeing how to use these rules and permission to manage and protect the routes in our larel application okay so let me just uh underline here so manage and protect the routes in the laral application so basically protecting route means when a user is trying to access certain route which does not have permission then we will not allow the user to access that route or page okay so guys let's see with the example like if the user role is Staff he cannot delete the product but he can only create and update the product he does not have permission to delete the product okay so now guys let's get started with protecting the routes and how to use this rules and permission in our application so guys here you see right now I'm not logged in but I am able to access this rules and permission data so guys let us make this first authenticated so for that let's get back so now Guys these are the routes which we have to protect I mean protect and also we need to check whether it is authenticated or not so guys let us get back and let me let Zoom it so first step we'll create a route group route colon colon group function inside this just create an array and give comma and write the function open and close CRA okay and now guys you can push this complete route inside this group function group route okay so now guys what we are going to do uh we are going to use a middleware here like just add a ID DL e w middleware and give just use in this format like Arrow function and then mention that Au so okay so now guys if you're logged in only then you can access this route so let's get back and refresh now on this rules so here you see uh you are redirected to login page so guys let me login let me just show you like I have already created some user records like super admin and normal admin so so now guys let us log in as a super admin first and enter the password cool logged in now and you are able to access this roles permission and user data okay and uh and guys I just want to show that if I'm logged in or not in this nav bar so it's a simple code guys I have already created that let me just go to my app web layout and here I have just commented that let me uncomment it okay so here is a normal guest and with the login and register and this is the else part of that guest now save and if you refresh here so you see that super admin has logged in okay so now let's continue let me close this file okay so yep now refresh so guys you logged in and you are able to see all the rules and permission data so now guys let us see how we can protect the routes and who can access this rules data and the permissions data like who can create this permission who can edit and delete all the P permission based on this rules okay so right now as you see that super admin has logged in and his roles are super admin and normal admin so is available for both the roles so let me go to this super admin role let's move inside the role and here is my role as super admin let's edit the permission for this role so here you see this super admin can do all these permissions okay now get back and let's see with the admin rule so in this admin you see that admin can create the role view the role update the role but not delete the okay he cannot delete a rle same with the permission also here he cannot update the permission or delete the permission okay so guys if you want to give option like he do he admin cannot update also so we can just update that and he will be not able to update that role so now you can get back okay so Guys these roles are given to particular user so as you see this admin can have the role of admin and staff okay so now guys let's get started with protecting the routes okay so guys let's get back to our editor so now guys in this middleware we have to mention like if logged in user role is super admin or admin he can access this route okay so now guys let's get back to our documentation on spacy and let's move on this basic usage we have a using a middleware here so let's click on it so guys here we see first it starts with the default middleware so what is this default middleware so larel gives authorized class to check for the permissions so basically that is like using a can here it only checks for the permission not for the rules as you see for checking against a single permission so now guys here is a package middleware which we can use this uh rules and permission or roller permission so let's copy this completely copy and we have to put in the middleware aliases in your kernel.php file so let's move and go to your app HTTP and kernel.php and inside this let's paste it that's it done and now you'll be able to access this Ru permission inside your middleware that is Route group middleware okay so yep guys and now let's move to the documentation and here middleware wire outs so guys here you see uh they have given some examples like you can use the rule and your role name so let us use in this format itself now let's copy it get back and here you have our single let me give an array and give comma and paste that roll okay in the single codes so coming back to our data here we don't have any manager so let me copy this super admin and paste here and guys let me just remove this because in the rules and permission the authentication is checked so yep let's get back and refresh so here you see uh you are able to access the roles part because the role the logged in user role is super admin so let me just show you in incognito mode Let's go to roles and here you see like user is not logged in and let me just log in and show you with the admin credentials so admin gmail.com so I have already thought about the what role he has and for that role what permissions I have given for the admin so now let's login okay so let's move on the rules cool so guys here you have got the message like user does not have the right role okay so he doesn't have this particular logged in user doesn't have the role for that okay so if you try to access permissions or users anything you doesn't have a right role okay and the same thing if you are a super admin then you'll be able to access the roles okay so guys now what