Reputation: 21
User-role-team based packages cannot manage authorization above the team's scope
In my application, an organization has multiple events, and a user can have multiple roles in different events. Until now, it's all good. I can just do a pivot relation btw user_id, role_id, event_id. But the problem is that I have some roles that are focused to the organization. Example: Owner, Admin and they're not related to the event. And therefore the previous DB structure cannot fix my problem, because it's limited to users having roles in an event.
I've tried going for a polymorphic relationship which basically means a user can have a role either in an event or an organization like so: user_id, role_id, entity_id, entity_type. But it's a lot of work and I don't know if it's the ideal solution.
What I've tried :
The one solution that I found is working with spatie's permissions package which supports teams.
So basically a user can have a role in an event. Also, a user can have permission in an event. So I figured that I work with the organization's scope instead of the event's scope and then give permission to the user to access a specific event. Example: I invite a user to the organization to be an Admin and then give him/her the right (permission) to manage a specific event or multiple events.
This seems to work, but the problem with it is that I'm limited to assigning one role to the user in that organization which means in all of the events, because now the DB relationship is:
user_id, role_id, organization_id.
Is there a way I can assign different roles in different events for the user, along with the ability to assign some roles outside of the events for some users?
Upvotes: 0
Views: 186
Answers (1)
Reputation: 1518
Will you try following if this works for you?
create a talbe user_event_roles
its structure will be like
user_event_roles
id | user_id | event_id | role_id | created_at | updated_at | updated_at |
--------------------------------------------------------------------------
you can store user's id in user_id along with its event's id event_id (in which event user has access), and stored the role_id, the role you want to assign to user.
Please share your feedback if this approach doesn't work so we can find some other solution.
Upvotes: 0
Related Questions
- Hierarchical roles for a user, with child roles having different permissions on case based, Laravel Spatie
- Add user role(s) based on product IDs and quantity when WooCommerce order status is completed
- How can use Spatie add assign role to all users using seeder in laravel?
- How to make multiple roles in Spatie Laravel package?
- Laravel Print select options accordingly user's permission
- Multiple role based folder authorization in asp.net web.config
- Using Auth to get the role of user in a pivot table