Laravel different routes for different roles

Question

I have a Laravel app with different roles admin, buyer and seller. In the routes file, I have routes with a prefix of admin and users and when the prefix is user, I then also check the role. A buyers has different permissions than a seller.

Route::group(['prefix' => 'user'], function () {
    Route::group(['middleware' => ['auth', 'roles', 'user'], 'roles' => ['buyer']], function() {
        //
    });

    Route::group(['middleware' => ['auth', 'roles', 'user', 'owner:bids'], 'roles' => ['seller']], function() {
        //
    });

});

This is giving me some strange side effects. For instance I cannot have two same routes for buyer (user 1) and seller (user 2). I would want to have

http://localhost:8000/user/1/dashboard

but instead I need to do

http://localhost:8000/user/1/dashboard/buyer
http://localhost:8000/user/2/dashboard/seller

So I'm beginning to think I just need to discriminate between admin and users (and not by buyers and sellers as I'm doing above), and check the roles in the controller files, not in the route.

What is the better way of working with admin and user for which users can have multiple roles?

Cristo Cristo · Accepted Answer · 2016-06-10T22:13:10

How is it that buyer and seller go to the same route and have the same id? http://localhost:8000/user/1/dashboard

It is just one user that can do different actions then.

I would just add a field to users gate like is_admin and use some gates to check it. Same for your other similar question

https://laravel.com/docs/5.1/authorization#via-the-gate-facade

Laravel different routes for different roles

1 Answers