Hi everyone, I'm about to develop a management web app with Laravel. I need that my users have different roles with different permission. In details: some users can add customers, some users can write pieces of a paper related to the customer, some other users can just read that paper and some other users can read just some pieces of that paper. So I decided to use an RBAC approach in order to gain a certain flexibility. I'll use this DB schema (just an example schema, but represent the needings of my application): My answer is: since there is a direct relationship between users and paper, customer, attachs etc., how are RBAC rules expressed? I have to check user's permission in frontend when he request an operation or a resource? Or there are ways to express this rules even at backend level? Maybe using some GRANT options? Hope sby can help. Thank you!
... View more