dimanche 10 février 2019

Laravel middleware for control user access to datas

I'm using this structure of user levels:

Company Owner
- Group Manager
-- Unit Manager
---Employee

I need to control users to access the datas in the database. Employee can access only that datas what he stored. The unit manager can access his own datas and datas of his emplyee too. Group manager can access to entire group's datas. And the company owner can acceess to everything.

I have some controllers like this:

class ClientController extends Controller
{
        public function index()
        {
            return Client::all();
        }
        // ...
}

What is the best practice in Laravel to control data access in some controllers, but not everywhere? Is here a good implementation for this issue?



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)