ERP-API/app/Models/User.php

<?php

namespace App\Models;

// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
use Cache;

use Spatie\Activitylog\Traits\LogsActivity;
use Spatie\Activitylog\LogOptions;

class User extends Authenticatable
{
    use HasApiTokens, HasFactory, Notifiable;
    use LogsActivity;

    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
        'password' => 'hashed',
    ];

    public function getActivitylogOptions(): LogOptions
    {
        return LogOptions::defaults();
    }

    public function roles(){
        return $this->belongsToMany(Role::class,'user_role')->with("permissions");
    }

    public function getPermission(){
        $user = $this;
        return Cache::rememberForever("permission_".$this->id, function() use ($user){
            return $user->roles->flatMap(function($role){
                return $role->permissions->map(function($permission){
                    return $permission->code;
                });
            });
        });
    }

    public function checkPermission($code){
        $permissions = $this->getPermission();
        $code_arr = explode(":",$code);
        return $permissions->contains($code) ||  $permissions->contains($code_arr[0].":*");
    }
}