implementing crm with laravel roles and permissions

Implementing CRM System With Laravel Part 6: Roles and Permissions Module

In this part we will create the roles and permissions modules using the same technique that we followed in the previous tutorial.



Series Topics:


In part 1 we installed the roles and permissions package, this package have several tables in the database to enable us to store roles and permissions in their dedicated tables so in this part we will add two modules that control the permissions and roles.

The first module we will add is the permissions module and it will store the permissions like “add_contact” permission.

The second one is the roles module, the roles contain many permission, for example role “sales person” will have permissions view contact, view tasks, view documents etc.

After that we will add another page in the users module to enable it to select the role(s).

Note that the permissions and roles modules will be controlled by the super admin only “is_admin=1”.


Generating Permissions Module

We will use the same commands we used in the previous part to generate the views and controllers.

At first modify app/Http/Kernel.php and modify $routeMiddleware


Generate the views:

Generate the controller:


Permissions Controller

Open app/Http/Controllers/PermissionsController.php and make the below updates


Permissions Views

Now open the below view files and make the following updates to each file





Updating Routes


Generating Roles Module

Generate the views:

Generate the controller:


Roles Controller

Open app/Http/Controller/RolesController.php and update it as shown below:

Roles Views

Open and update the roles view files shown below






As you see in the Roles and Permissions controllers i have used the Roles and Permissions Api from spatie/laravel-permission package, the package gives us all the methods to work with when we need to create permissions and create roles and assigns permissions to roles.

For the permissions module i have omitted the update and delete links also i have remove the edit(), update() and destroy() functions from the permissions controller as we don’t want to allow the user to edit or delete a permission by mistake because this will lead to system failure.

In the both of controllers constructor i have set the “admin” middleware as those modules will be controlled only by the super admin user.

To assign permissions to certain role we used the package $role->givePermissionTo($permission), this will insert a record in the roles_has_permissions table with the role_id and permission_id

To retrieve the permissions for a certain role we used $role->permissions(). To delete a permission from a role we used $role->revokePermissionTo($permission) method.


Now we need to assign the roles we just created to the user, so we will create a new action in the user controller like this:

add these two methods to the end of UsersController


Modify resources/views/pages/users/index.blade.php

Update the User model add use HasRoles trait like this:

add this method to end of the app/Helpers/MailerFactory.php


Modify routes/web.php add those lines after Route::resource(‘permissions’)

In the above code we added the methods for updating the user role in the users controller in the UsersController::updateRole() method.

Then assigning a role to the user is acheived by calling $user->syncRoles($role_id) . This method first the removes the old roles if any then attach the new roles. After that we send a notification email to the user with the new role.

Finally we updated the users listing page to show the user role in file resources/…./users/index.blade.php.


Restricting Super Admin

Let’s restrict the the roles, permissions, and users module to the super admin user only because these modules is dangerous modules that can not be opened to anyone.

open resources/views/layout/sidebar.blade.php and modify it like this:

Also modify resources/views/pages/users/profile/view.blade.php like this:

Here i showed the “edit profile” link if the user is super admin or has permission “edit_profile“.


Continue to Part 7: documents module


Share this: