Thank you for this drugged ninja component!

I just tried it out and unless I did not set it up correctly the default behavior of the can function is set to true. If the user has no roles it will return true (as the can function only return false if a "false" role exists).

Good work though, keep it up!

Works

@if(Auth::user()->isAdmin())
True
@else
False
@endif

Does not worl

@if(Shinobi::is('admin'))
    True
@else
    False
@endif

Returns error

ype error: Argument 1 passed to Illuminate\Database\Eloquent\Model::is() must be an instance of Illuminate\Database\Eloquent\Model, string given, called in F:\laragon\www\app\vendor\caffeinated\shinobi\src\Shinobi.php on line 77 (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php) (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php) (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php)

Does not work

@role('admin')
    Do whatever
@else
    Do something else
@endrole

Gives Error

ErrorException in Model.php line 3062:
Type error: Argument 1 passed to Illuminate\Database\Eloquent\Model::is() must be an instance of Illuminate\Database\Eloquent\Model, string given, called in F:\laragon\www\app\vendor\caffeinated\shinobi\src\Shinobi.php on line 77 (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php) (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php) (View: F:\laragon\www\app\resources\views\partials\sidebar-left.blade.php)

Does not work

dd( Auth::user()->is('admin') );

Gives error

FatalThrowableError in Model.php line 3062:
Type error: Argument 1 passed to Illuminate\Database\Eloquent\Model::is() must be an instance of Illuminate\Database\Eloquent\Model, string given, called in F:\laragon\www\aoo\app\Http\Controllers\SettingsController.php on line 18

But this works but I just can not figure how to get role if my role slug is 'school.admin'
isSchoolAdmin, did no work!

dd( Auth::user()->isAdmin() );

This works all good

@canatleast(['edit.setting'])                                   
                                        <li class="{{set_active('settings/edit')}}">
                                            <a href="{{ action('SettingsController@editMySettings') }}">
                                                Settings settings
                                            </a>
                                        </li>
                                        @endcanatleast

This also works

@if (Shinobi::canAtLeast(['edit.user', 'create.user'])) 
    True
@else
    False
@endif

Where could be problem that trows error?

@role('admin')

In version 3.1 i get an error using traits methods

Call to protected method Caffeinated\Shinobi\Traits\ShinobiTrait::getShinobiTag() from context 'Caffeinated\Shinobi\Models\Role'

this is when i use method syncPermissions from Role model.

I've just tried Shinobi and Watchtower... had some problems, like the errors related to the php version (not using 7 in the test server), but solved reading the posts here.
But I've found out another problem related to Shinobi::canAtLeast.
Looks like it's not working as intended... even if I log with the administrator, with all the permissions set, I still canno see/edit the roles or the users.
The permissions are ok, because if I change canAtLeast with Shinobi::can, I see the pages normally. But if I change back to canAtLeast, I get a "You are not permitted to view users." error.
Found the problem using Watchtower, but looks like it's realated more to Shinobi, so wrote it here :)

Just wondering how shinobi adds to 5.2.x or has 5.2.x started to take on a maority of what shinobi started as?

When there could be added Laravel 5.3 support?
Thanks!

I have 7 rolaes and 70 premissions,

But when I open page, I have lot of queries, regarding, roles, why it is
Image
Thanks1

I'm getting error:

FatalErrorException in UserHasRole.php line 36:
Call to a member function isRole() on null

When using middleware for example:

Route::group(['prefix' => 'admin', 'namespace' => 'Admin', 'middleware' => 'roleshinobi:admin'], function() {
    Route::get('/', 'AdminController@index');
});

when I'm not logged in already. Shouldn't this just be redirecting to login?

Thanks,

Kinda ties into #25 earlier.

On a fresh install of Laravel 5.2 and using the Shinobi trait, throws this error :

ErrorException in User.php line 9:
Declaration of Caffeinated\Shinobi\Traits\ShinobiTrait::can($permission) should be compatible with Illuminate\Foundation\Auth\User::can($ability, $arguments = Array)

A simple fix, of course is to just add , $arguments = []) inside the can function of ShinobiTrait...but there is a number of other "can" calls that are affected (I think) throughout the package. I had started a PR with the changes but I have hesitations of modifying the __call function in ShinobiTrait since you are already passing in an arguments parameter so I thought I better go with this issue instead...

