Roles and permissions
gtbsleephead opened this issue · 3 comments
How do i restrict access to /admin to users with a role of manager or administrator?
Am i right in thinking that the default install allows any logged in user to access or have i stuffed it up somehow?
Hi, you can enable access check for section.
Example https://github.com/SleepingOwlAdmin/demo/blob/master/app/Admin/User.php#L8
AdminSection::registerModel(User::class, function (ModelConfiguration $model) {
$model->enableAccessCheck();
})And then section will be checked with gate
Gate::allows($action, User::class)You need to create policy class https://github.com/SleepingOwlAdmin/demo/blob/master/app/Policies/UserPolicy.php and register for model https://github.com/SleepingOwlAdmin/demo/blob/master/app/Providers/AuthServiceProvider.php#L20
Profit
Or, you cau create custom middleware, for example https://github.com/butschster/SimpleSite/blob/master/app/Http/Middleware/AdminAuthenticate.php
and specify it in https://github.com/butschster/SimpleSite/blob/master/config/sleeping_owl.php#L46
thanks - sorted.