The teams (clinics) will be managed by a user with a Master Admin role. That Master Admin will not see the users and the tasks of each clinic. They will just manage the teams.
For simplicity, in this tutorial, we will build just the team features of list and create, without edit/delete functionality.
First, let's talk about roles and permissions since they are the main topic of this course.
The rules will be defined in the Policy file we generate specifically for Team management.
php artisan make:policy TeamPolicy
app/Policies/TeamPolicy.php
use App\Models\User;use App\Enums\Permission;use Illuminate\Auth\Access\HandlesAuthorization; class TeamPolicy{ use HandlesAuthorization; public function viewAny(User $user): bool { return $user->hasPermissionTo(Permission::LIST_TEAM); } public function create(User $user): bool { return $user->hasPermissionTo(Permission::CREATE_TEAM); }}
We use the permission names (Enum again!). We have already assigned the roles for those permissions in the seeders.
Laravel will automatically detect the Policy by the Model, so we can use those Policy checks immediately in our new Controller, with Gate::authorize()
in each method.
php artisan make:controller TeamController
We will add three methods inside:
app/Http/Controllers/TeamController.php
use App\Models\Team;use Illuminate\Support\Facades\Gate; class TeamController extends Controller{ public function index(): View { Gate::authorize('viewAny', Team::class); // Coming soon. } public function create(): View { Gate::authorize('create', Team::class); // Coming soon. } public function store(StoreTeamRequest $request): RedirectResponse { Gate::authorize('create', Team::class); // Coming soon. }}
Notice: It's a personal preference whether to use Policies or check the Permissions directly in the Controller. For this relatively simple check, Policies are NOT necessary. You could check this directly in the Controller:
public function index(): View{ Gate::authorize(Permission::LIST_TEAM);
However, in this project, we decided to go with Policies because...