Users (#20) will need the ability to update their profiles with Links to their own website and social media profiles. I will probably call the model Profile Links because it will also be used for the profiles of Companies (TIPOFF/seo#13) & Locations (TIPOFF/locations#42) and potentially other polymorphic relationships.

Since these Links will depend on the Domains (TIPOFF/seo#14) & Webpages (TIPOFF/seo#19) models of the SEO package, it makes sense to add them to tipoff/seo instead of this authorization package and just have optional relationships on the User model to Links if the SEO package is installed.

We use the approach of the Role as implemented in the Spatie Permissions package:

https://github.com/spatie/laravel-permission

The application should be launched with the following default roles:

• Admin
• Owner
• Staff
• Former Staff
• Customer

We will require and implement Laravel Cashier (Stripe):

• https://laravel.com/docs/8.x/billing

There should be a PermissionMigration that is extended in all the other packages that has a short format for adding a list of new Permissions (#22) for that package.

The permissions will use the findOrCreate method when added to the table to prevent overwriting the Permission in an app's existing table and changing the id number.

It will also add every Permission in the list to the admin Role.

There should also be a Helper function for adding specific Permissions to the other default Roles (#21).

For the packages that have Nova Resources for models that will now have a relationship with Email Address, I do not want to use the typical "BelongsTo" nova field (https://nova.laravel.com/docs/3.0/resources/relationships.html#belongsto) and instead would like to use a new Custom Nova Field that is similar to the Email field I've been using:

• https://github.com/inspheric/nova-email-field

Let's call the field EmailAddress and it should display the email address from the Email Address model and be clickable using the mailto: HTML link. There should be a button next to it for "Change" if the User has edit Permissions and it will accept an email address and run a findOrCreate() on the model. There will also be a "View" button that takes you to the Nova Resoruce for the Email Address.

Need to display a Nova field for Username and allow admins (and the current user) to edit it. Must have unique check in place.

I want an Email Addresses model that allows Users (#20) to have multiple Email Addresses and to log in with any of the Email Addresses or with the username on the User model.

Email Addresses can only belong to 1 User and are unique in this table. The User relationship is nullable. There must also be a primary boolean that is false by default, but when a User is registered, their Email Address is marked as primary. It can be updated, but a User may only have 1 primary Email Address and they must have 1 primary Email Address.

Before saving the Email Address from tipoff/forms, tipoff/waivers, roberts/leads, or anywhere else an Email Address is saved without a User, the Email Address entry must verify not only that it is unique, but that it passes the standard verification for email address format. In places where a User can be registered such as when creating a Cart in tipoff/checkout or any other packages, the same verification must occur.

Email Addresses also have a validated_at field that will be moved away from the User model. In all of those packages, a custom Validation email should be sent to the Email Address to validate that we are dealing with someone who actually has access to the Email Address.

We use the approach of Permissions as implemented in the Spatie Permissions package:

https://github.com/spatie/laravel-permission

All of the packages that require this tipoff/authorization package should seed (with a migration) the permissions table to include all the permissions in the Policies included in that package. These permissions should be assigned by that package to the Admin role and some of the other default Roles (#21) as applicable.

We will require and implement Laravel Passport:

• https://laravel.com/docs/8.x/passport

With the update of User (#20) to rely on Email Address (#57) and some of the other changes we are making, I want to limit the ability to register as a User in the application. Is there a way from a package to prevent the User Registration page in an application?

This authorization model contains the base User model. It should be migrated from the package but can be extended in the project along with a migration that adds extra rows if necessary to the user table.

Key features:

• Name separated into first & last
• Username
• Password autogenerated (requires email verification)
• Support multiple email addresses
• Laravel Socialite

Need to update the README file to keep it current with package features and document how to best utilize it in a Laravel project.

Need to implement tests for every feature of the package.

This package should install and set up Laravel Socialite:

• https://laravel.com/docs/8.x/socialite

Spatie/permissions migration must not be published. It creates a duplicate migration (and if we use theirs, it won't be dated properly).