Spatie Laravel Permission Package Tutorial | Using Middleware for permission and role #4

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to bitfumes and in this episode of laravel permission tutorial we are going to see how we can restrict a user by directly going into any route because in the last episode we have used the blade syntax to show or hide something like if the John if the user John is editor he cannot see a new button to create a new post but he can directly go to that route so this is not ppand to restrict this if we need to use a middleware middleware defined in our level permission package so if you scroll down here you will get to see the middle views we have this one so because I have created all the routes I don't want everyone to just go and visit reiterate so how we can restrict it you need to use middleware so middleware of simple and what the middle where we are going to use roll and exact rule so the role of writer simple thing so I just wanted to visit this route only when the user the logged in user has a rule of right simple enough so let's go and yeah John is not a writer so that's why he cannot see the right or the new button but yeah here what I'm going to do is just refresh and because we have the middleware if i refresh okay so we have problem we are getting error why we are getting it this is a package and package is shipped with all the tests so we have missed something it's if Clause rule does not exist this means the rule middleware is not defined on our level end so how we can fix this actually we just need to do one thing if you just a scroller you need to define these middlewares on you colonel file so where it is simple its own app HDTV middle view and not inside middleware but app HTTP colonel colonel dot PHP and if you scroll just all the way down you can see route middlewares so let's paste these three and save it and roll permission role or permission these three little bears are there on this package so because now this is their let's go here refresh this route and boom you can see it's saying sorry you are not authorized to access the speech and this is exactly we want this joint doesn't have the permission to that doesn't have the role of writer so why he can visit this route but what if I change it to being South because we know Santa is a writer so yeah SOT I can see the new part go refresh and yes he can see easily so this is way this is the way we can restrict even the routes now let's do one thing so he can easily edit it but what if I will say like for edit part we just want to say let's use middleware off yeah we know role of editor has to be there so this middleware this route or post edit is only shown on only accessed by the logged in user having the role of editor so what if I go here because yeah we know sarthak is writer but we have given a special permission to Cesare to edit it a post so if I go hmm it says four three three yeah this send this makes sense because on the middleware and we are saying that we only allow the editors but on the blade part we are not using the rule system tourists Victoire show we are using the permission system so why not use some permission related material so here on the kernel dot PHP we have a permission middleware so why not use this one so instead of using roll I will say permission of edit post I want to allow access or this route if the logged in user has the permission to edit rule so now if I go to Chrome and yeah instead of 4 to 3 if i refresh yeah even father can visit this so let's go to the post and all post are here Salter can create a new so Arthur can edit a post and what about John let's go to John and yeah here John can only edit a post he cannot create a post yeah unauthorized very cool so now last let's try for Jean who is the publisher we cannot have we don't have any publish button so yeah you can get the idea also so if i refresh yeah is still unauthorized and but last thing is what about Alex so Alex is there hand yeah he can oh we have some problem so we have some problem and we will tackle that so Alex can not create a new post worth that because we have given the role of writer only so Electress not a writer he's a admin so he can do anything so likewise on the blade part where we have used the pipe sign to separate other role so just like that we can use here so role of writer or admin so let's refresh here and here you can see it is working absolutely fine so he can edit it he can create a new post so these are the things you can have on this level permission tutorial and level permission package and with this tutorials you have seen that how cool and how easy to set up all the complicated things with this package so I think you have liked this series and this tutorial so if you have like this just go and share this video with your friends like betweens on Facebook Twitter and Instagram if you have not subscribed till now please go and subscribe to this channel for more lateral related updates we will meet in some other episodes of related to level maybe okay so we will meet again later and till then good bye

Info

Channel: Bitfumes

Views: 34,483

Rating: undefined out of 5

Keywords: laravel permission, spatie laravel-permission tutorial, spatie/laravel-permission, spatie/laravel-permission laravel 5.5, laravel permissions spatie, laravel permissions, laravel permissions roles, laravel roles and permissions 5.6, laravel roles and permissions, laravel acl roles and permissions, laravel acl tutorial, laravel acl, laravel user roles and permissions, laravel user roles, laravel user roles and permissions tutorial, laravel user permissions

Id: PQh58dmIUgg

Channel Id: undefined

Length: 7min 22sec (442 seconds)

Published: Tue Oct 16 2018