I have got a web project which has 3 types of users, say root admin, a super admin and kitchen admin. Each user or role has different functionalities: root admin will create super admin and other small functionalities, same way super admin would be creating kitchen admin and other functionalities and kitchen admin has its own functionalities say handling orders.
I wanted to know whether would it be a good idea to make separate laravel setup for each users or all these users can be developed in one laravel setup?
A small lead on this would be a great help since I am new at laravel.
You could make separate setups for each users. That would work. But would also be difficult to maintain and you might have to write some functions 3 times (login, logout, CRUD, etc.).
However, you could create a single project using Authorizations. Out of the box, Laravel gives you an easy way to authorize and restrict some actions via Gate or restrict models via Policy. You could also restrict URLs via Middleware. See you have 3 different ways of restricting actions.
My personal preference is Policy because it's bound to the model. You have a list of permissions and give each role their permissions, eg.: 'create_sys_admin'. Then link this permission to the 'root_admin' role. so in your policy you can write:
public function createSysAdmin(User $user) {
return $user->role->permissions->contains('create_sys_admin');
}
With the policy defined, we can check for propser permission in the controller. In any function in your controller you can always check for proper permissions
if ( Auth::user()->cant('create_sys_admin', User::class) ) {
return redirect()->back()->withErrors(['authorization' => 'You are not authorized to perform that action']);
}
That was just one way. As I previously said, you have Gates and Middlewares as well. Read more here: https://laravel.com/docs/5.4/authorization
If you want something already made, you can use this package: https://github.com/Zizaco/entrust.