I want to do I want to give the permission for super admin and also admin so here you see uh we are not able to access this the rules or permissions page now I want to tell in this middleware like in this role super admin or admin so use this pipe symbol that's it enough get back refresh cool so guys here you see the logged in admin user is able to access the rules and permissions Pages because we have said that in this like super admin or normal admin can be able to access this page so he is able to access perfect okay so now guys coming back in detail like setting the permissions so let me come here and let me show you in this role super admin let me edit the role permission so if the role is super admin and he can delete the role okay so logged in user is super admin and if he wants to delete a role he will be able to delete it but what in case of normal admin role so here in this admin role we have the permission like he cannot delete or update the role okay so now guys let us set this condition in our web route so this is the route guys which goes to the destroy function to delete that particular role so now guys let us give a permission that only user who has permission to delete the role he only can delete so it's a very simple way guys just you have to add a middle here like Middle where and inside a single codes just check for the permission okay so let me just break it so it will be like visible and let me Zoom it so here in this permission colon like delete rule so exactly paste the same string value I mean the name of that rule okay so I'm using this delete rule let's copy this and paste here so guys this permission is nothing but you'll be finding in your kernel.php and this is the value guys okay so you are copying this and you are accessing here okay so now guys let me show you with the demo so yep on this uh super admin role he can delete it okay we have checked it but if the logged in user is admin role then he will not be able to delete it so guys right now I have logged in as a super admin and let me show you the here in my incognito mode I have logged in as a normal admin so now if we try to delete any role so let me click here delete and you see that user does not have the right permissions to delete this role data okay so if you are a super admin he can delete the role so let me just show you and uh dummy rooll data I'll create it so here is my dummy rooll and now uh let me just show you with the admin once again again so here I delete here like yes I don't have permission the admin doesn't have the permission to delete a role but if you're a super admin you'll be able to delete it so let me just delete and show you click to delete cool so you see that rule deleted successfully so guys I have shown you like how to protect your route using rules and permission okay so you can set each permissions for particular routes so now guys coming back to this resource routes so here what in case of this resource route how can you add a middleware here so for this we have another solution let me just show you in the documentation so we move below and here you see middleware with controller so just use this in your construct method use your middleware so as simple now you can get back and this is my resource route and now I will comment this middleware for delete Ro and get to the rle controller so let's move and let's create a function so public function underscore construct open and close calibra and now guys use dollar this of middleware function and the same permission what you have written here you can copy this and give here and now let me just show you what happens directly if you give this permission of delete rooll so yep let's get back and here you see we are on the roles page refresh it doesn't happen anything now get back to your admin logged in so refresh here you see you do not have a right permission but the permission is about the deleting part like here we have given permission who has delete Ro then you should only work for this delete function where is the delete function okay here so this should work for the destroy function so let's get back and now guys to achieve that you have to mention in this you have to give comma and create array and inside that you say that only to those functions okay so mention in a array and tell that is my destroy function so what it is let me move below and here is the destroy function function let's copy this and paste here so now this permission delete rule will work for only this function desroy function so let's get back to the admin login here refresh so here you see it works fine now okay so now guys if you delete so it shows like you don't have right permission instead I have used that middleware permission in the construct method in your controller part okay not on your r rout web route here so guys we have learned how to use this middleware in the route and also middleware in the controller so same way guys you can just copy and paste and assign for like update role for that particular update function and also on edit function okay so we have two functions now on the update function on the edit function both it should work for update role so let me just show you the permissions for this so roll admin let's see the permission you don't have permission to update the role so let's get back and go to your rle so refresh so I am a admin user here and let's click on edit the role so let's click here edit so you see that you do not have permission write permission to edit and update the role okay so now we can get back so if you check the same thing about editing the rule with the logged in user as super admin so which has a super admin role so now if you try to edit here cool so you see that we are able to edit the role okay so this is how we can utilize multiple functions for particular role okay and also guys if you want to check like uh role also so with this permission I want to check the role you can just get back to your documentation and here you see like role manager and its permission so same way you can use like super admin or admin or staff manager it depends on your requirement okay so now