*/ protected $fillable = [ 'name', 'email', 'role', // default, employee, manage 'password' ]; /** * The attributes that should be hidden for serialization. * * @var array */ protected $hidden = [ 'password', 'remember_token', 'created_at', 'updated_at', ]; /** * The attributes that should be cast. * * @var array */ protected $casts = [ 'email_verified_at' => 'datetime', ]; public function permissions() { // get permissions for this user // note: permissions are linked to users by the user_permissions table // the permissions are in the permissions table // only return valid permissions return $this->belongsToMany('App\Models\Permission', 'user_permissions', 'user_id', 'permission_id')->where(function ($query) { $query->where('user_permission_start', '<=', now())->where(function ($query) { $query->where('user_permission_end', '>=', now())->orWhereNull('user_permission_end'); }); }); } public function allowedTo($permission): bool { if ($this->permissions()->where('permission_name', $permission)->first()) { return true; } return false; } public function atleast($role): bool { $hierarchy = [ 'default' => 0, 'employee' => 1, 'manage' => 2 ]; return $hierarchy[$this->role] >= $hierarchy[$role]; } public static function find($id) { return User::all()->where('user_id', $id)->first(); } }