Laravel 8 – Create Roles and Permissions without using Package.

Tram Ho

As we all know roles and permissions are a very important part of most websites these days. In laravel now there are many support packages for this like ‘spatie/laravel-permission‘. But today I will share with you how to create simple roles and permissions without using package. Let’s go through the following steps together.

Step 1. Create laravel 8 . project

  • Create a new laravel project (currently the latest version is 8.*) with the following command, and also go into the .env file to configure the database used for this project including the database name,

  • To install by version:

  • In file .env

Step 2: Create Auth

  • Create laravel authentication with the following command:

Step 3: Create Model and Migration

  • After creating the project and auth, we need to create a model for roles and permissions.

Step 4: Edit the migration file

  • Create Users table

  • Create Permissions Table

  • Create Roles Table

Step 5: Add pivot table

  • We will create pivot table users_permissions, use the following command:

-Change the user_permissions table as follows:

  • Continue creating pivot table users_roles, use the following command:

  • Change table users_roles as follows:

  • Create more tables roles_permissions. This table is used to grant permissions to users. For example, a user has view permission to a post, while an admin has the right to edit or delete a post. That is the task of this table, use the following statement:

  • Change table roles_permissions as follows:

  • Run the following command to generate the migration :

Step 6: Create relationships

  • Create a relationship between two tables roles and permissions as follows:
  • In file App/Role.php

  • In file App/Permission.php

Step 7: Create Trait

  • Create a new folder and name it Permissions and create a new file name HasPermissionsTrait.php. This is handling user relations. Back in the User model we just need to import this trait.
  • In file app/User.php

  • In file HasPermissionsTrait.php

-Here we can debug the following to check.

Step 8: Create a custom Provider

  • In this step, we use the Laravel directive “can” to check if User has permission instead of using function $user->hasPermissionTo().
  • To use the same as $user->can(), we need to create a new PermissionsServiceProvider for authorization. Use the following command:

  • Register in method boot as follows:

  • Next sign up PermissionsServiceProvider. In file app.php We do the following:

  • You can test the following:

Step 9: Generate data to test

  • Create routes:

  • Create App\Http\Controllers\PermissionController.php

  • Running url route you can see some dummy data from the tables.

  • In file blade you can use it like this:

  • You can use as many roles as you want.

Step 10: Install Middleware

  • Use the following command:

  • To add middleware to the file kernel và setup as follows:
  • In file App\Http\Middleware\RoleMiddleware.php

  • Register RoleMiddleware into file Kernel.php
  • App\Http\Kernel.php

  • And now in the routes file we can use:

  • Now you can use in Controller my file as below to grant permissions and access to users.


Share the news now