Getting Started

Minimal Steps to Begin

Installation:

composer require leoche/laravel-lpermissions:1.0

Add the service provider to config/app.php under providers:

Leoche\LPermissions\LPermissionsServiceProvider::class,

Publish and run migrations:

php artisan vendor:publish --provider="Leoche\LPermissions\LPermissionsServiceProvider"
php artisan migrate

First Use Case:

Assign a role to a user:

use Leoche\LPermissions\LPermissions;
$user = User::find(1);
$user->assignRole('admin'); // 'admin' must exist in the `roles` table

Protect a route:

Route::get('/admin', ['middleware' => 'role:admin', function() {
    return 'Admin Dashboard';
}]);

Where to Look First:
- Migrations: Check database/migrations/ for roles, permissions, and role_user tables.
- Middleware: The role middleware is auto-registered in app/Http/Kernel.php.
- Blade Directives: Review @can and @cannot directives in the package’s Blade helpers.

Implementation Patterns

Core Workflows

Role Assignment:

Assign a role to a user:
```
$user->assignRole('editor');
```

Assign multiple roles:

$user->assignRole(['editor', 'moderator']);

Remove a role:
```
$user->removeRole('editor');
```

Permission Management:

Attach permissions to a role:

$role = Role::findByName('admin');
$role->attachPermission('create_post');

Check user permissions in routes/middleware:

Route::get('/posts/create', ['middleware' => 'permission:create_post', function() {
    return 'Create Post';
}]);

Blade Integration:

Conditionally render UI:

@can('edit_post')
    <button>Edit Post</button>
@endcan

Check roles:

@role('admin')
    <div>Admin Panel</div>
@endrole

Policy Integration:

Extend Laravel’s built-in policies:

use Leoche\LPermissions\Traits\HasPermissions;
class Post extends Model {
    use HasPermissions;
}

Define custom permissions in config/lpermissions.php:

'permissions' => [
    'posts' => ['create', 'edit', 'delete'],
],

Integration Tips

Middleware Chaining: Combine with Laravel’s built-in middleware (e.g., auth):

Route::get('/admin', ['middleware' => ['auth', 'role:admin'], function() {
    return 'Admin Area';
}]);

API Gate: Use Gate::before() to dynamically override permissions:

Gate::before(function ($user, $ability) {
    if ($user->isSuperAdmin()) {
        return true;
    }
});

Seeding Roles/Permissions: Create a seeder to populate initial roles/permissions:

$role = Role::create(['name' => 'admin']);
$role->attachPermission(['create_post', 'delete_post']);

Gotchas and Tips

Pitfalls

Laravel Version Lock:
- The package is Laravel 5.3-only. Avoid using with newer versions unless forked/updated.
- Fix: Use a compatible fork (e.g., spatie/laravel-permission) for Laravel 5.5+.
Migration Conflicts:
- If roles or permissions tables already exist, migrations may fail.
- Fix: Manually adjust column names or drop tables before re-running migrations.

Middleware Not Auto-Registered:

The role and permission middleware must be manually added to app/Http/Kernel.php:

'role' => \Leoche\LPermissions\Middleware\RoleMiddleware::class,
'permission' => \Leoche\LPermissions\Middleware\PermissionMiddleware::class,

Case Sensitivity:
- Role/permission names are case-sensitive in checks (e.g., role:Admin ≠ role:admin).
- Fix: Standardize naming (e.g., lowercase) in config/lpermissions.php.
No Built-in Permission Groups:
- Unlike spatie/laravel-permission, this package lacks permission grouping (e.g., posts.create).
- Workaround: Prefix permissions (e.g., posts.create) and handle in middleware.

Debugging

Check User Roles:

dd(auth()->user()->roles); // Debug assigned roles

Verify Middleware: Ensure middleware is registered in Kernel.php and routes use the correct key:

Route::get('/test', ['middleware' => 'role:admin']); // Correct
Route::get('/test', ['middleware' => 'RoleMiddleware']); // Incorrect

Log Permission Checks: Override the hasPermission method in a trait to log failed checks:

trait LogPermissionChecks {
    public function hasPermission($permission) {
        $result = parent::hasPermission($permission);
        if (!$result) {
            Log::warning("Permission denied: {$permission} for user " . $this->id);
        }
        return $result;
    }
}

Extension Points

Custom Middleware: Extend the base middleware to add logic:

namespace App\Http\Middleware;
use Closure;
class CustomRoleMiddleware {
    public function handle($request, Closure $next, $role) {
        if (auth()->user()->hasRole($role) && auth()->user()->isActive()) {
            return $next($request);
        }
        abort(403);
    }
}

'customrole' => \App\Http\Middleware\CustomRoleMiddleware::class,

Blade Extensions: Add custom directives (e.g., @hasanyrole):

Blade::directive('hasanyrole', function ($roleList) {
    return "<?php if(auth()->user()->hasAnyRole({$roleList})): ?>";
});

Usage:

@hasanyrole(['admin', 'editor'])
    <div>Restricted Content</div>
@endhasanyrole

Database Schema: Extend the role_user pivot table to store metadata (e.g., assigned_at):
```
Schema::table('role_user', function (Blueprint $table) {
    $table->timestamp('assigned_at')->useCurrent();
});
```
Update the assignRole method in the package’s User model trait.

Configuration Quirks

Default Guard: The package assumes the web guard. For API routes, specify the guard in middleware:
```
Route::middleware(['auth:api', 'role:admin'])->group(function () {
    // API routes
});
```

Permission Caching: Permissions are not cached by default. For large apps, implement caching in the hasPermission method:

public function hasPermission($permission) {
    return cache()->remember("user_{$this->id}_permissions", 60, function() use ($permission) {
        return $this->roles->contains('permissions.name', $permission);
    });
}

Laravel Lpermissions Laravel Package