After update all my @endcanatleast statements do not work any more

All menu itemas are hidden

@canatleast(['edit.event', 'create.event'])
<li class="{{set_active('schedule')}}">
<a href="{{ action('EventController@index') }}">
{{tr("b/sidebar-right.reserve-lessons","Reserve lessons")}}
</a>
</li>
@endcanatleast
@canatleast(['show.event.index'])
<li class="{{set_active('appointments')}}">
<a href="/appointments">
{{tr("b/sidebar-right.open-lessons","Open all lessons")}}
</a>
</li>
@endcanatleast

All menus are hidden, eaven for admin.

Dear Shinobi Team,
I have a problem with my application which uses your awesome shinobi package:

I would like to have a feature like role levels. Consider the following example in order to clarify this feature:
I have an API endpoint, which may be accessed by the following roles: editor, manager and admin. In order to secure the endpoint, i need to enable the endpoint for these specific roles.

However, this results in either:

1. assigning the rules editor, manager and admin to the route to be protected
2. assigning all of these rules to one specific user.

Would it be possible to create some sort of role hierarchy using an additional level attribute? (the default level would be 1). For example, the roles listet below should become more powerful with each step:
guest (level 1) > user (level 2) > editor (level 3) > manager (level 4) > admin (level 5).

Then we could use a function like this:

if($user->hasLevel() > 4) {
   // this logic is accessible for users with role manager OR admin.
   // would be similar to
   // if($user->isAdmin() || $user->isManager())
}

I hope you understand my problem..
Cheers from Germany,
Johannes

Im using PHP 7, Laravel 5.2

My user model looks like this:
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;

use Caffeinated\Shinobi\Traits\ShinobiTrait;

class User extends Model implements AuthenticatableContract,
CanResetPasswordContract
{
use Authenticatable, CanResetPassword, ShinobiTrait;

when the user is NOT an admin i get:
BadMethodCallException in Builder.php line 2130:
Call to undefined method Illuminate\Database\Query\Builder::can()
in Builder.php line 2130
at Builder->__call('can', array(array('create.car')))
at call_user_func_array(array(object(Builder), 'can'), array(array('create.car'))) in Builder.php line 1245
at Builder->__call('can', array(array('create.car')))
at call_user_func_array(array(object(Builder), 'can'), array(array('create.car'))) in Model.php line 3548
at Model->__call('can', array(array('create.car'))) in ShinobiTrait.php line 145
at User->can(array('create.car')) in DepartmentController.php line 43
at DepartmentController->index(object(Request))
at call_user_func_array(array(object(DepartmentController), 'index'), array(object(Request))) in Controller.php line 76
at Controller->callAction('index', array(object(Request))) in ControllerDispatcher.php line 146
at ControllerDispatcher->call(object(DepartmentController), object(Route), 'index') in ControllerDispatcher.php line 94
at ControllerDispatcher->Illuminate\Routing{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 52
at Pipeline->Illuminate\Routing{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 102
at Pipeline->then(object(Closure)) in ControllerDispatcher.php line 96
at ControllerDispatcher->callWithinStack(object(DepartmentController), object(Route), object(Request), 'index') in ControllerDispatcher.php line 54
at ControllerDispatcher->dispatch(object(Route), object(Request), 'App\Http\Controllers\DepartmentController', 'index') in Route.php line 174
at Route->runController(object(Request)) in Route.php line 140
at Route->run(object(Request)) in Router.php line 703
at Router->Illuminate\Routing{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 52
at Pipeline->Illuminate\Routing{closure}(object(Request)) in Backend.php line 79
at Backend->handle(object(Request), object(Closure), 'department.manager')
at call_user_func_array(array(object(Backend), 'handle'), array(object(Request), object(Closure), 'department.manager')) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 102
at Pipeline->then(object(Closure)) in Router.php line 705
at Router->runRouteWithinStack(object(Route), object(Request)) in Router.php line 678
at Router->dispatchToRoute(object(Request)) in Router.php line 654
at Router->dispatch(object(Request)) in Kernel.php line 246
at Kernel->Illuminate\Foundation\Http{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 52
at Pipeline->Illuminate\Routing{closure}(object(Request)) in VerifyCsrfToken.php line 64
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request)) in ShareErrorsFromSession.php line 49
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request)) in StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request)) in CheckForMaintenanceMode.php line 44
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124
at Pipeline->Illuminate\Pipeline{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 102
at Pipeline->then(object(Closure)) in Kernel.php line 132
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 99
at Kernel->handle(object(Request)) in index.php line 53

... when i run this from a controller:

        if (Shinobi::can('create.car')) {
            echo 'can create car';
        }

oddly it doesnt throw an error if user is role/admin
but the if statement gives the wrong answer :(

this works like a charm:

        if (Shinobi::is('department.manager')) {
            echo 'dp. m.';
        }

i cant figure this out by me onsies ...

