sroutier
commented
8 years ago Hello Lilian,
Welcome to Laravel, I come from .Net , Java and Ruby myself but I find Laravel very refreshing, I hope you enjoy it as much as I do.
You have a very interesting idea. Currently LESK does not have the ability to allow roles to manage some roles but no others, but it can definitely be implemented. In fact I would encourage you to give it a try and submit a PR. This is a feature that would be useful to a lot of users.
Here are a few thoughts, I have had on this subject:
- A role should be allowed/granted the ability to manage some roles but not others.
- The IT-Managers role should be able to manage IT-Employees but not HR-Employees.
- A role should be able to manage multiple sub-roles.
- The IT-Managers role should be able to manage both IT-Employees and IT-Contractors.
- A role should be able to be managed by multiple parent-role.
- The IT-Contractors role should be able to be managed by IT-Managers, HR-Managers and HR-Employees.
- A role should not be allowed to grant all permissions in the system to another role, only the permissions that it has itself.
- The HR-Managers role should not be allowed to grant the Access-Secret-IT-Report permission to the HR-Employees, because it does not have the permission itself.
I would create a many-to-many relationship to keep track of all this. We can discuss the various different ways to implement it if you want and I can assist you if you have any questions. Getting your hand dirty is by far the best way to start really learning.
Let me know what you think. Cheers. /Seb.
Hi there,
I'm relatively new to Laravel and I just installed LESK. I'm trying to setup a scenario where I want to give permissions for some roles to manage other role(s) (one non-superadmin role can manage lower-level roles, down to users but shouldn't have permissions for higher-level). Can it be done through existing implementation? Thank you and good job, Lilian