Support the ongoing development of Laravel.io →
Authentication Database Eloquent

Once again I'm pretty lost, the same place as other projects I've started xD A "closed" application, where a login is required to access the site. Users are assigned to groups, and should only be able to see challenges, ideas, ect from the group they are assigned to. But I'm really interested in how others would tackle the permissions in such case. Right now I'm making a lot of extra queries in the repositories to check if a user is in the group the challenge was created in. At the first relationship it seems okay, but do anyone have a suggestion to doing it when the relationship fx is user->groups->challenges->concepts->comments ? It becomes very "cluttered" with just checking if the auth::user can see the comment :/

I have seen a lot of auth packages, but they are all more "generel" (can the user see this TYPE of content), and that's not what I need :/

Last updated 2 years ago.
0

If members of the site can only see content that has been published by their group of users then I would simply add a group_id column to the tables containing content and filter the output by the users group.

Last updated 2 years ago.
0

carbontwelve said:

If members of the site can only see content that has been published by their group of users then I would simply add a group_id column to the tables containing content and filter the output by the users group.

So add group_id to every table? O.o Would proberbly make it easier, but it just seems... wrong xD

Last updated 2 years ago.
0

You could in that case have one polymorphic table for group permissions - its the same thing but concentrated into one area.

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.