Laravel 5 supports publishing now

http://laravel.com/docs/master/packages

I was wondering, is there some easy way to add permissions to specific user, not just roles.

For now if I need, to give some user some specific permission, I make new role, just for that user.
But it is not to smart :D

Maybe some one have some suggestions?

If I try @can() in my blade template. It works just fine. Trying @ROLE('admin') gives me this error:

Type error: Argument 1 passed to Illuminate\Database\Eloquent\Model::is() must be an instance of Illuminate\Database\Eloquent\Model, string given, called in /home/vagrant/Code/rs53/vendor/caffeinated/shinobi/src/Shinobi.php on line 77 (View: /home/vagrant/Code/rs53/resources/views/home.blade.php)

I am using "caffeinated/shinobi": "^3.0", in my composer file. All instructions followed as well. I'm sure I borked something, I just can't figure out what.

Using blade, the @can directive doesn't seem to be functional. The generated code uses Gate:: instead of Shinboi::

@if ( \Shinobi::can() ) works fine.

I removed the Authorizable lines from User model and the @ROLE directive is working fine as well.

welcome.blade.php

            @can('dddd')
                Can Test
            @endcan

            @role('first')
                Role Test
            @endrole

laravel_generated_cache

            <?php if (Gate::check('dddd')): ?>
                Can Test
            <?php endif; ?>

            <?php if (\Shinobi::is(('first'))): ?>
                Role Test
            <?php endif; ?>

Sorry for the extra activity for you tonight. I am just about finished the front-end dashboard package I am working on for Shinobi and want to finish it off. Thanks.

Hi,

I couldn't run migrations because they are not published.

I've run

composer require caffeinated/shinobi

than added this line to config/app.php into providers sub array,

Caffeinated\Shinobi\ShinobiServiceProvider::class,

then I run

composer dump-autoload
php artisan clear:cache

and finally

php artisan vendor:publish

but the response is

Copied Directory [/vendor/laravel/framework/src/Illuminate/Notifications/resources/views] To [/resources/views/vendor/notifications]
Copied Directory [/vendor/laravel/framework/src/Illuminate/Pagination/resources/views] To [/resources/views/vendor/pagination]
Publishing complete for tag []!

And then, obviously, when I run php artisan migrate, it says "there is nothing to migrate" because migrations are not copied to default migrations folder.

This is the first additionally required library to a new laravel project, so I'm almost sure the reason is not another library. I've initialised the authentication middleware though.

I'm not using a different migration folder rather than default. And I'm working on the latest version of homestead on vagrant.

Do you have any idea why it's not working?

Thanks.

This package still available and usable with Laravel 5.0?

I realized that blade directives aren't implemented on the version i'm using. (Caffeinated\Shinobi @v1.0.2)

Should i implement these on my application itself or we can PR this ?

Not sure if I mentioned this properly before but I have been putting together a frontend "dashboard" for Shinobi. Alpha release is out if you want to see it and tell me to rip your name the hell off of it. 😄

https://github.com/SmarchSoftware/watchtower

Anyway, the docs are under construction but the install works as explained. Going to get the config options, roles / permissions pages up on the wiki shortly.

Probably said it before but, thanks again for the package.

I thought that a "no-access" would over-ride all other permissions. However, if there are two roles on a user, and one is no-access and the other is "allow", the allow will permit the user to continue.

Is that intended that for a "no-access" role to work all other roles have to be removed as well?

Just curious, thanks.

I've written in this in the original commit as well, as of version 3.1 the plugin is executing it's migrations along the global artisan:migrate command. This breaks with the original functionality of publishing the migrations and pick and choose what you need.

In our scenario this breaks our codebase since we're using the original published migrations in modified form since we already had a roles table in our database. When upgrading to 3.1 you will get a roles table already exists because of this.

it's a good package, but this is really important

I'm currently playing around with shinobi for role and permission management in our application. I have to create the role and the permission models on my own, right?

