In Laravel what is the best way to associate a user with every CRUD action?
Every user is created with a company_id field. When they view data such as a blog they can only see blog posts that were created by users with the same company_id. Also when they add a blog post it uses their company_id when saving the blog post, which is simply. But what if you have a common url schema website.com/blog/40 if a users types that it they can only access if their logged in with the same company_id.
I know the basic solution is to add the $this->user->company_id if every call to the db but that seems to be very repetitive. Is there a way to add it to the model? So that every time I make a request to the db it goes through the model to verify if this user has the access to view, add, edit, delete the data. Also if there is a blog post would I have to have a company_id column in the blogs db table or can there just be a user_id column and then the table associates itself to the users table and grabs the company_id that way?
In addition this laravel app isn't just a blog, it is going to a have many controllers and features so I want this type of security access tied to every element of the site down to each user.
via Chad Priddle
