User Access Controls

Let's start by defining our roles. There are 3 roles, namely Admin, Moderator and User.

Then there are 3 actions create, update and delete which are controlled by our new AccessRule class and the following rules are applied.

  • create action is available to User, Moderator and Admin roles.
  • update actions is available to Moderator and Admin roles.
  • delete action is only available to the Admin role.

Demo Login

Admin

: admin
: admin

Moderator

: moderator
: moderator

User

: user
: user