Permissions & Authorization
Where this lives
- Repo: Eliinova/the-one-otc-api
- Role enum:
app/Enums/RoleEnum.php - Seeder:
database/seeders/RolePermissionSeeder.php(run viaphp artisan db:seed --class=RolePermissionSeeder) - Package: Spatie Laravel Permissions
- Admin panel (assign roles):
https://stage-api.easyotc.com/admin(staging) orhttp://localhost:8000/admin(local). See /access for credentials.
EasyOTC uses Spatie Laravel Permissions for comprehensive role-based access control (RBAC) and permission management.
Overview
Spatie Laravel Permissions provides a flexible and powerful way to manage user permissions and roles in Laravel applications. It allows you to:
- Define granular permissions
- Create roles with specific permission sets
- Assign roles to users
- Check permissions at various levels (routes, controllers, views, etc.)
Key Features Used
Roles
Defined in app/Enums/RoleEnum.php:
- OTC_ONE_ADMIN: Full system access (platform-wide super admin)
- CARRIER_ADMIN: Carrier-scoped administrative access
- AGENT: Carrier-scoped agent access
- MEMBER: Standard user access with carrier restrictions
Permission Types
- Resource-based permissions: Create, read, update, delete operations
- Feature-based permissions: Access to specific platform features
- Carrier-scoped permissions: Multi-tenant access control
Implementation
- Permission checks in controllers and middleware
- Role-based route protection
- Filament admin panel integration
- API endpoint authorization
Benefits
- Flexible: Easy to add new permissions and roles
- Scalable: Supports complex permission hierarchies
- Secure: Built-in security features and best practices
- Maintainable: Clean, readable permission definitions
For detailed implementation examples and configuration, refer to the Spatie Laravel Permissions documentation.