Users for Administrative part are separated from mail site. They are stored in own database and has own functionality.
The database locates in database/admin_users.db file.
Do not forget to add it to your .gitignore file.
Backend Users has roles. By default there are 2 roles:
- Superuser
- Admin
Superuser is hidden and can do all possible things for the application. You can add additional roles in the published configuration file.
// config/admin.php
'roles' => [
Role::ADMIN => 'Main Administrator with all Application permissions.',
'moderator' => 'Site worker.',
],Now you can use moderator role in gates and/or policies.
// AppServiceProvider
Gate::define('moderator', static function ($user): bool {
$allowed_roles = [Role::SUPER, Role::ADMIN, 'moderator'];
return rescue(
static function () use (&$allowed_roles, &$user): bool {
return \in_array($user->role, $allowed_roles, true);
},
false
);
});
// ...
auth('admin')->user()->can('moderator');The package registers admin guard.
auth('admin')->user();All controllers must be protected with \SP\Admin\Http\Middleware\Authenticate:admin middleware.
// Controller
public function __construct()
{
$this->middleware('\SP\Admin\Http\Middleware\Authenticate:admin');
}To simplify development of backend controllers
it is recommended to extend them from
\SP\Admin\Http\Controllers\AdminController
(code).
When you creating policies extend them from AbstractPolicy. This always gives access for superuser.