Authorization


Authorization

Every AS user has a role assigned to his account. We are able to get that role and determine should we display some content to that user, or perform some action.

User's Role

As it was already mentioned inside current user page, we are able to get the role of currently authenticated user like following:

$role = app('current_user')->role;

If we want to get the role for any other user, all we need is his id:

$userId = 123;

// $role variable will now contain the role name for 
// user with provided id
$role = app('role')->getRole($userId);

Role-specific Content

And now, let's say that currently authenticated user is able to leave the comment on our home page only if he does not have the user role. This can be accomplished as following:

$role = app('current_user')->role;

<?php if($role != 'user'): ?>
      <div class="leave-comment">
            <div class="control-group">
                <h5>Leave comment</h5>
                <div class="controls">
                    <textarea id="comment-text"></textarea>
                    <button class="btn btn-success" id="comment">Comment</button>
                </div>
            </div>
      </div>
<?php else: ?>
      <p>You can't post comments here until admin change your role.</p>
<?php endif; ?>