Question: User with diferent Roles and Companies

[georgecpacheco]

Hi! I need to implement in a system where a user can be from different companies with different rules for each of them.
Ex: User X - Company A - Admin
User X - Company B - Manager
Remembering that my system is not Multi Tenancy.
It's possible with this package?

[drbyte]

This package associates role/permission models with other (usually User) models using polymorphic relations.
But it doesn't link in a 3rd relationship such as Company.

However, you are free to extend the package code to link in other relationships as you wish.

Alternatively if your application supports it, having a different User object/model per-company could give you quick implementation with minimal code complexity.

[denniseilander]

I have the same issue as @georgecpacheco, but instead of different roles per company, I need different permissions per company. For example:
User X - company A - permissions [1, 2, 3]
User X - company B - permissions [1, 3]

I was thinking that adding a column named company_id to the model_has_permissions will solve the problem, but I think it wil or break the whole code or I have to edit all the package files to support the new column.

Maybe you have a suggestion which files need to be modified to get the desired result?

[vchampanery]

i have question , how to add company_id into roles table ? or how to add company_id into permissions table?

[denniseilander]

@vchampanery just publish the migration with the follow command:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider" --tag="migrations" and add a column to it and execute php artisan migrate

[denniseilander]

@drbyte I ended up editing the HasPermissions Trait, I want to add a column named 'restaurant_id' to the model_has_permissions. Now when I want to add a new permission to a user (model), it works fine, but of course the new column restaurant_id leaves empty. I saw that the model_has_permissions is updated by a sync() function using the permissions(): MorphToMany function.

How can I update the permissions() function so it will also update the restaurant_id column. Now it only updates the default columns.

[drbyte]

@Dennis1502 did you sort out adding the additional column into your custom code?

[denniseilander]

@drbyte Hi,

No I had to made another solution for this problem: I generate a unique role for every user now. So when a user is connected to multiple companies, I'll create a role for the user_company like: role_[user_id]_[company_id]. When the user is connected to 3 companies, he will be assigned to 3 unique roles so you can change permissions on every role. It is a kind of hack-around, but I had no other solution, unless I would build the whole permission logic by myself, but there is not enough time (and knowledge).

[elivnjak]

So is there no out of the box way to add another column to the roles table so you can have company specific roles? If there isn't can i get some guidance on how to extend the package code to implement this? I can't use polymorphic users because i want a user to have multiple roles for one company.

[nicolaspennesi]

Hi! I think you can create a pivot table "company_table", then make a model "CompanyUser", and use that model to assign specific roles to each company-user relationships.

[denniseilander]

@nicolaspennesi that's indeed what I did. It is not the best solution, but it works for now. I have to refactor it anyway ^^

[ghost]

@nicolaspennesi could you please give some more info on your solution?

[pauladams8]

I had a similar problem. Have a look at these articles:

https://laravel.com/docs/5.8/eloquent-relationships#defining-custom-intermediate-table-models
https://pineco.de/easy-role-management-pivot-models/

If you only need to assign users roles, this works nicely.

[buildsomethingdifferent]

well look what I found and check if it works for you guys write this in your users model.

public function roles(): BelongsToMany
    {
        return $this->morphToMany(
            config('permission.models.role'),
            'model',
            config('permission.table_names.model_has_roles'),
            config('permission.column_names.model_morph_key'),
            'role_id'
        )->where('roles.company_id', Auth::user()->company_id);
    }

[BehroozBvk]

Hi @georgecpacheco
Were you able to solve your problem? Put the solution if possible

[muhammadtalhaishtiaq]

Hi @georgecpacheco
Have you got your problem solved ?If yes then pl share solution here !

[erikn69]

The solution is on documentation
https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions

[muhammadtalhaishtiaq]

The solution is on documentation https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions

Thanks for this but these are teams permissions, I have read them. We cannot create a new column inside the roles table where people with a specific role could create further roles with a company_id associated (Those roles which are added by a user will not be visible to other companies, you can say company specific)

[erikn69]

Those roles which are added by a user will not be visible to other companies, you can say company specific

@MuhammadTalha944 maybe i don't understand, but teams looks exactly what you are looking for to me, also you can overwrite/customize as you need

[muhammadtalhaishtiaq]

well look what I found and check if it works for you guys write this in your users model.

public function roles(): BelongsToMany
    {
        return $this->morphToMany(
            config('permission.models.role'),
            'model',
            config('permission.table_names.model_has_roles'),
            config('permission.column_names.model_morph_key'),
            'role_id'
        )->where('roles.company_id', Auth::user()->company_id);
    }

Have you tried it ? Is it for a user can create multiple roles under a company without breaking spatie gates and policies ?

[fredsal]

@MuhammadTalha944 i'am using Teams Permissions for allow user multiple roles creation under a company without breaking spatie gates and policies
#1804

[muhammadtalhaishtiaq]

Ahh, Glad to hear that finally, could you help me out please. How you achieve that how you managed to have company id inside spatie tables and all that using teams feature.
Thanks in advance.

[fredsal]

I did only follow these indications

Teams Permissions
#1804

[tonypartridger]

The problem with that @fredsal is you have to create a duplicate role for each individual team don't you?

My scenario is I have teams, people are assigned to the teams and from there they should have individual roles/permissions per team which are based on a global default.

The way I see: https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions

working, if you have to create new roles for every single team?

[erikn69]

@tonypartridger read again and look for global roles

[albertopinilla]

I hope it hasn't taken too long. I have the same need and was thinking of implementing this solution. Actually, the tables from the Laravel Permissions package remain the same. What I did was add new tables to establish the roles and permissions that will be associated with the entities to which a user is related. What do you think about this solution?

[tonypartridge]

I hope it hasn't taken too long. I have the same need and was thinking of implementing this solution. Actually, the tables from the Laravel Permissions package remain the same. What I did was add new tables to establish the roles and permissions that will be associated with the entities to which a user is related. What do you think about this solution?

It's overly complicated, you can do this with this package by adding the team support, see:

https://spatie.be/docs/laravel-permission/v5/basic-usage/teams-permissions