Once you define user role, you can proceed to define user permission. User permission is a kind of action, which a user can perform if you have given permission to perform that action. For example, say you want that user having role 'Manager' can only create new users. So you can add new permission called 'Create User' & assign 'Manager' with that permission.


With the help of Larafy, you can add unlimited permissions & easily use these permissions into your system. Larafy uses most powerful ACL package of laravel called 'Zizaco/Entrust'.


To add new permission, you need to enter a unique permission name. Permission category field is used to categorized different permissions available in the system. You can also put optional description to that permission. By default, system has some set of permission, which cannot be edited or deleted. All these permissions have 'default' tag in it so that one can easily identify the default permission.



Once you define permission into the system, you can proceed to assign those permission to different user role. In the attached image, you can see that same group of permissions are placed at one place with the help of category. Here you can assign permission to two different roles:


By default, 'Admin' has all kind of permission. If you add a new kind of permission, 'Admin' can access that permission also. But you can change user permission as per your requirement. 


You can easily use these permissions into any controller or blade template by using following codes:


Use of permission in Controller:

   

<?php
namespace App\Http\Controllers;
use Entrust;

Class MyController extends Controller{

	public function index(){
            if(Entrust::can('create-user'){
                // write code for create user
            }
                // or if only 'User' role can create user

            if(Entrust::hasRole('user'){
                // write code for create user
            }
        }
}
?> 

   


Use of permission in Blade Template:

 

<div class="my-class">
    {{@if(Entrust::can('create-user')}}
    <!-- Write form for create user -->
    {{@endif}}
    <!-- Or if only User role can access create user form -->
    {{@if(Entrust::hasRole('user')}}
    <!-- Write form for create user -->
    {{@endif}}
</div>