The Spatie Laravel Permission package handles new roles and permissions by treating them as Eloquent models that can be created, assigned, and managed easily within your Laravel application.
Creating Roles and Permissions
- Roles and Permissions as Models: Roles and permissions are represented by the `Role` and `Permission` models provided by the package. You can create new roles or permissions simply by calling the `create` method on these models with a name attribute. For example, to create a new role named "editor":
php
use Spatie\Permission\Models\Role;
$role = Role::create(['name' => 'editor']);
Similarly, to create a new permission:
php
use Spatie\Permission\Models\Permission;
$permission = Permission::create(['name' => 'create-blog-posts']);
This flexibility allows you to define any number of roles and permissions dynamically[6][7].
Assigning Permissions to Roles
- Assign Permissions to Roles: Permissions can be assigned to roles using methods like `givePermissionTo` on a role instance or `assignRole` on a permission instance. For example:
php
$role->givePermissionTo($permission);
// or
$permission->assignRole($role);
- Syncing Permissions: You can also sync multiple permissions to a role at once using `syncPermissions`, which replaces existing permissions with the new set:
php
$role->syncPermissions(['edit articles', 'delete articles']);
This makes it easy to manage permissions in bulk[7].
Assigning Roles and Permissions to Users
- User Model Setup: To enable roles and permissions on users, you add the `HasRoles` trait to your User model:
php
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable {
use HasRoles;
}
- Assigning Roles to Users: You can assign a role to a user by calling:
php
$user->assignRole('admin');
- Assigning Permissions Directly to Users: Permissions can also be assigned directly to users without going through roles:
php
$user->givePermissionTo('edit articles');
- Checking Permissions and Roles: The package provides methods like `hasRole` and `can` to check if a user has a specific role or permission[1][3][7].
Database and Relationships
- The package uses database tables to store roles, permissions, and their relationships with users. When you create roles and permissions and assign them, these relationships are stored in pivot tables such as `model_has_roles` and `role_has_permissions`. This structure allows efficient querying and management of access control[4][8].
Summary
In essence, the Spatie package makes roles and permissions first-class Eloquent models that you create and manage through simple method calls. Roles can have multiple permissions, and users can have multiple roles and permissions. The package handles the underlying relationships and provides convenient methods to assign, sync, revoke, and check roles and permissions programmatically within your Laravel app[1][6][7].
Citations:
[1] https://spatie.be/docs/laravel-permission/v6/introduction
[2] https://spatie.be/docs/laravel-permission/v6/installation-laravel
[3] https://www.youtube.com/watch?v=C4PVTSkLf14
[4] https://github.com/spatie/laravel-permission
[5] https://itsolutionstuff.com/post/laravel-8-user-roles-and-permissions-tutorialexample.html
[6] https://www.honeybadger.io/blog/laravel-permissions-roles/
[7] https://spatie.be/docs/laravel-permission/v6/basic-usage/basic-usage
[8] https://www.youtube.com/watch?v=3hSBJCVwh78