Hello,

Is there a way to get all users with a such role? For example, get all user with the role 'admin'?

P.S. Sorry if I am posting this in a wrong place.

Regards.
Alexei

the m took over the comma, evil m's!

// Handle canDoSomething() methods
if (starts_with($methodm 'can') and $method !== 'can') {
    $permission = substr($method, 3);

    return $this->can($permission);
}

Any possibility of adding support for wildcards?

(foo.*)->can('foo.bar'); // true
(foo.*)->can('foo.*'); // true
(foo.bar)->can('foo.*'); // false
(*.bar)->can('foo.bar'); // true

This would make it easy to assign permissions to say, an entire controller.

Error returned: "No input file specified."

Hi, first of all, thank you for this package, i'ts pretty helpfull for end users.

Just want to ask, is there any plan to merge this package with existing Laravel model policy object? Especially on ShinobiTrait@can method (since it overrides Laravel Authorizable@can method).

I think Laravel model policy was really good for fixed user permission or authorization. But it cannot be used together.

Thanks.

i get:
ErrorException in Model.php line 3093: Argument 1 passed to Illuminate\Database\Eloquent\Model::is() must be an instance of Illuminate\Database\Eloquent\Model, string given,

when using:
$user = User::first(); return $user->is('administrator');

I added the use ShinobiTrait; to the User.php Model

HI,
$role->getPermissions() gets the permissions per role but I'm trying to populate a multiselect and was wondering if there is method to do this?

I'm looking at using this http://loudev.com/#project for displaying the permissions.

What would be the best (eloquent) way to return a list of all users who have a role of a certain type?

like get all 'admin' users?

Not quite sure the purpose of the slug field in the permissions table.

Assuming I have a permission such as -

Is that to facilitate something like

if ( Auth::user()->can('tca') )

instead of something like

if ( Auth::user()->can('todo.create.all') )

? Thanks.

laravel 5.11 authorization has been released recently. How different is Shinobi from that, is Shinobi still relevant ?

Hi, not sure if anyone else has had this issue, but when trying to require this package through composer, I am getting the below output. I am running 5.2.45 on a local dev environment under Valet on my Macbook Pro. Any suggestions would be welcome.

composer require caffeinated/shinobi
Using version ^3.0 for caffeinated/shinobi
./composer.json has been updated
Loading composer repositories with package information Updating dependencies (including require-dev) Your requirements could not be resolved to an installable set of packages.

Problem 1
- Conclusion: remove laravel/framework v5.2.45
- Conclusion: don't install laravel/framework v5.2.45
- caffeinated/shinobi 3.0.x-dev requires illuminate/config 5.3.* -> satisfiable by illuminate/config[5.3.x-dev, v5.3.0, v5.3.4].
- caffeinated/shinobi v3.0 requires illuminate/config 5.3.* -> satisfiable by illuminate/config[5.3.x-dev, v5.3.0, v5.3.4].
- caffeinated/shinobi v3.0.1 requires illuminate/config 5.3.* -> satisfiable by illuminate/config[5.3.x-dev, v5.3.0, v5.3.4].
- caffeinated/shinobi v3.0.2 requires illuminate/config 5.3.* -> satisfiable by illuminate/config[5.3.x-dev, v5.3.0, v5.3.4].
- caffeinated/shinobi v3.0.3 requires illuminate/config 5.3.* -> satisfiable by illuminate/config[5.3.x-dev, v5.3.0, v5.3.4].
- don't install illuminate/config 5.3.x-dev|don't install laravel/framework v5.2.45
- don't install illuminate/config v5.3.0|don't install laravel/framework v5.2.45
- don't install illuminate/config v5.3.4|don't install laravel/framework v5.2.45
- Installation request for laravel/framework (locked at v5.2.45, required as 5.2.*) -> satisfiable by laravel/framework[v5.2.45].
- Installation request for caffeinated/shinobi ^3.0 -> satisfiable by caffeinated/shinobi[3.0.x-dev, v3.0, v3.0.1, v3.0.2, v3.0.3].

