jimohalloran
commented
4 years ago If you take a look at /resources/js/middleware/admin.js you'll see that middleware is looking at a "role" field on the user to determine if the user is an admin or not.
I would create additional middlewares that check for the other roles you want to use. (Or check out my PR #209 for a modification to the middleware system and an example middleware that could use several different roles.
On each of individual pages that you wanted to restrict, use the middleware you created to ensure the user has that role. See resources/js/pages/home.vue for an example of using the "auth" middleware to make sure someone is logged in before they can access a page.
You'll also want to make sure your roles are enforced by your API endpoints. I use Laravel "Policy" features but you might also find spatie/laravel-permission helpful.
You may also want to add getters to the auth module in the Vuex store to test whether a user has a specific role. You can then use these shortcut functions for things like showing/hiding menu items. e.g.
isSupervisor: state => state.user.role === 'supervisor',
Hopefully that gets you started. Creating a full roles and permission system is really beyond the scope of a single GitHub issue.
Henxed
nandi95
Would anyone be able to help me add permissions with various roles to users?