My app so far is structured simply where I have an office table, which has a FK to user_id, which obviously comes from User model. So in this case, each user has its own office and therefore should only be able to view their own office records from the ‘fees’ table.
So currently I’m not too sure if what I’ve done is good enough or there is a better way - I have a helper function so that I can simply say something like “Helper::officeName($id)”, in order to get the office related to the $id of the user.
I’m not sure if it feels right the way I’m doing it, so that in the view layout, I have to use the helper to get the office, then run the query based on that office in the WHERE clause.
How is this type of access control done?
Is there a template out there someone can point me to that has this built-in so that I can see how its best done or even just use that out of box ?
Thx