Authorization

Overview


The Laravel Framework's policies feature implements authorization.

For more details on policies, please see my Installed Domains doc.

There are three built-in authorization levels for the administrative back-end application:
  • Owner
  • Super Administrator
  • Administrator


  • Owner


  • Owners can do everything
  • You should have as few owners as possible
  • During installation, the first user to set up is an owner. This owner should be "the first among equals" as it is not delete-able:



  • Owners are able to do things for any installed domain, so generally owners belong to the admin domain, the only users to belong to admin

  • Super Administrator


  • The super administrator is restricted to things within the installed domain they are associated with



  • Super admins can do some, but not all, domain management tasks



  • Administrator


    Admins are very limited. Just the blog right now.