guys let's get back to our editor so guys now let us give the rest permissions also as we see like we have here um about create role and also view rule Ru so who has permission they can only create and view the rule so as simple let's tell create Rule and the view rule so view rule will go on the index and let's remove this and if you have a show function so you can add that show also okay so I don't have a show function here so I'll remove it and on the create controll permission I will copy this create and store method so let's paste here create and store method okay so this is how you set your permissions for your resource routes so I have used this resource route cool so now guys uh let me just remove this and so now guys we have not given the permission for this routes like you can uh give permission and update the permission so let us use that same functions here so on this create rule you can use the same functions like add permission and give permission function so let me just add that also here just give comma and mention that function Lim you can add also and you can um give function give permission to rule function okay so yep so you are completely set up with the permission so same way guys you can copy this and create for your permission controller also so so on this permission controller let me paste it and let's remove The Unwanted functions so which you don't have in permission and here so let me paste it permission let's copy this and just contr D and paste it okay so these are the permission name so if you have any doubts just go to your permissions and find that exact name okay so you just need to copy that and paste in your permission controller cool so now guys same with your user user task also so let me copy this and go to the user controller so what we have created so if you don't find this rule controller permission controller and user controller please watch out the video part one so you'll find everything and understand how all this created it okay so now yep let's change the permission so let me just show you what is the permission here so I have not created the user permissions so let me just add the permission like create user permission to create user okay so here you see create user permission is added let me add the view user hit enter saved let's again add with new permission here like update user and finally the delete user okay so delete user let's save done so here you see we have created the uh permissions for create user view user update user and delete user go to your rules and this super admin should be able to create the user view the user update the user and also delete the user let's update it so now the super admin role have the permission for doing this and now for the role admin let's edit and he can create the user view the user but not update and delete okay so let's update here done now get back so get to your controller on your user controller we can update it like yep view user create user update user delete user okay and these are the functions it's reaching to it so let me show the functions also yep and done okay so all set and now guys let me just show you with the logged in user as admin so he should be able to view the user he should be able to create the user but not edit the user and not delete the user Okay cool so guys we have seen about how to handle the permissions in our controller so now guys let us go to web.php and I want to tell you one more thing like in this middleware we are telling uh we have a role of super admin and admin so instead of using this I want to use my custom middleware so guys I have already made a video on this middleware how to create a middleware how to use the middleware in larel okay so video link is given in the description so now guys uh let me just show you the middleware what I have created let's go to app HTTP uh I think it's not visible so let me Zoom it and okay so yep let's go to app HTTP and you need to move in middleware and here we have created one admin middleware okay so here I'm just checking with the static role that is admin or user so let me just comment out and instead of using the static way let us use our rules and permissions what we are using in this web.php okay so now guys First Step uh make sure your admin middleware is registered so if you don't know how to create this middleware please watch out the video link given in the description and now guys let us check what is this admin middleware named registered with so you have to go in your kernel.php and inside that you have to find that admin middleware class so guys you see that here I have added the admin middleware class which is existing here and this key name I have given as is admin okay so now let us copy this is admin and get back to your web.php P okay so now let me paste here and so forther reference let me comment and keep and now let us just control X and remove everything and just use is admin okay so done and now guys in this is admin middleware we will give the condition like here what you have given so guys let's get back to our admin middleware and here write the logic so now guys let me create a variable called user and you have to just check whether the user authenticated data so yep so the authenticated user data is assigned here in this variable user and it has a object of data okay so now in this if condition you have to check whether it has a rule or not so has rule function so please check whether this is correct or not inside your documentation so you can just find that in the blade directives or using permissions V Ro so just go here using permissions bya Ro okay and you can just use contrl F and find that perfect so here you see checking rules has rule of this and you can use in this format also like using array format for multiple so let us copy this and get back so now inside this if condition let's use it and here we have to specify what role we are expecting for so as we have given in the web.php that is super admin and admin okay so mention that here let's remove this pipe symbol and separate them okay so rule will be super admin and admin and here we see a warning