Model direct permissions
Users who have permissions assigned to them via the model_has_permissions
table are called users with "direct permissions".
You can assign a permission to a user using the assignPermission
method:
$user->assignPermission('update posts');
You can also give multiple permissions at once:
$user->assignPermission('update posts', 'create posts');
// Or via array:
$user->assignPermission(['update posts', 'create posts']);
#Revoking direct permissions
Once a user has a permission, you can revoke that permission using the revokePermission
method:
$user->revokePermission('update posts');
#Syncing permissions
If you want to revoke all permissions and assign new ones, you can use the syncPermissions
method:
$user->syncPermissions(['create posts', 'delete posts']);
#Check if a model has permission
To check if a user has a given permission, you can use the hasPermission
method.
$user->hasPermission('create posts');
You can also pass an integer representing the permission id:
$user->hasPermission(1);
$user->hasPermission($permission->id);
Or the permission model:
$user->hasPermission(Permission::find(1));
To verify if a user has any of an array of permissions, use the hasAnyPermission
method:
$user->hasAnyPermission(['edit posts', 'create posts', 'delete posts']);
There is also a method to check if a user has all permissions of a given array:
$user->hasAllPermissions(['edit posts', 'create posts', 'delete posts']);
You can check if the user has a Specific or All or Any of a set of permissions directly assigned:
// Check if the user has Direct permission
$user->hasDirectPermission('edit posts')
// Check if the user has All direct permissions
$user->hasAllDirectPermissions(['edit posts', 'delete posts']);
// Check if the user has Any permission directly
$user->hasAnyDirectPermission(['create posts', 'delete posts']);
Beside the method described above, you can use the laravel can
method, since permissions are registered using the
Illuminate\Auth\Access\Gate
class for the default guard:
$user->can('create posts');
If you use model policies, when you have a permission with the same name as the policy method, the permission take precedence over the policy. You can read more about policies following this documentation