grant permission to a new role in Laravel 5

Question

We are developing a laravel application, the application has an admin part which is only accessible to the admin users in routes file we have:

 Route::group(['middleware' => 'admin', 'prefix' => 'admin', 'namespace'
              => 'Admin'] , function() {
       Route::get('oldAdminUrl', 'oldControllwe@handle');

  }

The middleware file's handle function is like

public function handle($request, Closure $next)
{       
   if ($this->admin->guest())
    {
        //some code here
    }

    return $next($request);
}

ad the $this->Admin refers to Model called adminModel with the following attribute

 protected $table = 'admin'

Now we need to add a new url to the group of admin urls let's call it newAdminUrl it should be accessabile for both the admin users and also a new group of users let's call them editors

is it a good practice to put that url outside the admin group and assign it a new middleware let's call it editorsMiddleware in additon to admin middleware to check if the user who wants to access the newAdminUrl is either in editor group or admin group and the editors be stored in another table

 Route::group(['middleware' => ['admin','editors], 'prefix' => 'admin',      
     'namespace' => 'Admin'] , function() {
         Route::get('newAdminUrl', 'newControllwe@handle');

   }

The EditorModel which is used inside the editorMiddleware has this attribute:

     protected $table = 'editor'

The Question: what is the right or even good approach to implement it? or anyone has any better idea or suggestion?

Answer 1

Really, the approach you've suggested is fine. Create an 'editor' middleware that allows users with 'admin' and 'editor' roles to pass. I have implemented permissions this way in a number of Laravel apps. You might want to consider moving the middleware call to the __contruct() method of the relevant controller just to simplify your routes file and save a line of code for each route, but that's neither here nor there.