guys like undefined method has rule intell defense okay so it's just a simple warning guys you can fix this using like atw where it comes to the app folder then models folder and it goes to the user model okay that's it and here you see it's fixed so now guys uh whatever you get here like if the request is correct then process him to continue with it so you can just remove this it's not required so now guys let us see uh it works or not so you can just get back so yep Let me refresh okay so super admin is able to access the rules permission and let us move with the normal admin so refresh he's able to access the rules now guys I just want to make sure if I don't give the rule admin who should be able to view this so let us test that also so in this middleware is admin middleware let's go and just remove this admin role so I have just removed the admin role only super admin should be able to access yep let's go okay so here is a super admin refresh yep he's able to access and now here is a normal admin let's refresh he's not able to access and it's still like forbidden so this is about 43 forbidden let me just show you so inside our middleware so if the authenticated user role does not have super admin he should be aborted on this 43 and just give comma guys and you can mention like user does not have correct role okay now let's save it and you will be able to see that message okay so let me just add that rule as admin and he should be also able to access the rules and permission perfect done so now guys uh let us learn blade directives in this roles and permission so basically what blade directive means like if the authenticated user doesn't have permission to edit or delete it so in that case I have to hide this buttons so we can use that that using blade directives so let me just show you in the documentation let's go to our documentation okay and in this basic usage we have the blade directives here let's click on it okay let's move below and here you see guys that can and end can so this can is used for only permissions and if you want to use for rules also you can use like this okay if role is super admin then show that and also you see here has R so it is exactly same as role and has R so both works the same and now guys if you want to use in any controller part or in the blade file you can also use in this way so now guys uh we are concentrating on how to use that in a bleed file let us go on the top and and we need to use this itself so let me copy this and go back to our files so let me close everything and just go to your folders of your blade files so this is my RO folder and inside this we have a index blade file let me little unzoom and yep and this is my edit and delete button so on this edit can and here at end can okay and here mention your permission he should have the permission of update rule so make sure you are pasting it correct let me show in the permissions we have a update roll permission and paste that okay so same way guys you have to check with the delete also let me copy and paste here and mention delete Ro let's save and get back and go to your rules URL and you'll see you're able to see the edit and delete button because the logged in user is super admin so now let us see with the normal admin so here I refresh on the roles page so you see that you don't find the edit and delete option for the normal admin so in case if you give the permission to edit the data so let me just give the permission so to this rule I give a permission update Ro permission so for this role admin I give update Ro let's update here okay updated now you can get back and let's move to the admin here now refresh cool so you see that now admin has the permission to edit and update the data so his buttons are visible perfect so same way guys you have to paste everywhere in your blade file wherever you are using to show for edit and update the data okay so same way just go to your permissions and inside the permission you have a edit and delete button so you can utilize that okay can update permission and end can let me copy and paste end can and here he can delete permission so admin doesn't have the permission to delete so if you view here he doesn't have edit and update okay so same with the user part also you have to hide it so now get back let me just use the same logic in the user blade file just use this can and end can yep let's paste here and again add it so here will be user so per Mission I mean delete user now get back go to users Tab and this is a super admin so he have the access now if you go on the admin user so he doesn't have the action okay and guys I just want to teach you one more thing about the rule what we are seeing in this documentation let me just show you so this the rules blade and rules so you can use this rule part also yep let's back to the so this is my roll index blade okay roll index blade and instead of this can and N can I want to use rule okay so at rule function and inside this you can mention super hyphen admin and now end R so yep now now this is a logged in user super admin so he should be able to see the edit button now if you go to your normal admin go to the rules you see that you doesn't see that edit button because this normal admin is a admin role not the Super admin let me close this and yep so guys we have successfully completed with the laral 10 rules and permission tutorial using the spaceship package okay so guys in this video that's it thank you for watching this video please subscribe like and share

Info

Channel: Funda of Web IT Hindi

Views: 1,883

Rating: undefined out of 5

Keywords: fundaofwebit, fundaofwebit hindi, Spatie user Roles & permission management tutorial, Laravel 10 User Roles and Permissions Tutorial, Role And Permission In Laravel 10 using Spatie, Step-by-Step Guide to User Role and Permission Tutorial, Simple Laravel 10 User Roles and Permissions, Using a Middleware | laravel-permission, laravel 10 roles and permission tutorial, roles and permission step by step in laravel 10 with breeze

Id: SW1Ddj5pCAM

Channel Id: undefined

Length: 116min 23sec (6983 seconds)

Published: Fri Feb 09 2024