Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Adelf's Blog:
Are you sure you need entrust or laravel-permission to implement your authorization?
Nov 07, 2018 @ 09:33:19

In a post to his site Adelf aims to help you answer the question of the use of either the Entrust or Laravel-permission packages in your Laravel application to handle your authorization.

"Hmmm, I need some basic authorization, like admin role for admin panel and maybe some editor/moderator role... Let's google it. Wow! Laravel already has packages for that! zizaco/entrust, spatie/laravel-permission and others! Let's choose one!"

That's how it usually happens. Then package's migration will add about 5 tables to store roles, permissions and their relations. [...] It only looks simple: just install package, run ready migration and go on. From long-term point of view for 90% projects it's not the best choice.

He starts with an example of a common situation for most web developers: the inclusion of the package, the database changes that come with it and the management of keeping the permissions in sync. He makes the suggestion that maybe this seemingly "simple" way may not be the best and that, in most cases, they're overkill for what an application needs. He shows how to slim down this functionality using Laravel's own gates/policies and boil it down to just the checks that need to be made without the package overhead.

tagged: tutorial laravel permission entrust package requirement simple

Link: https://adelf.pro/2018/authorization-packages