PovilasKorop
commented
6 years ago I think it's ok as a simple solution to put client id in the users table and then filter by it. Also I advise to read about Eloquent query scopes, it may help to filter automatically.
Reegan01
First thanks for your wonderful example. It reduce to spending lot of time to work on Role based authentication.
I'm working in a project with Client and their members. Based on your example we can create Multiple Role like Admin,Client, Member, etc ... We can restrict the client don't see the Admin details and Member don't see the Admin and client details. So Admin can control all Client and members, client can control all members. Here is my problem.
I want to make a Client can view and control their members only. Not interact with other Client members. It's like a Group. So a Client have a group. He can control their group members only.
I have an idea to make that, While a Client create a user, we can get the id of the client and store it in a db column. So we can use a query to fetch the all users respect to their clients. But is it secure ? or I want to make separate table to hold the relationship like 'client_id, user_id,created_at,updated_at' ?
Please give me some suggestions ?