When update Laravel 5.0 to 5.1 not resolving requirements, in you composer.json you have:

"require": {
        "php": ">=5.4.0",
        "illuminate/database": "5.0.*",
        "illuminate/support": "5.0.*",
        "illuminate/filesystem": "5.0.*",
        "illuminate/config": "5.0.*"
    },

Please create new branch only for L5.1

Hello Goodnight,
I have had problems installing the shobobi library in laravel 5.5, I am writing to see if there is any configuration other than those described in the wiki

This is on a fairly fresh install.

$ artisan migrate:install
Migration table created successfully.

$ artisan migrate
Migrated: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_100000_create_password_resets_table
Migrated: 2015_01_20_084450_create_roles_table
Migrated: 2015_01_20_084525_create_role_user_table
Migrated: 2015_01_24_080208_create_permissions_table
Migrated: 2015_01_24_080433_create_permission_role_table
Migrated: 2015_12_04_003040_add_special_role_column
Migrated: 2016_02_05_192457_create_sessions_table
Migrated: 2016_02_22_152810_create_cache_table

$ artisan migrate:refresh
PHP Fatal error: Class 'AddSpecialRoleColumn' not found in vendor/laravel/framework/src/Illuminate/Database/Migrations/Migrator.php on line 336

1.) middleware

<?php namespace App\modules\Kagi\Http\Middleware;

use Auth;
use Closure;
use Flash;
use Illuminate\Http\RedirectResponse;
use Illuminate\Contracts\Routing\Middleware;

class AuthenticateAdmin implements Middleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure                  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
//dd($request);

        if (! Auth::user()->can('manage_admin')) {
            Flash::error('Sorry, you do not have the proper permissions.');

            return new RedirectResponse(url('/'));
        }

        return $next($request);
    }
}

app/http/kernel

        'admin' => 'App\Modules\Kagi\Http\Middleware\AuthenticateAdmin',

AuthenticateAdmin is being called. I could dd the $request.

Error:

Call to undefined method Illuminate\Database\Query\Builder::can()

Which is the same error I was getting in my blade template

@if (Auth::user()->can('manage_admin'))
                    <li>
                        <a href="/admin/users">
                            {{ Lang::choice('kotoba::account.user', 2) }}
                        </a>
                    </li>

Both of my calls are getting stuck on the ->can ...

@ good news
I've got roles and permissions and sync'ing with user going good!

Any chance we could get the ability to Assign Role by Slug

$user->assignRole('administrator');

instead of having to know the ids of each role

I am using this package in a laravel 5.3 project, but have a problem with the roles. When I create (or edit) a role and do not select a special access I get the errror Warning: 1265 Data truncated for column 'special' at row 1

Also when I try to edit the table in phpmyadmin I get an error when I try to edit the special role. Also when I only chose edit and change nothing I get #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '0) CHARACTER SET utf8 COLLATE utf8_unicode_ci NULL DEFAULT NULL' at line 1

Hi,

is it possible to get the names of the roles or permissions of the specific User?
Something like this: User::find(1)->roles() and then in foreach $role->name
Thanks for the answer.

Since $permissions is only initialized if the user has roles, the array_merge call fails. It also fails if $permissions has less than 2 elements. For these reasons, $permissions could be initialized as [[],[]] in getPermissions to solve these two issues.

Hi ,
I want to use shinobi in my routes , any help to use them because it's not mentionned in the docs

I am getting an error in Laravel 5.1:

Trait method can has not been applied, because there are collisions with other trait methods on App\User

I am using Shinobi 2.2. How do I fix this?

I'm working on a new application with a legacy database and i already have tables populated to manage roles and permissions.

Is there any usage guide for Laravel 5.2 ?
https://github.com/caffeinated/shinobi/wiki/Usage

There should be an option to deny a permission to a user. That way, a user that has a Role with X permissions, could have a specific permission(s) denied from that X without the need to fork the Role.

Best regards,
António Fernandes

I'm trying to put to words how this works.

I originally thought that this was set up such as:

• Roles: Admin, User, Guest
• Permissions: Create, View, Update, Destroy

However, going through the docs it seems that I haven't gotten the premiss of how this works.

Is it?

• Permissions: Access, Manage, ???
• Roles == Models; user, blog, task, todo +++

Also, just wondering ... I created roles and permission controllers so that I can have a web interface for these. Should I extend the roles, and permission models based on yours?

And ..
I did have an issue of access the package models since I had the trait attached to the model but I'm using a repository and had to include it.

Hope you don't mind checking my homework 😊