forgetCachedPermissions(); $permissions = [ // Feedback 'view-feedback', 'create-feedback', 'update-feedback', 'delete-feedback', 'add-interaction', 'close-ticket', 'transfer-department', // Products 'view-product', 'create-product', 'update-product', 'delete-product', // Customers 'view-customer', 'create-customer', 'update-customer', 'delete-customer', // Contracts 'view-contract', 'create-contract', 'update-contract', 'delete-contract', // Channels 'view-channel', 'create-channel', 'update-channel', 'delete-channel', // Tags 'view-tag', 'create-tag', 'update-tag', 'delete-tag', // Dashboard & Export 'view-dashboard-widgets', 'export-data', ]; foreach ($permissions as $permission) { Permission::firstOrCreate(['name' => $permission]); } // Admin: all permissions $admin = Role::findByName('admin'); $admin->givePermissionTo($permissions); // Manager: most except delete and export $manager = Role::findByName('manager'); $manager->givePermissionTo([ 'view-feedback', 'create-feedback', 'update-feedback', 'delete-feedback', 'add-interaction', 'close-ticket', 'transfer-department', 'view-product', 'create-product', 'update-product', 'view-customer', 'create-customer', 'update-customer', 'view-contract', 'create-contract', 'update-contract', 'view-channel', 'create-channel', 'update-channel', 'view-tag', 'create-tag', 'update-tag', 'view-dashboard-widgets', ]); // Staff: read + limited write $staff = Role::findByName('staff'); $staff->givePermissionTo([ 'view-feedback', 'create-feedback', 'update-feedback', 'add-interaction', 'view-product', 'view-customer', 'view-contract', 'view-channel', 'view-tag', ]); } }