Different user types laravel

Question

I'm fairly new to laravel-5 and I love it so far, but I've come out with this doubt while I was working on my project.

In my app I want different user types, let's say Employee, Admin and Freelance. Every type will have ofcourse, different permissions and acces to pages. Since every user type has different data, I created 3 additional tables to my schema, admins, employees and freelancers, and added a field user_type on the users default table, to link it to the new tables, which have a user_type aswell, keeping my default users table small as possible, just login info.

So I started reading around and I came up with polymorphic relationship on eloquent, which apparently is exactly what I wanted. After implementing those models relationships and migrations, I don't know how to keep moving, and how to check if a user is either freelancer, admin or employee and how to give acces to certain page regarding the usertype.

This is how my User Model looks like:

public function userable()
{
    return $this->morphTo();
}

And this is how one the childs look like:

public function user()
{
    return $this->morphOne('User', 'userable');
}

Answer 1

Since your User model is userable, that means the users table should have the two columns necessary for polymorphic relations: userable_id and userable_type. The userable_type will contain the class name of the owning model (which in your case will be either Admin, Freelancer or Employee). So this will return the user type class:

User::find($id)->userable_type; // Use this to identify the user type

While normalizing the database structure by separating information into different tables and using a polymorphic relation to handle them is very good, I strongly suggest you handle roles in a separate structure. The Entrust package is a very good way of doing that, because it allows for a very robust way of handling user roles and permissions.

Answer 2

You can use the zizaco/entrust package for this. It introduces roles and permissions per role for your users.

In this case, roles are not defined by new models or polymorphic relationships, but simply stored in a roles table. Users and roles are then linked by a pivot table role_user (by default).

Giving access to certain pages becomes really easy:

// Checking for a role
$user->hasRole('admin');

// Checking for a single permission
$user->can('edit-users');

The big advantage of this approach is that you don't have to add new tables, models, migrations et cetera to add new roles and permissions.

In case of "every user type has different data", it really depends on what you mean. If you mean the permissions per role, then this package solves this for you. But if you mean data such as a second address or data that only belongs to certain types of users, I'd consider if it really makes sense to outsource this data to different tables (e.g. if you have a lot of unique data per user type), or if I'd just ignore those extra columns in my users table in cases where they are not needed (maybe make them nullable).

Edit:

No information given on which database is used, but these are cases where i personally like to switch from something like MySQL to a schemaless database like MongoDB. Maybe this is an option for you.